433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351

VA’s new EHR hits another outage, as agency reconsiders FY 2024 request for project

The VA on Tuesday experienced a systemwide outage of its Oracle-Cerner EHR that’s currently running at five sites.
http://news.poseidon-us.com/Sn7Bfx

Managed services deal size grew in 2022 despite economy woes

Outsourcing IT remains an effective long-term cost savings strategy for many companies, driving growth in the managed services category.
http://news.poseidon-us.com/Sn5bYv

Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators

By now, most of the industry has realized we’re seeing a shift from the legacy perimeter-based security model to an identity-centric approach to cybersecurity. If defenders haven’t realized this, malicious actors certainly have, with 80% of web application attacks utilizing stolen credentials and 40% of breaches that don’t involve insider threats and user error involving stolen credentials, according to sources such as the 2022 Verizon Data Breach Investigation Report. Compromised credentials were involved in incidents such as the 2021 Colonial national gas pipeline breach, the 2021 Oldsmar Florida water treatment plant attack, and an attack on the South Staffordshire water treatment plant in the UK in 2022, illustrating that these incidents can and have spilled over from the digital realm to the physical, impacting critical infrastructure. To read this article in full, please click here
http://news.poseidon-us.com/Sn5Jkp

New coercive tactics used to extort ransomware payments

The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint Security. The report is based on data obtained from publicly available resources, including threat groups themselves, and insight into the ransomware threat landscape. In the first quarter, GRIT tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups. Increase in public ransomware victims GRIT’s latest report shows a … More → The post New coercive tactics used to extort ransomware payments appeared first on Help Net Security.
http://news.poseidon-us.com/Sn4nMb

VHA already meeting year-end targets to grow its health care workforce

The Department of Veterans Affairs is already meeting one of its goals to grow its health care workforce by the end of the fiscal year, and remains on track to meet its other hiring targets.
http://news.poseidon-us.com/Sn4CQL

Google Cloud finally turns a profit

The third-largest cloud provider generated $191 million in Q1 2023 operating income, its parent company Alphabet reported.
http://news.poseidon-us.com/Sn47my

AI-powered chatbots: the threats to national security are only beginning

The United Kingdom’s National Cyber Security Center (NCSC) recently issued a warning to its constituents on the threat posed by artificial intelligence (AI) to the national security of the UK. This was followed shortly by a similar warning from NSA cybersecurity director Rob Joyce. It is clear there is great concern from many nations surrounding the challenges and threats posed by AI. To get a more rounded view of the dangers of bad actors using AI to infiltrate or attack nation-states, I reached out to the industry and found thoughts and opinions, and frankly, some who opted out of the discussion, at least for now. The NCSC warned that queries are archived and thus could become part of the underlying large language model (LLM) of AI chatbots such as ChatGPT. Such queries could reveal areas of interest to the user and by extension the organization to which they belong. Joyce at the NSA opined that ChatGPT and its ilk will make cybercriminals better at their jobs, especially with the ability of a chatbot to improve phishing verbiage, making it sound more authentic and believable to even sophisticated targets. To read this article in full, please click here
http://news.poseidon-us.com/Sn2Hfq

Siemens focuses on zero trust, legacy hardware, supply chain challenges to ensure cybersecurity of internal systems

Siemens has been working to be on top of vulnerabilities found in its products, but more importantly, to ensure the security of its internal operations. The manufacturing giant that works across several different lines of business, including industrial, smart infrastructure, health care, financial services, is protecting its systems by focusing on three main areas: zero trust, supply chain, and legacy systems. Siemens has grown exponentially through acquisitions in its 166 years and employs more than 300,000 people. Acquisitions mean systems integrations and can often bring cybersecurity risks. “We’re a company of companies,” Helen Negre, who recently took on the role of chief cybersecurity officer for Siemens US, tells CSO. That means that it’s difficult to create a single cybersecurity strategy for the entire company, she explains. To read this article in full, please click here
http://news.poseidon-us.com/Sn2HYn

The double-edged sword of open-source software

The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming organizations, according to Lineaje. Diversity and complexity of the open-source community Lineaje Data Labs analyzed 41,989 open-source components embedded in the top 44 popular projects of the Apache Software Foundation across its last three versions. The analysis revealed that 68% of dependencies are on non-Apache Software Foundation open-source projects. These dependencies … More → The post The double-edged sword of open-source software appeared first on Help Net Security.
http://news.poseidon-us.com/Sn1hrH

‘Start with encouraging employees to speak up’: Lessons from a steady agency in Best Places to Work

For Best Places to Work, the Energy Department moved from 14th place in the 2021 rankings up to eighth place this year for midsize agencies. The agency’s human capital leader says it’s all about encouraging — and acting on — employee feedback.
http://news.poseidon-us.com/Sn1DqM