Section 3: Modernizing Federal Government Cybersecurity of the Executive Order is all about government agencies moving to the cloud and doing it right. If you are someone who believes that the cloud has absolutely no place in the industrial control systems (ICS) world, you are going to hate this section.
Today’s blog is going to take a break from analyzing a specific section of the Executive Order on Improving the Nation’s Cybersecurity and focus on who will be impacted by the order.
I got thinking about this last week when Tom Clary posted this insightful comment on LinkedIn:
[This] Executive Order in no way compels private sector critical infrastructure to do anything different. It seems intended to better protect...
On Friday we dissected Section 4: Enhancing Software Supply Chain Security of the new Executive Order on Improving the Nation’s Cybersecurity. Today we will look at Section 2: Removing Barriers to Sharing Threat Information. We’ve also updated the EO14028 Timeline I posted previously to include Section 2 deadlines:
Late Wednesday night President Biden signed the Executive Order on Improving the Nation’s Cybersecurity.
Compared to any Executive Order (EO) I’ve seen, this is a massive and complex policy document: the average length of an EO has been under 3½ pages; most are just 1 or 2 pages. This EO weighs in at 18 pages with 74 actionable directives. Forty-five of those directives have defined due dates, many linked to the completion of other directives....
Verve embeds aDolus’ ability to generate SBOMs and validate components
aDolus Technology Inc., a global authority on software intelligence for critical infrastructure, today announced its partnership with Verve Industrial, a leading industrial control system management and cyber security provider. The partnership brings the power of the aDolus FACT™ platform’s IoT/OT SBOM (software bill of materials) analysis and validation into Verve’s...
Industrial Defender’s integration with the aDolus FACT™ platform ensures updates are valid, tamper-free, and safe to install
aDolus Technology Inc., a global authority on software intelligence for the critical infrastructure software supply chain, today announced its partnership with Industrial Defender, a pioneer in operational technology (OT) security. The collaboration will mitigate the risk of supply chain attacks in ICS environments.
Wrapping up my year on December 31, I was delighted to join ICS cybersecurity luminary Dale Peterson for his December: ICS Security Month in Review episode of the Unsolicited Response Podcast. Dale was kind enough to invite me on to discuss the big stories of December 2020 and to throw out some predictions on what’s in store for us in 2021. Here I’ll present a quick teaser of our discussion; I encourage you to listen to the full podcast.
Just in case you missed it, a software supply chain attack on the US government and industries is consuming the waking hours of everyone involved in cyber security this week. The attack involved the insertion of a compromised DLL infected with the SUNBURST malware directly into the DevOps environment of SolarWinds’ Orion network monitoring and management software. It was a cunning and subtle infiltration: the package was signed with a valid...
aDolus Technology Inc. bested 240 of BC’s most innovative tech startups, winning the New Ventures contest in Canada’s #1 startup ecosystem, boasting over 10,000 tech companies. aDolus received $100,000 in cash and $35,000 in services.
Their SaaS-based system integrates machine learning and decades of security expertise to deliver a ‘trustworthiness’ score for software.
They credit their success to addressing an issue that many organizations face:...
aDolus Technology Inc., a global authority on software intelligence for critical infrastructure, and ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, today announced an integration partnership to improve the security and integrity of firmware for IoT devices in critical industries.