The 5G Supply Chain Blind Spot: A more concerted effort to assess risk from the services supplied by our adversaries is required
Winning the worldwide “race to 5G” is a top priority for the United States. As the global competition unfolds, we have continued to hear about the technological and economic benefits associated with leadership in the wireless domain. Earlier this year, CTIA, a trade association representing the wireless communications industry, released a report that said, “America’s telecommunications operators plan to invest $275 billion to deploy 5G networks, creating 3 million new jobs and adding $500 billion to our economy.” Even though the benefits are undeniable, the U.S. has not relented on the critical security risks that must also be accounted for prior to large-scale nationwide investments in 5G infrastructure.
An FBI bulletin provides an overview and detailed recommendations on how cyberattackers are targeting audio/visual systems to compromise corporate networks along with recommendations on how to prevent such attacks.
The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace. It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward.
Conventional wisdom is telling us that “assumption of breach” is the new normal. Some well-respected names in computer security would have you believe that the appropriate response to such conditions is to increase the cost to the attackers. If you’re too expensive to breach – so the logic goes – the bad guys will go looking for someone else. Maybe someday, when everyone makes hacking too expensive, it will stop.
For all the benefits IT in general and the Internet specifically have given us, it has also introduced significant risks to our well-being and way of life. Yet cybersecurity is still not a priority for a majority of people and organizations. No amount of warnings about the risks associated with poor cybersecurity have helped drive significant change. Neither have real-world incidents that get worse and worse every year.
This post is based on an interview with Andy Lustig at Cooley. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression.
There are places on this planet where good, civilized people simply do not voluntarily go, or willingly stay. What elected governments do in safer and more developed parts of the world are carried out in these areas by despots and militias, often at terrible cost to those who have nowhere else to go and no means to go if they did.
There is something you really need to know about the State of California. They have optimized around a key function that they do very very well. They know how to collect money from corporations. They know how to collect taxes, and know how to levy large fines and collect on them. The business that owes California money will pay, and the State will likely do everything in their power to make sure they pay as much as the law allows. Keep this in mind as you read our guidance on the CCPA.
There are literally hundreds of cybersecurity conferences hosted around the world each year and as a result it can be difficult to determine which conferences provided the highest value in the domain.
While each of these events bring community value in their own unique way, Def Con is the most valuable event of the year for the community. Here’s why.
OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded