Cyber Connections News Roundup: March 8

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 8

Maryland General Assembly Rolls Out More Cybersecurity Protections

Members of the Maryland General Assembly introduced a package of bills to offer more protections to state and local government online networks on March 2 following the discovery of numerous vulnerabilities in the state’s cybersecurity systems, according to a report on https://wtop.com. Del. Patrick G. Young Jr. (D-Baltimore County) and Sen. Katie Fry Hester (D-Howard), who co-chaired the Maryland Cybersecurity Council’s Ad Hoc Committee on State and Local Cybersecurity, and co-chair the Joint Committee on Cybersecurity, Information Technology and Biotechnology, are co-sponsoring the package of bills. The package includes House Bill 1202 and Senate Bill 754, which would require the Maryland Department of Emergency Management to help local governments prepare for the possibility of an attack. Read more.

Cybersecurity Will Be a Priority of the Biden Administration in 2022

A recent article on www.cpomagazine.com offers a survey of the Biden-Harris Administration’s cybersecurity initiatives, a priority of his presidency. Since signing EO 14028, the U.S. Department of Justice (DOJ) announced a Cyber-Fraud Initiative, the U.S. Department of Homeland Security formed a Cyber Safety Review Board (CSRB), and the Federal Trade Commission (FTC) announced its intention to seek enforcement actions against organizations that fail to mitigate known cybersecurity vulnerabilities. It is believed that the government will continue to focus on improving cybersecurity related to the services and products provided by government contractors. Read more.

Senate Passes Critical Infrastructure Cybersecurity Bill  

The U.S. Senate unanimously passed the “Strengthening American Cybersecurity Act” on March 2 to bolster critical infrastructure cybersecurity amid fear of possible Russian cyberattacks in retaliation for U.S. sanctions over its invasion of Ukraine, according to a recent report on https://hehill.com. The bipartisan legislation stipulates entities that experience a cyber incident to report the attacks within 72 hours to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), in addition to alerting the agency about ransomware payments within 24 hours. Affected organizations are required to preserve relevant data and promptly share updates. The Strengthening American Cybersecurity Act of 2022 combines three different bills: the Cyber Incident Reporting Act (CIRA), the Federal Information Security Management Act (FISMA), and the Federal Secure Cloud Improvement and Jobs Act (FSCIJA). Read more.  

New York Establishes First-in-Nation Cyber Operations Center

New York Gov. Kathy Hochul and a group of mayors from around the state on Feb. 22 opened what they called a first-in-nation operations center for state and local cybersecurity needs, according to a recent report on https://statescoop.com. Hochul said the new Joint Security Operations Center, located in Brooklyn, is designed to give New York’s municipalities more assistance in defending themselves from criminal threats like ransomware and potential activity by foreign government-backed actors. The center’s development was inspired partly by post-9/11 counter terrorism policies like the widespread expansion of FBI-led Joint Terrorism Task Forces, which now number more than 200 nationwide. The new cybersecurity center will also serve the private sector and state’s critical infrastructure operators, including the Metropolitan Transit Authority, the New York Power Authority and the Port Authority of New York and New Jersey. Read more.

How Individuals Can Prepare for the Threat of Digital Danger

Although there have been no credible cyberthreats against the U.S. homeland thus far during Russia’s war with Ukraine, a recent article on www.nytimes.com titled, “A Paranoid Person’s Guide to Preparing for Digital Danger,” the Cybersecurity & Infrastructure Security Agency(CISA) has urged organizations and individuals to be prepared for the possibility that the situation could change. For the individual, many of the precautions that we are (or should be) taking now are the same ones are the ones we should take during a heightened cyber warfare climate, such as good digital hygiene. The article urges individuals to ask the following three questions when a strange email arrives: Is it from someone I know? Is it what I was expecting? Is it in the format I was expecting? Read more.