Tuesday, April 18, 2023

Short Takes – 4-18-23

Pacific garbage patch providing a deep ocean home for coastal species. Arstechnica.com article. Pull quote: “Finally, the researchers caution against a natural tendency to think of these plastic-borne coastal species as "misplaced species in an unsuitable habitat." Instead, it appears that they are well suited to life in the open ocean as long as there's something there that they can latch on to.” It seems life adapts.

Amazon Web Services gets set to ignite space accelerator program’s third stage. Geekwire.com article. Pull quote: ““Cloud computing is incredibly important to our business strategy, as handling all of the ITAR restrictions with an on-premises solution would be very difficult – in addition, it allows us to scale to hundreds of thousands of users and anticipate our costs easily,” he said.” Interesting outlook on cloud services.

NERC opposes expanding physical security rules for critical substations following Duke, PSE, other attacks. UtilityDive.com article. Pull quote: “But NERC’s report concluded establishing a “uniform, bright line set of minimum physical security protections” for all BPS substations and associated primary controls centers “is unlikely to be an effective approach to mitigating physical security risks and their potential impacts” because it “fails to provide for a methodical approach necessary to address site-specific threats or objectives.””

Discord flushes leaked docs, reposters after leading FBI to prime suspect. ArsTechnica.com article. Pull quote: “Identifying classified materials unlawfully shared on its platform is not a straightforward process for Discord, though. In a blog, Discord noted that "only authorized government personnel can determine whether a document is classified, unclassified, or even authentic. And currently, there is no structured process for the government to communicate their determinations to platforms like Discord."”

VA’s New Cyber Apprenticeship Program Will Focus on Training for Underserved Veterans. GovExec.com article. Pull quote: “VA is currently developing a strategic communications campaign to outline its recruitment and application processes for the program. Tierney said that effort will also include a more targeted recruitment drive focused on veterans that “have adjacent skill sets and interest,” such as those “that have separated from service within the last five years, as well as veterans in the VET TEC program.” Only five slots in initial program.

Transportation Worker Identification Credential-Facility Reader Requirement; Conforming Amendment. Federal Register CG direct final rule. Summary: “The Coast Guard is amending its Risk Group A facility regulations so that their provisions to implement Transportation Worker Identification Credential (TWIC) electronic inspection requirements by May 8, 2023, is changed to May 8, 2026. This will revise our regulations to conform with recently passed legislation. The James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Authorization Act) was enacted December 23, 2022. A provision within the Authorization Act directs the Secretary of Homeland Security to not implement TWIC reader regulations for certain facilities before May 8, 2026. This conforming amendment will have no substantive effect. Controlling statutory authority already nullifies the May 8, 2023, implementing dates in our regulations. We note there is a separate ongoing rulemaking to address whether the implementation date should remain May 8, 2026, or be moved to a later date. The Authorization Act was enacted after the Coast Guard published the proposed rule for that separate rulemaking.” Effective March 17th, 2023.

National Cybersecurity Center of Excellence Mitigating Cybersecurity Risk in Telehealth Smart Home Integration. Federal Register NIST notice. Summary: “The National Institute of Standards and Technology (NIST) invites organizations to provide letters of interest describing products and technical expertise to support and demonstrate security platforms for the Mitigating Cybersecurity Risk in Telehealth Smart Home Integration project. This notice is the initial step for the National Cybersecurity Center of Excellence (NCCoE) in collaborating with technology companies to address cybersecurity challenges identified under the Mitigating Cybersecurity Risk in Telehealth Smart Home Integration project. Participation in the project is open to all interested organizations.”

No comments:

 
/* Use this with templates/template-twocol.html */