Grants help cyber security education at Jacksonville State University

Jacksonville State University’s Center for Information Security and Assurance received two federal grants to help strengthen cyber security in Northeast Alabama and beyond, according to the University.

“We have so much to protect… not only our privacy, not only our identity, not only our money in the banks, but it’s the whole critical infrastructure,” said Dr. Guillermo Francia, a J.S.U. professor of computer science.

Dr. Francia knows the importance of protecting the nation’s critical infrastructures like power plants, water systems and public transportation systems. For the full article click here 

from critical infrastructure alliance http://ift.tt/1PxFQUF
via IFTTT

CPS Energy issues warning for drone owners

SAN ANTONIO – CPS Energy issued a warning for people who might have purchased or received drones over the holidays.

The utility said over the past few months it had four confirmed spottings of drones flying over critical infrastructure, like power plants.

“You don’t know whether or not the operator behind the drone is someone who’s up to criminal activity or someone who’s just playing with their Christmas gift,” Christine Patmon, CPS Energy spokesperson, said.

Patmon said the utility feared someone might obtain information that could shut down the energy system. For the full article click here 

from critical infrastructure alliance http://ift.tt/1J8S49K
via IFTTT

Ukraine cyberattacks, blackouts heighten fears of US grid vulnerabilities

• A series of cyberattacks caused widespread blackouts in Ukraine last month, and the specter of a similar intrusion taking place in the United States has stoked fears that the country is not prepared, despite laws aimed specifically at shoring up cybersecurity.
• New Hampshire-based Foundation for Resilient Societies (FRS), a nonprofit which advocates to protect critical infrastructure, believes “America is increasingly vulnerable to foreign cyberattack” because of the implementation of a 2005 law aimed at grid hardening.
• Cybersecurity is a rising concern in the U.S., and is complicated by the increasing connected nature of generation, load, monitoring devices and non-utility programs. Last year, several industry groups warned FERC they did not believe the agency had authority to oversee security concerns related to third-party providers on the grid. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Kha0d5
via IFTTT

Dayton releases $220M wish list for water quality upgrades

Minnesota’s aging water treatment plants and sewer systems will start getting some much needed improvements if DFL Gov. Mark Dayton has his way.

Dayton on Thursday proposed a $220 million plan for water and sewer systems. It’s the next step in a water quality agenda that the governor began last year when he pushed for a buffer strip requirement to prevent farm field runoff.

Dayton says Minnesota’s clean, safe and abundant water supply can no longer be taken for granted and that many rural communities are struggling with the added cost of lowering levels of nitrates, phosphorus and other chemicals in drinking water.

He wants a significant government investment to help those communities but also wants to get citizens involved in protecting water from further contamination.

“Everybody needs to understand it’s their responsibility for whatever it is that they’re putting into the public sphere being a quality and standard that they would want their own children to be exposed to. That’s going to take some time, but we’re going to work on in it,” Dayton told reporters. “I’m going to make it a priority, as I did last session, for the remaining three years of my term, and I think we can make some important progress.” For the full article click here 

from critical infrastructure alliance http://ift.tt/1Kha0d3
via IFTTT

ICS-CERT: U.S. critical infrastructure susceptible to cyberattacks

A senior U.S. official said the direct connection of the industrial control systems (ICS) handling the country’s critical infrastructure networks to the internet has led to an uptick in penetrations during the past year.

Marty Edwards, director of the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), told security pros, speaking before security pros at the S4 ICS Security Conference in Miami said the industrial control systems “are just hanging right off the tubes,” according to Reuters.

Edwards did not disclose whether or not the successful attacks that took place in the U.S. resulted in any damage or outages. For the full article click here 

from critical infrastructure alliance http://ift.tt/1JOcV1V
via IFTTT

Jackson Introduces Legislation to Protect Californian’s From Unsafe Drone Use

State Senator Hannah-Beth Jackson (D-Santa Barbara) has just introduced a bill to set comprehensive limits around the use of drones near critical infrastructure such as bridges and power plants as well as in state parks and wildlife refuges, on private property and around the State Capitol.

Senate Bill 868 is partly modeled on legislation recently enacted by the City of Chicago and would establish a comprehensive framework for drone use that prioritizes public safety, privacy and the long-held values of Californians.

“From helping farmers to responding to disasters, there are many innovative and extremely valuable uses for drones, and those uses should be encouraged and allowed to continue,” said Jackson. “But irresponsible or even dangerous operators and their drones should not be able to threaten our safety, our private property, the critical infrastructure we need to keep our state running or our beloved public parks and wildlife refuges. For the full article click here  

from critical infrastructure alliance http://ift.tt/1Kha2So
via IFTTT

THE 3 TIME-BOMB ISSUES CANDIDATES IGNORE

The 2016 presidential campaign has morphed into an enthralling reality show with colorful and entertaining candidates that defy the imagination of a Hollywood scriptwriter.

Acknowledging the campaign’s inherent entertainment value, Showtime, the premium cable channel, has ordered a new “real-time” weekly documentary series aptly named, “The Circus: Inside the Greatest Political Show on Earth” – scheduled to premiere Jan. 17 at 8 p.m.

Sadly, the presidential campaign’s great capacity for amusement obscures deep national discourse needed on many important problems. Chief among them are what I call three “time bomb” issues: infrastructure cyber-attacks, the U.S. government’s unfunded liabilities and apocalyptic Islam. All three are currently careening out of the government’s control with the potential to negatively impact, dramatically alter, or create tremendous chaos throughout our civil society.

Moreover, out on the campaign trail, during debates and in the media, no presidential candidates of either party is raising these issues to the degree warranted by their severity – if at all. For the full article click here 

from critical infrastructure alliance http://ift.tt/1OuQFqG
via IFTTT

RAYTHEON|WEBSENSE IS NOW FORCEPOINT

Forcepoint brings fresh approach to safeguarding users, data and networks from insider and outsider threats 

Austin, Texas – January 14, 2016 – Global cybersecurity leader Raytheon|Websense today unveiled its new company name, Forcepoint™, and multiple new products. Built on the successful integration of Websense®, Raytheon Cyber Products and the recently-acquired Stonesoft next-generation firewall (NGFW) business, Forcepoint brings a fresh approach to address the constantly evolving cybersecurity challenges and regulatory requirements facing businesses and government agencies.

Forcepoint was created to empower organizations to drive their business forward by safely embracing transformative technologies – cloud, mobility, Internet of Things (IoT), and others – through a unified, cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies involved in managing a collection of point security products. The Forcepoint platform will protect against threats from insiders and outsiders, rapidly detect breaches, minimize “dwell time” – the period between compromise and remediation – and stop theft.

“With Forcepoint, organizations can protect users, networks and data in the cloud, on the road, and in the office. We simplify compliance, enable better decision-making and streamline security so that our customers can concentrate on what’s important to them,” said Forcepoint CEO, John McCormack. “We will provide a unified cloud-centric platform to defend against attacks, detect suspicious activity sooner, and give the context needed to decide what actions to take to defeat the attack and stop data theft. Defend, detect, decide, defeat – this is our vision for Forcepoint 4D Security. We have the expertise, financial commitment and ongoing access to unique, defense-grade security technology necessary to deliver on this vision.”

“A platform solution that both simplifies and strengthens security as part of a holistic strategy that includes people, process and technology is a far more compelling value proposition than a simple point solution,” said Dan Wilson, Executive Vice President of Partner Solutions for Optiv, a market-leading provider of end-to-end cyber security solutions.

“Forcepoint’s platform focuses on insider threat protection, cloud data protection and network security. We’re seeing clients ask for these capabilities and are excited to see how Forcepoint delivers.”

 

See the full Press Releases Here : http://ift.tt/1USunmo

from critical infrastructure alliance http://ift.tt/1n3sXeu
via IFTTT

Power plants, utilities ‘just hanging right off the internet’s tubes’

Utilities opening their infrastructure to the internet are creating an irresistible honeypot for criminals, says the US government’s Industrial Control Systems Cyber Emergency Response Team. .

In spite of often being billion-dollar operations with long-standing experience in their industrial control networks, critical infrastructure owners seem to think they can take advantage of the public ‘net for connectivity without a care for security.

While ICS-CERT‘s Marty Edwards, speaking to the S4 conference in Miami this week, didn’t call such operators idiots, he may as well have done. According to Reuters, he came close, saying: “I am very dismayed at the accessibility of some of these networks … they are just hanging right off the tubes.”

Edwards also said the number of attacks on such networks is increasing. With such poor security – and with the number of vulnerabilities listed at ICS-CERT running along at around 100 per year in 2014 and 2015, by The Register‘s quick perusal of it advisories – a successful compromise is inevitable. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Zm3FUy
via IFTTT

D.C.’s infrastructure gets a C-minus — and transportation ranks lowest

Despite recent investments in the District’s infrastructure, it continues to crumble — and in the worst state is the city’s transportation system.

A report card to be released Thursday by the American Society of Civil Engineers gives the city a C-minus, just above failing.

“We keep on falling behind gradually,” said Ranjit Sahai, a professional engineer with the consulting firm RAM in Northern Virginia, who chaired the report.

The District’s grade was pulled down by some of its biggest — and well-known — problems: an embattled transit system, congested roads and two levee systems in need of improvements to reduce the city’s flood risk. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Zm3FEb
via IFTTT

Toowoomba Enterprise Hub gets millions for ‘vital’ road

THE boss of a major freight terminal says funding for a road upgrade will put Toowoomba on the map nationally as a significant transport and logistics hub.

The Queensland Government today announced $2.89 million in funding will go towards a planned upgrade to key infrastructure in the Toowoomba Enterprise Hub at Charlton.

The road upgrade, which includes an asphalt-surfaced, two-lane road, with provision to accommodate trunk public utility plant and other utility service infrastructure, will cost $6,779,700.

Freight Terminals chair John Dornbusch said his group was delighted to be partnering with the Queensland Government and Toowoomba Regional Council.

Council is matching the government’s funding and Freight Terminal is putting in $1 million for the Steger Road Infrastructure Enabling Project.

Mayor Paul Antonio said the upgrade was a turning point in the future of the transport and logistics hub. For the full article click here 

from critical infrastructure alliance http://ift.tt/1J4yPOq
via IFTTT

ISACA 2016 Cybersecurity Snapshot

ISACA’s January 2016 Cybersecurity Snapshot looks at cybersecurity issues facing organizations this month and beyond—from reactions to new cybersecurity legislation, to insights on information sharing and top cyber threats.

Among the key findings from nearly 3,000 IT and cybersecurity professionals worldwide:

• The top three cyberthreat concerns for 2016 are social engineering, insider threats and advanced persistent threats (APTs).
• 84 percent of respondents believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year.
• 72 percent of respondents say they are in favor of the US Cybersecurity Act, but only 46% say their organizations would voluntarily participate in cyber threat information sharing, as outlined in the Act.

See the full results and related insights from cybersecurity experts here:   http://ift.tt/1mR4QPx

Follow the conversation on Twitter: #CyberSnapshot

from critical infrastructure alliance http://ift.tt/1REvx7I
via IFTTT

ICIT Brief: Hacking Healthcare in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient privacy, healthcare organizations and their supply chains must better understand the growing attack surface and the technologies and solutions which can improve their ability to respond to unauthorized network access.

In this brief, entitled “Hacking Healthcare in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach”, the Institute for Critical Infrastructure Technology provides a comprehensive assessment of the threats and healthcare trends which have the greatest impact on health sector security, as well as solutions and strategies to improve resiliency. The report draws from the OPM breach, which is a prime example of the enormous consequences an organization can face by not maintaining and protecting integrated systems.  Specifically, this brief details:

•  The Healthcare System’s Adversaries (script kiddies, hacktivists, cyber criminals, cyberterrorists and Nation State Actors)
• A Multi-Pronged Approach to Meaningful Cybersecurity (people, policies & procedures and technical controls)
• Healthcare in a Digital Age (IoT, sensors, telehealth, remote monitoring, behavior modification devices, embedded devices, mobile applications and data sharing in the Cloud)
• Legislation & Collaboration (21st Century Cures Act, telehealth solutions for veterans, telehealth access expansion, prescription drug monitoring, EHR interoperability, mHealth IRB)

The following ICIT Fellows & thought leaders contributed to this brief:

• James Scott (ICIT Senior Fellow – Institute for Critical Infrastructure Technology)
• Drew Spaniel (ICIT Visiting Scholar, Carnegie Mellon University)
• Dan Waddell (ICIT Fellow – Director, Government Affairs, (ISC)2)
• Jon Miller (ICIT Fellow – V.P Strategy, Cylance)
• Rob Bathurst (ICIT Fellow – CISSP, Professional Services Director, Cylance)
• Malcolm Harkins (ICIT Fellow – Global Chief Information Security Officer, Cylance)
• Greg Cranley (ICIT Fellow Sr. Director of Federal, Centrify)
• Seth Nylund (ICIT Fellow – V.P. Federal, Exabeam)
• Michael Seguinot (ICIT Fellow – Regional Sales Director, Exabeam)
• Steve Curren (Acting Director, Division of Resilience, HHS)
• Rob Roy (ICIT Fellow – Public Sector CTO, Hewlett Packard Enterprise)
• Stan Wisseman (ICIT Fellow – Security Strategist, Hewlett Packard Enterprise)
• Montana Williams (ICIT Fellow – Cybersecurity Evangelist, ISACA)
• Jerry Davis (ICIT Fellow & CIO, NASA Ames Research Center)
• Kevin Stine (Manager, Information Technology Laboratory (Security Outreach and Integration, NIST)
•  Elisabeth George (ICIT Fellow – V.P. Global Regulations & Standards, Philips)
• John Menkhart (ICIT Fellow – V.P Federal, Securonix)
• Stacey Winn (ICIT Fellow – Sr. Product Manager, Raytheon / Websense)
• Ashok Sankar (ICIT Fellow – Security Evangelist, Raytheon / Websense)

Download the brief HERE

from critical infrastructure alliance http://ift.tt/1KdEv3N
via IFTTT

Gwinnett projects getting some of state’s Transportation Funding Act money

Gov. Nathan Deal announced on Tuesday that Georgia will spend $2.2 billion on transportation improvements over the next 18 months, including about $30.1 million in Gwinnett County, as officials begin rolling out the state’s new infrastructure plan.

The projects included in the plan will be the among the first paid for through the state’s new transportation funding formula that was signed into law last year. The projects range from intersection improvements, to roadway, resurfacing and maintenance, and bike and pedestrian projects.

The state has also launched a new website, www.GAroads.org, that will give residents the ability to track the progress and spending on individual projects across the state.

“Over the next 18 months, nearly 60 percent of the projects contracted will be for maintenance of our roads and bridges,” Deal said in a statement. “We are also upholding our promise of transparency through the GA Roads website, which provides clarity through features unprecedented in state history. For the full article click here 

from critical infrastructure alliance http://ift.tt/1SOIoTN
via IFTTT

Cyber resilience for financial market infrastructures

Let me start by expressing my appreciation to the European System of Central Banks’ Payment and Settlement Systems Committee for taking the initiative to organise this workshop on cyber resilience and to the representatives of other authorities and the financial market infrastructures (FMI) community for coming here today to discuss with us this very important topic in the international agenda.

Financial stability usually conjures up questions about capital and liquidity and the network of financial exposures and interdependencies that make up the financial sector. But the sector is an operational network too. On a daily basis it delivers financial intermediation between market participants and end users, whether the transmission of salaries and other payments from one bank account to another or the settlement of market transactions through a web of settlement banks, clearing houses, settlement systems and custodians. As overseers of FMIs, we need to ensure that each of the nodes in this network is operationally resilient and in a position to provide the services that are important to the system as a whole.

We also need to ensure that where disruptions do occur, firms can continue to operate or recover quickly, minimising any adverse impact on the functioning of the system as a whole. For the full article click here 

from critical infrastructure alliance http://ift.tt/1P119nj
via IFTTT

US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack

The power outage last month in Ukraine that put 80,000 people in the dark was the first electricity failure caused by a computer hack, the U.S. Department of Homeland Security has confirmed. Researchers previously suggested that a strain of malicious software known as BlackEnergy, a favorite of Russian hacking groups, was responsible.

The December 23 outage at the Prykarpattyaoblenergo power plant in western Ukraine was a nightmare scenario come true for cybersecurity researchers who have warned it was a question of when, not if, hackers managed to infiltrate a critical infrastructure facility.

DHS issued an advisory Tuesday confirming initial evidence that BlackEnergy malware first infected the plant’s systems after a successful spearphishing email attack, when hackers sent what appears to be a normal message to a high value target. Homeland Security and the FBI are among the international investigators still examining the cyberattack. For the full article click here 

from critical infrastructure alliance http://ift.tt/1RDyBRu
via IFTTT

Cyber security: “Without fair protection at European level, we will be in trouble”

Data breaches can cause substantial damage to consumers, businesses and even governments, as the cyber attacks against Sony in 2014 and against Estonia in 2007 showed. To boost defences against such attacks against its essential services, such as electricity supply and air traffic control, the EU has agreed on a common set of basic cyber security rules. We talked to Andreas Schwab, a German member of the EPP group, who is responsible for steering them through Parliament.

 

Why do we need EU rules on cybersecurity?

 

We need a European approach because we have so many infrastructures that are really interdependent. If we don’t get a fair protection at the European level for these cross-border infrastructures, we will be in trouble.

It’s not about all parts of the infrastructure, but only about the digital parts of it and only in a certain number of sectors, such as energy and transport, which are key sectors for the European economy.

What do the new rules foresee?

First of all, member states have to make sure they target the right infrastructure with this legislation. The directive also foresees a certain number of obligations for operators in the areas concerned: they have to set up systems that will create resilience.  For the full article click here 

from critical infrastructure alliance http://ift.tt/1Oi8ECJ
via IFTTT

Electronic Doomsday for the US?

Contrary to some “expert” analysis, both the recent North Korean nuclear and the Iranian ballistic missile tests are deadly serious threats to the United States.

The danger to the United States is particularly consequential due to the close military cooperation of North Korea and Iran. Their combined capabilities, as demonstrated recently, could very well signal a future nuclear attack of the electromagnetic pulse type, for which the U.S., at the moment, is totally unprepared.

The threat to the United States from an electromagnetic pulse (EMP) attack — the high-altitude detonation of a nuclear weapon over the United States — is so potentially catastrophic that both the 2004 and 2008 reports of the Congressional EMP Commission said so openly — probably in the hope that the public warning would spur the nation and the Department of Defense to action For the full article click here 

from critical infrastructure alliance http://ift.tt/1Oi8BXM
via IFTTT

South Portland makes move to block proposed gas depot

SOUTH PORTLAND, Maine (AP) — South Portland officials are in the process of developing a fire code amendment that would block a controversial proposal for a liquefied petroleum gas depot at Rigby Yard.

The Portland Press Herald reports (http://bit.ly/1RIuRfE ) city council on Monday ordered City Manager Jim Gailey to have municipal staff review a citizen-drafted fire code amendment proposed by Councilor Brad Fox.

The amendment requires propane storage and distribution facilities to be located at least 1,257 feet from anything considered “critical infrastructure.”

Among the things considered critical infrastructure are government buildings. The Cash Corner Fire Station is situated near Rigby Yard, the site for NGL Terminal Supply Co.’s proposed propane depot. For the full article click here 

from critical infrastructure alliance http://ift.tt/1N5vGZJ
via IFTTT

Digi International Launches Industrial-Grade LTE Router for Critical Infrastructures Markets

Digi International®, (NASDAQ: DGII, www.digi.com), a leading global provider of mission-critical machine-to-machine (M2M) and IoT connectivity products and services, today introduced the Digi TransPort® WR31, a rugged, versatile enterprise LTE router built for critical applications operating in harsh environments. The WR31 features advanced security and monitoring and the intelligence to operate on nearly any 3G or 4G LTE network in the world.

Designed for critical infrastructure environments, the WR31 addresses industries that manage a large number of remote assets installed in challenging environments where onsite visits are infrequent or impractical. In addition, by supporting global HSPA+ and 4G LTE networks, the WR31 provides customers the flexibility to future-proof their router installation as wireless network requirements evolve.

Industrial Grade Intelligence to Meet Industry Requirements

At the heart of the WR31 is Digi’s license-free enterprise routing and security software that supports features required for high reliability and high-security applications in utility and industrial markets. The WR31 is ideally suited for SCADA, telemetry and other network operations teams. It is targeted for installation at electric and water utilities, state and municipal traffic agencies, oil/gas production and distribution facilities, and manufacturing automation companies. For the full article click here 

from critical infrastructure alliance http://ift.tt/1mUYijq
via IFTTT

Cyber Threats 2016: Killer Robots, US Presidential Race, Critical Infrastructure, Mobile Payments And More

The line between crime and cybercrime is continuing to blur and 2016 may see hackers rise in prominence as they target individuals, governments, businesses and connected devices to steal data, knock competitors offline and, in some of the most extreme cases, cause real-world damage that could lead to fatalities.

As consumers increasingly store everything from money to memories in the cloud, criminals are similarly putting their resources and efforts into targeting online networks. During the past 12 months we have seen hugely embarrassing data breaches like the one on adultery-promoting site Ashley Madison and at the U.S. Office of Personnel Management.

There’s also been the unveiling of a new elite hacking team called Equation Group linked to the U.S. government and we have  seen connected devices, including guns and cars, being hacked. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Q2XaW6
via IFTTT

(ISC)2 CyberSecureGov 2016 “Inspiring Change Agents in an Environment of Game-Changing Threats”

(ISC)² CyberSecureGov 2016

“Inspiring Change Agents in an Environment of Game-Changing Threats”

 

Date: May 19 & 20, 2016

Location: Walter E Washington Convention Center

801 Mount Vernon Place NW, Washington, DC

Join us for the 4th Annual (ISC)² CyberSecureGov, Inspiring Change Agents in an Environment of Game-Changing Threats.

With a unique perspective on what is at stake, cybersecurity professionals are being called on as agents of change to influence and empower the government’s progress at all levels and in new ways. This year’s CyberSecureGov two-day training event is designed to shake up the status quo and incite progress in new ways.

 

 

• Thursday keynote: Dr. Jennifer Golbeck, Director of the Human-Computer Interaction Lab
• Friday keynote: Dr. David A. Bray, 2015 Eisenhower Fellow, Harvard Executive In-Residence, and FCC CIO
• Panels with industry leaders
• Three dedicated tracks (prevention, detection and resilience)
• Networking with experts and cyber security professionals
• Discount for (ISC)² members, government and academia
• Earn 16 CPEs

 

Potential topics:

• Cloud Security
• Threats and the Advanced Adversary
• Critical Infrastructure Protection
• Automation, Detection and CDM
• Incident Response and Recovery
• Professional Development
• Business, Financial and Risk Implications
• Identity Access Management
• The Privacy Challenge
• Game Changing Solutions

 

For more , click here 

from critical infrastructure alliance http://ift.tt/1OYYdaJ
via IFTTT

MIT Media Lab: Blockchain Could Be A Critical Piece Of Infrastructure For Governments

There has been a shift of focus from bitcoin to blockchain technology in the past few months. Satoshi Nakamoto introduced the concept of blockchain in his white paper “Bitcoin: A Peer-to-Peer Electronic Cash System” in 2008.

Blockchain is nothing but a ledger that records bitcoin transactions – a system that would enable people to transfer money to each other without the need for a third party, such as a bank.

However, in the past couple of months, more and more companies and organizations started to explore the potential of blockchain technology for non-monetary uses. In an article published on the Wired UK, Brian Forde, director of digital currency at the MIT Media Lab, and Michael Casey, senior adviser at the MIT Media Lab’s digital currency initiative, pointed out that entrepreneurs and developers are now proposing writing executable contracts without lawyers on the blockchain and automatically settling the transfer of stocks and bonds without a clearing house. For the full article click here 

from critical infrastructure alliance http://ift.tt/1P40bR3
via IFTTT

Guardtime, Future Cities Catapult Join Forces to Develop Blockchain-Based Cybersecurity

The potential of blockchain technology for non-monetary uses has particularly come to the forefront in the past few months. Bitcoin, the digital currency, can be regarded as the first successful application of the blockchain technology.

Ben Rossi writes on Information Age that as with other open source movements, the different stages of the blockchain ecosystem are being developed: first the core protocols (Bitcoin, Ethereum and other platforms); now middleware, from Consensys; and then applications.

Rossi noted that with security and privacy at the core of the blockchains, a holistic view of the technology includes user identity security, transaction and communication infrastructure security, business security through transparency and audit, and security from malicious insiders, compromised nodes or server failure.

Matthew Johnson, Chief Technology Officer of Guardtime said, “As the world becomes more connected critical infrastructure will be even more exposed to cyberattack and today those tasked with defending infrastructure do not have the tools they need to guarantee the integrity of that infrastructure.” For the full article click here 

from critical infrastructure alliance http://ift.tt/1P40bQX
via IFTTT

Road Safety Market to Soar at a CAGR of 9.1% to 2020 Driven by Rising Road Fatality Rate

The road safety market size is expected to grow from USD 2.35 billion in 2015 to USD 3.63 billion by 2020, at a Compound Annual Growth Rate (CAGR) of 9.1%. Major factors contributing to the growth of road safety market are- increasing road accident/fatality rates and growing government regulations and standards for road safety across the globe.

Complete report on global road safety market spread across 121 pages, profiling 10 companies and supported with 44 tables and 47 figures is now available at http://ift.tt/1SdX5k2 .
The red light enforcement solution is estimated to contribute the largest market share during the forecast period. Furthermore, due to rise in demand from traffic enforcement, detection, and prevention, automatic license plate recognition solution is expected to gain traction and would grow at the highest CAGR in the next five years. The consulting and system integration services is expected to contribute the largest market share in the road safety market and is also expected to grow at the highest rate from 2015 to 2020. For the full article click here 

from critical infrastructure alliance http://ift.tt/1SdX5Ak
via IFTTT

Black & Veatch to Provide Intelligent Infrastructure Expertise to Accelerate Smart City Programs

OVERLAND PARK, Kansas, Jan. 11, 2016 (GLOBE NEWSWIRE) — Black & Veatch has partnered with Envision America. The company will apply its engineering, construction, program management and data analytics expertise to help selected U.S. cities develop and deploy smart city programs. Envision America is a program announced by the White House to advance smart city program planning and implementation.

“U.S. cities are reimagining the way their energy, water, telecom and transportation systems fit together,” said Fred Ellermeier, Vice President and Chief Operating Officer of Black & Veatch’s Smart Integrated Infrastructure practice. “Black & Veatch will apply expertise as cities, and the utilities that serve them, create plans to build and operate these critical infrastructure systems in a more intelligent way.”

Black & Veatch is the only Envision America partner to combine engineering and construction services with smart technology and data analytics expertise. This unique perspective allows the company to look at individual technologies and programs and see how they connect. Black & Veatch then acts as an integrator; working with diverse sets of partner organizations and companies to drive holistic programs that meet smart city goals. For the full article click here 

from critical infrastructure alliance http://ift.tt/1K9t0tY
via IFTTT

‘High confidence’ Ukraine power outage was major cyberattack

Security experts are growing more certain that a Dec. 23 power outage in western Ukraine was a coordinated cyberattack, marking the first time hackers cut off electricity using digital tools.

News of the suspected cyberattack first trickled out late on Dec. 23, when the Ukrainian electricity provider Prykarpattyaoblenergo reported disruptions in and around the city of Ivano-Frankivsk. The hourslong power outage was widespread enough to get the attention of U.S. government analysts and grid security experts keeping a close eye on cyberthreats.

“We assess with high confidence, based on company statements, media reports, and first-hand analysis, that the incident was due to a coordinated intentional attack,” wrote Michael Assante, a grid expert at the SANS Institute, a top security training center based in Bethesda, Md., in a blog post Saturday.

“As a community, the power industry is dedicated to keeping the lights on,” he added. “What is now true is that a coordinated cyberattack consisting of multiple elements is one of the expected hazards they may face.” For the full article click here 

from critical infrastructure alliance http://ift.tt/1SdX5jM
via IFTTT

Lessons Learned About Critical Infrastructure: What’s Good Enough?

Over the past decade, oil and gas companies have invested significant resources in security management, but there are sizable challenges ahead in people and processes.

With massive operational and reputational costs on the line, oil and gas operators recognized the need for, and implemented, security programs a decade ago. The industry has made great strides, but the operating environment’s complexity still present sizable challenges to most operators.

Recently, I had dinner with a respected colleague who is a recognized leader in oil and gas security, having worked in the space for more than a decade. I asked him, what, if anything, would you have done differently from the beginning? For the full article click here 

from critical infrastructure alliance http://ift.tt/1kVjcNG
via IFTTT

Wurldtech: Cyber security for operational technology

Wurldtech, a GE company focused on cyber security for operational technology (OT), has announced the availability of OpShield, a security solution designed to protect critical infrastructure control systems and assets, company officials said in a press release.

The solution provides protection from cyber threats and vulnerabilities found in operational environments, and delivers defense-in-depth for oil and gas, power generation, transportation, healthcare and other industries, they said.

The emergence of OT security
Given the high profile nature of data breaches in recent years, IT security has received more focus and investment than OT cyber security. Yet control systems found in OT environments have unique and often embedded technology design, and have been traditionally managed in environments separate from IT. This has made conventional cyber security solutions ineffective for OT operators and system integrators. For the full article click here 

from critical infrastructure alliance http://ift.tt/1RfaCY8
via IFTTT

Several area counties receive infrastructure grants

REGION — Three local counties and the city of Findlay have received grants to revitalize neighborhoods and downtown business districts, the Ohio Development Services Agency has announced.

The City of Findlay received a $300,000 critical infrastructure grant to improve the drainage in an alleyway in the business district. The project will install 650 feet of storm sewer and nine catch basins and repair 450 square feet of sidewalk and 60 feet of curb.

Hardin County received a $300,000 neighborhood revitalization grant to help the city of Kenton improve 6,748 linear feet of road and install 159 street signs in the city’s Fourth Ward. The project will also install 1,100 linear feet of fencing, purchase equipment for a park and demolish three structures. For the full article click here 

from critical infrastructure alliance http://ift.tt/1RfaAjg
via IFTTT

Philadelphia Water Department requests 11 percent rate hike to fund infrastructure repairs

The Philadelphia Water Department has filed a rate change request of 11.7 percent in a bid to secure funding for critical infrastructure repairs to dozens of miles of aging water mains and sewers in the coming years.

The request, submitted to City Council and Philadelphia’s independent Water Rate Board, would take effect at the beginning of July and would be phased in over a two-year period, raising the average residential bill by $8 per month, as shown in the table below. For the full article click here 

 

from critical infrastructure alliance http://ift.tt/1RfaAjb
via IFTTT

Infrastructure work critical, mayor says

Fixing the city’s infrastructure is a large task and needs to start this year, Mayor Gregg Hull said Thursday.

Hull, guest speaker at the monthly meeting of the NAIOP Rio Rancho Roundtable at Presbyterian Rust Medical Center, gave a presentation about the city’s past year and its goals for 2016.

2015 was a year of economic growth in Rio Rancho, Hull said, citing business openings in Plaza at Enchanted Hills, the Unser Gateway and Mariposa. To continue that growth, he said, the city should refocus on road and infrastructure repair.

“Our businesses are our lifeblood, so if the roads leading to our businesses don’t look good, then the businesses don’t look good,” he said.

Referring to the Rio Rancho 2015 Citizen Survey, Hull noted that 91 percent of residents agree that roads in the city need to be improved and that nine out of 10 would support a tax increase of $10 a year, for a home valued at $100,000, to help fund road projects For the full article click here 

from critical infrastructure alliance http://ift.tt/1kVj9RQ
via IFTTT

Illinois Environmental, Labor Groups Highlight Economic Benefits Of Clean Water Projects

Every $1 billion invested in Chicago-area clean water infrastructure creates or saves an average of 11,200 total jobs and generates an 8 percent economic return over a year.

That’s according to a new report, backed by the Chicago Federation of Labor (CFL) and the Sierra Club, that explores the economic and environmental benefits of local clean water projects, which the groups say are a “win-win-win for Illinois” because they help workers, the economy and the environment.

The report, prepared by the Illinois Economic Policy Institute (ILEPI) and the School of Labor and Employment Relations at the University of Illinois at Urbana-Champaign, was formally recognized at Thursday’s board meeting of the Metropolitan Water Reclamation District of Greater Chicago (MWRD). For the full article click here

from critical infrastructure alliance http://ift.tt/1MXjytA
via IFTTT

Lakeview receives critical funding for storm drainage

A state grant will help replace 1,860 linear feet of storm sewer in Lakeview in the next 20 months.

The village was one of 34 communities in the state to share in $9 million of Community Development Critical Infrastructure, Downtown Revitalization and Neighborhood Revitalization Competitive Set-Aside grants, the Ohio Development Services Agency announced Wednesday.

Lakeview Mayor Ryan Shoffstall said the Logan County Commissioners Office helped with the $312,000 grant application and it will handle the administration of the project.

“The nice thing for us is the county handles the bidding of the project and the administration,” the mayor said. “Some of the engineering for the project is done but more needs to be done.  For the full article click here a

from critical infrastructure alliance http://ift.tt/1Jz38wB
via IFTTT

‘Safe distance’ required by proposed South Portland fire code change

A majority of city councilors appear to support an amendment to South Portland’s fire codes that would require any new propane distribution facility to be located outside a minimum safe distance from critical infrastructure.

Such a change could have negative consequences for a proposed liquid propane distribution facility at the Rigby Rail Yard, which is not far from the city’s Cash Corner fire station.

NGL Supply Co. wants to move its operations from the Portland waterfront to South Portland’s rail yard. However, in addition to possibly being subject to the new fire code amendment, the project may also be subject to a pending moratorium.

On Jan. 12, the South Portland Planning Board is scheduled to hold a public hearing on a moratorium that would prevent the NGL project from moving forward for at least another six months. For the full article click here

from critical infrastructure alliance http://ift.tt/1MXjx8S
via IFTTT

Calif. Budget Plan Boosts Spending but Democrats Seek More

On its face, Gov. Jerry Brown’s proposed $122.6 billion California budget plan would seem to please Democratic interests by pumping billions of new dollars into public schools, health care for the poor and public infrastructure, even as it bolsters the state’s rainy day fund.

Brown touted his income tax credit for the poor, a cost-of-living increase for the elderly, blind and disabled and more funding for universities and colleges when he laid out his general fund plan Thursday. He also urged fiscal prudence, calling for the state to put $2 billion more than legally required into its rainy day fund, bringing it to $8 billion by the end of fiscal 2016.

“You’ve got to plan for the down and level that out,” Brown said at a news conference, pointing to a chart showing the state’s boom-and-bust revenue history. “That’s what I’m trying to do in the budget.”

The Democratic governor’s general fund proposal marks the first step in a months-long dance with fellow Democrats over how much of the state’s surging tax windfall should be devoted to social welfare programs. For the full article click here

from critical infrastructure alliance http://ift.tt/1S8sggB
via IFTTT

Brown’s budget boosts spending in education, health, infrastructure

SACRAMENTO — With years of budget woes fading in the rear view mirror and a few billion extra dollars padding state coffers, Gov. Jerry Brown unveiled his first draft of the next state budget Thursday morning — including the framework of a new tax on managed health care plans that will prevent a cutoff of federal funds.

Still preaching fiscal restraint and prudence, Brown pitched a $122.6 billion general-fund budget plan that he says makes significant increases in funding for education, health care and state infrastructure, while also bolstering the state’s rainy-day fund and continuing to pay down state debts and liabilities. For the full article click here

from critical infrastructure alliance http://ift.tt/1VQd32C
via IFTTT

SSH Communications Security and Cinia Launch Partnership to Secure Critical Infrastructure and Networks

HELSINKI, Jan. 7, 2016 /PRNewswire/ — SSH Communications Security today announced a frame agreement with Cinia Group, a Finland-based provider of intelligent connectivity and transmission services. The agreement enables Cinia to use SSH products to ensure the security of Cinia’s critical infrastructure and data networks, strengthening Cinia’s position in ICT markets with exceptionally high security requirements.

The frame agreement complements Cinia’s offering with data security solutions. SSH products will be available from Cinia as individual components and comprehensive services. New offerings will benefit both existing Cinia clients and new users of cyber secure data connection currently being built between Finland and Germany (such as the C-Lion1 sea cable).

The cooperation between SSH and Cinia marks a new step in Cinia’s strategy to enable international organizations to build cyber secure IT infrastructures and cloud-based environments that respond to their operational needs in the future. At the first stage, the future service environment will benefit organizations with operations in Germany and Finland. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Rvd8Z6
via IFTTT

Dayton communities get $1.5M for upgrades

Ohio is giving grants to revitalize neighborhoods and downtown business districts across the state and the Dayton region.

The Ohio Development Services Agency awarded more than $9 million toward For the full article click here 

from critical infrastructure alliance http://ift.tt/1PLWaUi
via IFTTT

Project ‘Gridstrike’ Finds Substations To Hit For A US Power Grid Blackout

Turns out free and publicly available information can be used to determine the most critical electric substations in the US, which if attacked, could result in a nationwide blackout.

Remember that million-dollar Federal Energy Regulatory Commission (FERC) study in 2013 that found that attacks on just nine electric substations in the US could cause a blackout across the entire grid? Well, a group of researchers decided to see just what it would take for a small group of domestic terrorists to identify the US’s most critical substations — using only free and public sources of information.

While FERC relied on confidential and private information in its shocking report and spent a whopping $1 million in research, researchers at iSIGHT Partners used only so-called open-source intelligence, at a cost of just $15,000 total for 250 man-hours by their estimates. The Wall Street Journal, which obtained and first reported on the confidential FERC report, never publicly revealed the crucial substations ID’ed by FERC for obvious reasons, nor does iSIGHT plan to disclose publicly the ones it found. For the full article click here 

from critical infrastructure alliance http://ift.tt/1S6aH0C
via IFTTT

US solar needs to prepare for new ‘critical asset’ NERC rules

The solar industry is not as prepared as it needs to be to meet upcoming standards from the North American Electric Reliability Corporation (NERC).

Eric Whitley, founder of power system consultants GridSME, said US renewable energy developers are not paying enough attention to NERC’s Critical Infrastructure Protection (CIP) standards.

Intended to protect the grid from cyber terrorism, the latest iteration of these rules from NERC, a quasi-governmental institution overseen by the Federal Energy Regulatory Commission (FERC), will come into effect on April 1, 2016.

“We see both wind and solar entities having a serious lack of knowledge, basic understanding and appreciation as to what is required under the NERC regulatory framework,” said Whitley.

“We’ve seen entities that haven’t even registered with NERC, and that’s a big deal. We have seen a great reluctance and almost an indignation that they are being pulled in because ‘they’re solar, they’re renewable, they’re different’.” For the full article click here 

from critical infrastructure alliance http://ift.tt/1mIqJ3y
via IFTTT

Oil & Gas Stock Roundup: ConocoPhillips, NuStar First to Export U.S. Oil in 40 Years

Oil prices ended the final trading session of 2015 by posting an annual drop of 31%. On the other hand, natural gas continued its rebound from multi-year lows but was still down 19% in 2015.

On the news front, ConocoPhillips (COP – Analyst Report) and NuStar Energy L.P. (NS – Analyst Report) claimed to have loaded the first export cargo of domestic crude oil following recent lifting of the 40-year federal ban.

Overall, it was a mixed week for the sector. While West Texas Intermediate (WTI) crude futures slumped 23% to close at $37.04 per barrel, natural gas prices soared 12% to $2.337 per million Btu (MMBtu). (See the last ‘Oil & Gas Stock Roundup’ here: Shell Cuts 2016 Budget, Chevron Axes 1200 Jobs.)

Oil prices fell in reaction to the U.S. Energy Department’s latest inventory release that showed a surprise increase in stockpiles. Crude received a further jolt after Saudi Arabia said that it won’t limit oil production and is ready to meet any additional demand. For the full article click here 

from critical infrastructure alliance http://ift.tt/1PeDFVZ
via IFTTT

Focus on the road to reform

Engineers put practical solutions above politics in the debate on local government reform, says Vicki Gardiner

LOCAL Government reform and amalgamations … the very topic can lead to drawn swords … depending on who you are talking to.

But most Tasmanians would agree that in a state of just over 500,000 people, 29 councils is a large number.

The sticking point is: why are we talking about local government reform?

As a Tasmanian resident, as well as general manager of Engineers Australia, I can understand the needs and desires of local communities wanting local representation. For the full article click here 

from critical infrastructure alliance http://ift.tt/1OLJAYk
via IFTTT

Minister of Security and Justice to open CIPRE

Critical Infrastructure Protection & Resilience Europe is delighted to announce that Ard van der Steur, Minister of Security & Justice, The Netherlands will be giving on of the keynote address to open this year’s conference in The Hague from the 2nd -3rd March 2016

Ard van der Steur began his career as a lawyer at the law firm NautaDutilh in Rotterdam and later became a partner (1995-2006). Until joining the House of Representatives in 2010 he owned a legal training company and was a part-time lecturer in civil law at Leiden University (2006-2010). In 2009 he became a lawyer at Legaltree Van der Steur Advocatuur.

From 17 June 2010 until his appointment as minister he was a member of the House of Representatives for the People’s Party for Freedom and Democracy (VVD). His areas of interest included criminal and procedural law, the judiciary, prisons and secure psychiatric institutions, probation, firearms legislation, serious crime and victim support policy. He was also a member of the parliamentary committee investigating the Fyra high-speed rail link. For the full article click here 

from critical infrastructure alliance http://ift.tt/1PeDFVW
via IFTTT

Arthur Koster: Millennials will ride high-speed rail

It is absurd for a state that prides itself on leadership and innovation to have such a heavy and vocal opposition to something that embodies those very principles – high-speed rail.

With an ever-teetering economy and an increasing population, our future as leaders and innovators depends on a varied, more efficient infrastructure for transportation that allows for an increased capacity for traveling and commuting. If we want to provide a foundation for a stable economy for the millennial generation and those after, we must invest in infrastructure projects that will provide just that.

Millennials are fast moving, and high-speed rail provides a transportation infrastructure to support that. The high-speed rail network would provide many benefits for millennials by offering faster travel and more job opportunities – both directly through the addition of high-speed rail jobs and the ability to commute to a wider variety of job markets, and indirectly through the increased job opportunities that will be seen with a thriving economy, for which high-speed rail can lay the foundation. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Robt7v
via IFTTT

“Russian” DarkEnergy malware strikes at Ukrainian media and energy firms

Cyber-criminals behind the BlackEnergy trojan made a comeback in 2015, launching attacks against media and energy companies in the Ukraine, according to infosec researchers.

The malware is suspected of being Russian in origin with it being used against politically sensitive targets and industrial control systems.

According to Eset, BlackEnergy went dormant in December 2014 but resurfaced late last year. The malware now uses a new component called KillDisk in attacks against Ukrainian news media companies and against the electrical power industry.

The KillDisk component enables the malware to rewrite files on the infected system with random data and render the OS unbootable. For the full article click here 

from critical infrastructure alliance http://ift.tt/1Z2I5UW
via IFTTT

Treasury finalizes rule for imposing cyber sanctions

As the U.S. looks to get tougher on cyber criminals that threaten the nation’s critical infrastructure, the Treasury Department released an abridged version of a proposed regulation for imposing cyber-related sanctions to foreign actors, whether individuals, groups or nation-states.

A major part of the administration’s strategy to prevent international actors from perpetrating cyberattacks against the U.S. — citizens, companies and, in some instances, the government itself — is a carrot and stick approach, including a multinational community abiding by cyber norms coupled with sanctions on those who stray. For the full article click here 

from critical infrastructure alliance http://ift.tt/1O2kpgy
via IFTTT

Reports of Breaches Show How Vulnerable Critical Infrastructure Is

Typically, holidays are a hot time for a serious cyberattack because offices are quiet and no one is around to monitor things. At the end of this year, however, my email account was not flooded with notifications with breaking security stories.

That’s not to say nothing was reported. A few hours after I shut off my computer for 2015 (but technically not the holiday week), I heard about the discovery of the cyberattack on a New York state dam. The attack happened two years ago, and while considered a breach by Iranian hackers, no serious damage was done, as eSecurity Planet reported:

The hackers are believed to have breached the dam’s control system via a cellular modem. They probed the system, but didn’t take control of it.

As Chris Petersen, CTO and co-founder of LogRhythm, told me in an email For the full article click here                         

from critical infrastructure alliance http://ift.tt/1O2kpgu
via IFTTT

IT security predictions for Australian organisations in 2016

Just days before Christmas, Australia’s popular press was awash with reports of how a security flaw in Hello Barbie, the Wi-Fi connected doll, could be used to spy on the nation’s children.

As the era of the internet of things (IoT) dawns, computer security has taken on a whole new dimension.

Security is no longer just about a virus in your spreadsheet or ransomware closing down a small business, it’s about hackers taking over autonomous vehicles or drones, or shutting down critical infrastructure – or about your children being manipulated without your knowledge. For the full article click here 

from critical infrastructure alliance http://ift.tt/1OGOVtH
via IFTTT

City Council submits Quarter Cent Fund transportation project proposals

AUSTIN (KXAN) — This year was Austin’s deadliest on record when it comes to fatal crashes, with more than 100 deaths. To help assure 2016 doesn’t look the same, each City Council member was asked to submit a list of priority infrastructure projects, due Thursday, to improve transportation in their respective districts.

“It’s just a drop in the bucket of what you can fund when it comes to transportation and mobility infrastructure improvements,” Mayor Pro Tem Kathie Tovo said.

While it may be a drop in the bucket, $1.9 million per district will assure some projects don’t kick the bucket. Earlier this month, council passes a resolution 9-2 to equally, rather than equitably distribute funding from Capital Metro’s Quarter Cent fund to each district. For the full article click here 

from critical infrastructure alliance http://ift.tt/1mtzgqZ
via IFTTT

A model of border cooperation

From the regions of San Diego-Tijuana and El Paso-Ciudad Juarez, two of the world’s largest binational metropolitan areas, through the rural Imperial Valley-Mexicali and Ambos Nogales in Arizona-Sonora, to Laredo-Nuevo Laredo and Brownsville-Matamoros, each binational border community has its own identity and character. Each of these distinct regions serves as a hub of activity where millions of residents of the United States and Mexico live, work and play across an international border.

Last year more than $530 billion in agricultural and manufactured goods were traded through these border hubs, supporting more than 10 million U.S. jobs.

Mexico is the number one trading partner for both Texas and California, with nearly $200 billion in two-way trade between Texas and Mexico and more than $66 billion between California and Mexico in 2014. Much of this trade generated by exports and demand in states other than Texas and California passes through the ports of entry in Laredo, El Paso and Otay Mesa impacting our local streets and roads and the quality of life for border area residents. Unfortunately, the infrastructure to support this economic activity has not kept pace with its growth. For the full article click here 

from critical infrastructure alliance http://ift.tt/1PAqYJx
via IFTTT

Governments Should Resolve Not To Weaken Encryption In The New Year

After the tragic attacks in Paris and San Bernardino, governments around the world are examining how to minimize the risk of similar tragedies. Political, intelligence and law enforcement leaders should be commended for their efforts to promote security. But it is imperative that these measures do not undermine our security and safety online and strip self-defense tools that are more needed than ever.

Lawmakers and presidential candidates, citing concerns about strong encryption, have called for expanded government access to devices and Internet services to prevent and investigate attacks. Some lawmakers want mandates requiring companies to take extraordinary steps to enable government access to secure digital systems and devices — rather than imposing a particular technical system on all providers.

While leaving the problem to Silicon Valley innovators seems like an agreeable compromise, in practice the difficult tradeoffs haven’t changed over the last twenty years. Companies would have to either use incomplete (flawed) encryption in their services at the provider end, or engineer digital encryption systems with a key shared in part with the government or held in escrow for its use. These approaches would create more problems than they would solve. For the full article click here 

from critical infrastructure alliance http://ift.tt/1mtzgqX
via IFTTT

Seismic-activity alarms make every second count before an earthquake

Kent Johansen knew Tuesday night’s earthquake was coming about 13 seconds before it momentarily shook his Burnaby home.

That is because the University of B.C. research associate had installed an alarm connected to the institution’s network of sensors spread across the southern coast of the province to detect the faster, less disruptive tremors that travel through the earth’s crust before an earthquake’s shaking begins. For the full article click here 

from critical infrastructure alliance http://ift.tt/1PAqYJq
via IFTTT