CyberJudicata Weekly Debrief (3/9–13)

This week's Weekly Debrief includes articles covering a number of topics, including NIST exploring DevSecOps framework for agencies, the Cyberspace Solarium Commission's warning, ransomware gangs targeting larger targets, and data privacy news in Washington and NJ.


  • FedScoop – NIST exploring possible DevSecOps framework for agencies

  • ​"The National Institute of Standards and Technology is exploring development of DevSecOps guidance for agencies that would normalize the concept of moving security “left,” back into the software development life cycle."

  • DarkReading – Cyberspace Solarium Commission Slams US Cybersecurity Readiness

  • ​"A new report released today from the federal Cyberspace Solarium Commission opens with a dire warning: 'Our country is at risk, not only from a catastrophic cyberattack but from millions of daily intrusions disrupting everything from financial transactions to the inner workings of our electoral system.'"

  • DataBreachToday – Ransomware Gangs Hit Larger Targets, Seeking Bigger Paydays

  • ​"Targeted ransomware attacks continue to increase as gangs seek to obtain bigger ransom payoffs from larger targets, security experts warn. While attacks against individuals and mom-and-pop shops persist, today's more prized targets are big businesses with deep pockets, John Fokker, head of cyber investigations and red teaming for McAfee Advanced Threat Research, tells Information Security Media Group (see: Ransomware Attacks Growing More Targeted and Professional)."

  • CSO Online – 6 security metrics that matter – and 4 that don’t

  • ​"One of the most challenging executive tasks for CISOs is quantifying the success and the value of the cybersecurity function.Indeed, security leaders and their organizations have used a myriad of metrics over the years. Yet, many executives and board members have complained that those measures failed to provide them with adequate insight or understanding of how well the security department is performing, how it’s improving, and where it’s falling short."


  • GeekWire – Data privacy regulations fail in Washington state legislature

  • ​"A bill that would have enacted data privacy regulations in Washington state failed to pass the state legislature before the session ended Thursday. The bill sought to have the state follow the lead of the European Union and California, the first major governments to grant consumers broad rights for privacy online."

  • – NJ Joins States’ Push For Data Privacy Regulations

  • ​"The march toward state-by-state regulation of Big Tech continues. To that end, lawmakers in New Jersey last week proposed legislation that would toughen data privacy guidelines and limit the information that tech companies can gather (and use) from consumers in that state. With the proposal, New Jersey joins other states such as Washington and Illinois, which have debuted data privacy legislation. Those states also join California, where its Consumer Privacy Act went into effect at the dawn of 2020."

  • NextGov – Don't Let Data Die in the Dark

  • "Who doesn’t have a drawer full of items they might need at some point, but haven’t used in months or even years? We’re all familiar with unintentional hoarding of things that may have been useful at one point but end up collecting dust and taking up unnecessary space. The same is true of data but holding on to it for too long can have serious consequences."

. . .

#cyberjudicata #weeklydebrief

Contact Matross Edwards
Search By Tags
No tags yet.
  • Matross Edwards
  • LinkedIn
  • Twitter