Yeah, I am on vacation this week, but like last
night’s post on the CISA advisories makes clear, I am still watching the
news and my information sources. To keep the wife happy, I will not be writing
any in depth articles (well not many….), but I will publish this short note to
point at potential items of interest. This is the last day of my vacation, but
I am considering continuing the periodic publication of these short posts for
stuff that I don’t normally get around to covering here in the blog due to time
constraints.
The mother of all ‘zero-days’ — immortal flaws in
semiconductor chips. Interesting
article over on theHill.com looking at the failure of the CHIPS Act to
require cybersecurity considerations in supporting new chip manufacturing
supported by that bill. Pull quote: “They [0-day chip vulnerabilities] exist
because it is impossible for designers and manufacturers to test every possible
combination of paths in or out of a device. Zero-days enable destructive
cyberattacks on physical systems.” Not a new problem by any measure.
CISA's Cyber Info-Sharing Program Didn't Always Deliver,
Watchdog Says. Interesting
article on DefenseOne.com about DHS OIG report on CISA information sharing
problems. Link
to report. Pull quote: “Although CISA generally increased the number of AIS
participants and number of cyber threat indicators shared and received, the
quality of the cyber threat indicators was not adequate for participants to
take necessary actions”.
OMB Approves CISA Cybersecurity Reporting ANPRM. OIRA approves
‘pre-rule’ submission by CISA. Should be in Federal Register this week.
NOTE: I should be publishing my weekly Public ICS Disclosure
post tomorrow. It looks like it should be fairly short.
Posts
No comments:
Post a Comment