There were many vital takeaways from our recent What’s Next? interview with Dr. Melissa Flagg and Dr. Jennifer Buss on the Chips and Science Act of 2022, but the most crucial insights from Flagg and Buss were about the future role of the Department of Commerce and the NIST (National Institute of Standards and Technology, which is housed at Commerce) in the implementation of the legislation.
The implementation of the Chips and Science Act of 202 is, arguably, a marathon not a sprint (although the three to five-year timeline of the law is structured as a spring, which is a telling data point in and of itself). OODA Loop is tracking this implementation phase. In the last few weeks, Commerce and NIST both provided the following signals and outcomes.
The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain. “[Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (C-SCRM)] encourages organizations to consider the vulnerabilities not only of a finished product they
Global IT Supply Chain Disruptions Should Bolster Innovation and Cybersecurity with North American Allies
Global IT supply chain disruptions (ransomware, semiconductor shortages) necessitate business leaders and policymakers to take a fresh look at the Information Communications Technology (ICT) and Cybersecurity Strategy for North America. What are the ICT innovation and investment climates in Mexico and Canada? Is ICT investment part of the solution for the creation of regional economic development initiatives in Central America? ICT and Cybersecurity “trade” agreements need to take center stage in all multilateral policy interactions in the hemisphere in the next few years. Ryan Berg from the Center for Strategic and International Studies (CSIS) has released a timely report on these issues.
NIST Cybersecurity Framework Gains Private Sector Traction and Other Noteworthy Cyber Efforts from the Institute
In our recent OODA Loop Stratigame – Scenario Planning for Global Computer Chip Supply Chain Disruption – in all four scenarios we determined that public-private partnership in the cybersecurity marketplace, including the establishment of industry-wide frameworks and standards, will be crucial. Organizations like the National Institute of Standards and Technology (NIST) will figure prominently in such efforts – and that means scanning the horizon for worthwhile government cybersecurity efforts which make sense for your company’s design innovation process, business models, and ideas around value creation and capture. To start, there is plenty of activity over at NIST related to cybersecurity worth a review.
Google’s Cybersecurity Action Team was launched in early October of this year, as part of the company’s $10 billion pledge to strengthen cybersecurity, all of which grew out of the launch in August, by CISA Director Jen Easterly, of the CISA JCDC (Joint Cyber Defense Collaborative). Google is a partner company with CISA in the JCDC. The Cybersecurity Action Team’s efforts begin with Google Cloud. They recently released their first publicly available intelligence offering – Threat Horizons, Cloud Threat Intelligence, November 2021, Issue 1.
Microsoft officials have warned that Russia’s intelligence apparatus has been engaged in another campaign to gain unauthorized access into thousands of U.S. government, corporate, and think tank networks. The ongoing cyber-espionage campaign appears to be focused on acquiring data that is stored in the cloud.
The activity further underscores Russia’s intent to target and compromise any entity that it feels vital to supporting its intelligence interests. The target list may be expansive, as a recent Microsoft report claimed more than half of nation-state attacks detected by the company have come from Russia.
2021 is the first year of the US Cyber Games – part of a global competition that will recognize cyber athletes who can work in competitive environments to successfully operate in cyberspace.
On October 5, 2021, the first-ever US Cyber Team was announced at the US Cyber Games Draft Day in Las Vegas, Nevada.
On Draft Day, the 50 elite players from the US Cyber Combine Invitational comes down to the final 20 athletes who will be announced as members of the first U.S. Cyber Team. The Team will represent the United States at the inaugural global competition: The International Cyber Security Challenge (ICSC) held in Athens, Greece in June 2022.
In Florida, the National Institute of Standards and Technology deployed officials to Surfside to conduct comprehensive technical investigations on the aftermath of the Miami condo collapse. The building, the Champlain Towers South Condominium, partially collapsed on June 24, killing dozens. The investigators were deployed to use technology to investigate the
The National Institute of Standards and Technology has requested information that will help aid its insights into China’s relevant policies and moves to set international standards that govern the use of emerging technologies. The NIST published a notice earlier this week pertaining to the request for information. The move is