26 Sep 2022

Commerce, NIST and Implementation of the CHIPS and Science Act of 2022

There were many vital takeaways from our recent What’s Next? interview with Dr. Melissa Flagg and Dr. Jennifer Buss on the Chips and Science Act of 2022, but the most crucial insights from Flagg and Buss were about the future role of the Department of Commerce and the NIST (National Institute of Standards and Technology, which is housed at Commerce) in the implementation of the legislation.

The implementation of the Chips and Science Act of 202 is, arguably, a marathon not a sprint (although the three to five-year timeline of the law is structured as a spring, which is a telling data point in and of itself). OODA Loop is tracking this implementation phase.  In the last few weeks, Commerce and NIST both provided the following signals and outcomes.

Read More
10 May 2022

NIST updates guidance for cybersecurity supply chain risk management

The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain. “[Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (C-SCRM)] encourages organizations to consider the vulnerabilities not only of a finished product they

Read More
02 Dec 2021

Global IT Supply Chain Disruptions Should Bolster Innovation and Cybersecurity with North American Allies

Global IT supply chain disruptions (ransomware, semiconductor shortages) necessitate business leaders and policymakers to take a fresh look at the Information Communications Technology (ICT) and Cybersecurity Strategy for North America. What are the ICT innovation and investment climates in Mexico and Canada?  Is ICT investment part of the solution for the creation of regional economic development initiatives in Central America? ICT and Cybersecurity “trade” agreements need to take center stage in all multilateral policy interactions in the hemisphere in the next few years. Ryan Berg from the Center for Strategic and International Studies (CSIS) has released a timely report on these issues.

Read More
01 Dec 2021

NIST Cybersecurity Framework Gains Private Sector Traction and Other Noteworthy Cyber Efforts from the Institute

In our recent OODA Loop Stratigame – Scenario Planning for Global Computer Chip Supply Chain Disruption – in all four scenarios we determined that public-private partnership in the cybersecurity marketplace, including the establishment of industry-wide frameworks and standards, will be crucial. Organizations like the National Institute of Standards and Technology (NIST) will figure prominently in such efforts – and that means scanning the horizon for worthwhile government cybersecurity efforts which make sense for your company’s design innovation process, business models, and ideas around value creation and capture. To start, there is plenty of activity over at NIST related to cybersecurity worth a review.

Read More
29 Nov 2021

Google Cybersecurity Action Team Releases First Cloud Threat Intel Report

Google’s Cybersecurity Action Team was launched in early October of this year, as part of the company’s $10 billion pledge to strengthen cybersecurity, all of which grew out of the launch in August, by CISA Director Jen Easterly, of the CISA JCDC (Joint Cyber Defense Collaborative). Google is a partner company with CISA in the JCDC. The Cybersecurity Action Team’s efforts begin with Google Cloud. They recently released their first publicly available intelligence offering – Threat Horizons, Cloud Threat Intelligence, November 2021, Issue 1.

Read More
26 Oct 2021

Global IT Supply Chain Security – The U.S. Needs to Step Up Its Game

Microsoft officials have warned that Russia’s intelligence apparatus has been engaged in another campaign to gain unauthorized access into thousands of U.S. government, corporate, and think tank networks. The ongoing cyber-espionage campaign appears to be focused on acquiring data that is stored in the cloud.

The activity further underscores Russia’s intent to target and compromise any entity that it feels vital to supporting its intelligence interests. The target list may be expansive, as a recent Microsoft report claimed more than half of nation-state attacks detected by the company have come from Russia.

Read More
14 Oct 2021

First-Ever U.S. Cyber Team Announced to Compete in Athens at the ICC in June 2022

2021 is the first year of the US Cyber Games – part of a global competition that will recognize cyber athletes who can work in competitive environments to successfully operate in cyberspace.

On October 5, 2021, the first-ever US Cyber Team was announced at the US Cyber Games Draft Day in Las Vegas, Nevada.

Read More
29 Sep 2021

What are the US Cyber Games?

On Draft Day, the 50 elite players from the US Cyber Combine Invitational comes down to the final 20 athletes who will be announced as members of the first U.S. Cyber Team. The Team will represent the United States at the inaugural global competition: The International Cyber Security Challenge (ICSC) held in Athens, Greece in June 2022. 

Read More
15 Jul 2021

NIST Turns to Technology in its Technical Investigation of the Florida Condo Collapse

In Florida, the National Institute of Standards and Technology deployed officials to Surfside to conduct comprehensive technical investigations on the aftermath of the Miami condo collapse. The building, the Champlain Towers South Condominium, partially collapsed on June 24, killing dozens. The investigators were deployed to use technology to investigate the

Read More
17 May 2021

NIST Wants Help Assessing China’s Influence on Emerging Technology Standards

The National Institute of Standards and Technology has requested information that will help aid its insights into China’s relevant policies and moves to set international standards that govern the use of emerging technologies. The NIST published a notice earlier this week pertaining to the request for information. The move is

Read More