One Step Forward… To Resilience, Perseverance, and Success – ICD Brief 113.

ICD Brief 113.


Greetings from a restive and somewhat festive Washington DC. The news of the week includes:


A Special Section of “Consequential Reads” for our two-week holiday break.

The Atlantic

I look forward to sharing your Comments in upcoming editions.


Senate Democrats set lineup for cyber committees

“Fantasy Senate picks —Senate Minority Leader Chuck Schumer on Thursday announced Democratic committee assignments for the 116th Congress, which still must be ratified by the full chamber in January. Notable additions to the most cybersecurity-oriented panels include:”

Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing

“WASHINGTON — The cyberattack on the Marriott hotel chain that collected personal details of roughly 500 million guests was part of a Chinese intelligence-gathering effort that also hacked health insurers and the security clearance files of millions more Americans, according to two people briefed on the investigation.”

Bitcoin bomb threats sweep U.S., Canada, but lack credibility

“WASHINGTON (Reuters) – A rash of bomb threats were emailed on Thursday to hundreds of businesses, public offices and schools across the United States and Canada demanding payment in cryptocurrency, but none of the threats appeared credible, law enforcement officials said.”


Govts agree to coordinate national cyber incident response

“Australia’s federal, state and territory governments have agreed to a new structure on how they will coordinate with one another in the event of a national cyber incident.”


Preparing for Cyber Conflict – Case Studies of Cyber Commandby Piret Pernik

“This is the first publicly available comparative study of the military cyber organisations in five European countries: Estonia, Finland, Germany, the Netherlands, and Norway.

The study examines strategic guidelines, political authorisation of international deployments, organisational set-up, the chain of command, and key functions of three categories of military cyberspace forces: cyber commands (Estonia, the Netherlands, Norway), military cyber services (Germany), and cyber defence divisions (Finland).”


EU negotiators reach agreement on cybersecurity act

“Representatives from the European Commission, Council and Parliament on Monday (10 December) evening banded together to strengthen the bloc’s Cybersecurity efforts, reaching agreement on the EU’s cybersecurity act.”

Implementing Medical Device Regulation – COCIR Half-Time Assessment

“26 May 2020 is rapidly approaching; with a further 18 months to go, we are now at the midpoint for the implementation of the Medical Device Regulation. The European Commission recently published their implementing measures rolling plan for the Medical Device Regulation (MDR) and In-vitro Diagnostics Regulation (IVDR)1, following the publication of the CAMD roadmap2 last year. This makes it an appropriate time to assess where we stand in the implementation and map the way forward.”


Orange Unveils, AI, 5G, Cybersecurity Plans

“Stéphane Richard, Chairman and CEO of the Orange Group explained that: ’To fight digital exclusion, Orange chooses inclusive innovation: useful and simple innovations that are accessible to the greatest possible number of people. To do so, we deploy the best fixed and mobile networks across the country.”

Middle East

Warnings As Destructive ‘Shamoon’ Cyber Attacks Hit Middle East Energy Industry

“Warnings have gone out over a fresh assault on energy companies operating in the Middle East as at least two companies operating in the region were hacked with highly destructive malware designed to wipe systems and render them inoperable.”

Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests


Polish anti-terror law praised by hybrid threat expert: report

“Polish anti-terror laws have been praised as a model for creating legislation in other EU and NATO countries, according to a report.”


NHS spends as little as £238 per trust on cyber security and training despite WannaCry attack which cost the health service £92million and cancelled 20,000 appointments

“The NHS‘s lack of cyber security is ‘alarming’, experts have warned after they discovered huge gaps in spending and training across the health service.”

Consequential Reads

Mapping the Future: Dealing with Pervasive and Persistent Threats  Trend Micro

“Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.”

The Divide Between Silicon Valley and Washington Is a National-Security Threat  The Atlantic

Amy Zegart   and Kevin Childs

“Closing the gap between technology leaders and policy makers will require a radically different approach from the defense establishment.”

Smart mobs in Paris: let them be social French Caldwell

FrenchCaldwell LLC

“Key takeaways:

1 – With modern social technologies, political movements can coalesce in days, maybe hours

2 – The weak political center and struggling traditional political parties in France provide an opening for the emergence of more political movements enabled through social technologies\

3 – Government leaders should be prepared with strategies to predict, engage, monitor, and respond to rapidly emerging political movements”

Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret

By Jennifer Valentino-DeVriesNatasha Singer, Michael H. Keller and Aaron Krolik  New York Times

“Dozens of companies use smartphone locations to help advertisers and even hedge funds. They say it’s anonymous, but the data shows how personal it is.”

Stopping Data Breaches Will Require Help from Governments Harvard Business Review

Samir C. Jain and Lisa M. Ropple are partners at Jones Day.

“Not a month goes by without a major corporation suffering a cyber attack. Often state-sponsored, these breaches are insidious, difficult to detect, and may implicate personal information relating to millions of individuals. Clearly, the current approaches to safeguarding sensitive data are insufficient. We need to reorient expectations for the role of the private sector in cybersecurity. As the risk of cyberattacks has become better appreciated, we see an increasingly punitive focus on holding corporate America solely responsible.”

The Wired Guide to 5G – Klint Finley

“The future depends on connectivity. From artificial intelligence and self-driving cars to telemedicine and mixed reality to as yet undreamt technologies, all the things we hope will make our lives easier, safer, and healthier will require high-speed, always-on internet connections. To keep up with the explosion of new connected gadgets and vehicles, not to mention the deluge of streaming video, the mobile industry is working on something called 5G—so named because it’s the fifth generation of wireless networking technology.”

This entry was posted in Weekly Brief. Bookmark the permalink.

Comments are closed.