Share this page!

Eric Geller Profile picture
Twitter logo
Oct 19 7 tweets 2 min read
Speaking at #mWISE, @ncdinglis says Biden's National Cyber Strategy will "probably come out in the next month or two or three, given the processes that exist in Washington."
Inglis says the strategy will address regulation and market forces, the international dimension of cybersecurity, assigning roles and responsibilities to the right people, and "how do we actually get critical infrastructure into the right place."
Inglis says cyber defense is getting better. "Defense, in fact, looks like it's becoming the new offense — not in a provocative way, which is intending to hold others at risk, but that defense can in fact hold its own."
Ukraine exemplifies how cyber defenders are getting better at beating back attacks by working together, Inglis says.

(full quote to follow)
In Ukraine, Inglis says, “we overestimated the power of technology and underestimated the power of people, expertise, and the modality of collaboration — the way in which we apply that expertise." (cont'd)
The Ukrainians are "participating in a collective collaborative defense," Inglis says. "If you're the Russians, you have to beat not just the Ukrainians, but the Ukrainians and Microsoft and Cisco and … Mandiant, and all manner of others." (cont'd)
The Russians "find themselves having to beat many to beat one," Inglis says. "That's a new day. That's different than what we would have experienced 5, 10 years ago, when we were all defending in our stovepipes, fighting alone, being picked off one at a time."

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Eric Geller

Eric Geller Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ericgeller

Eric Geller Profile picture
Oct 17
Speaking at @AuthenticateCon, @CISAJen challenges "my friends in the technology space to adopt a policy of radical transparency around MFA adoption."

She wants them to disclose the % of their customers, sysadmins, and employees enrolled in MFA, broken down by authenticator type.
“We need seatbelts and airbags that are built in, not aftermarket add-ons," Easterly says, calling MFA "the seatbelt of the information superhighway."

Vendors should care, she says, because "safe-by-default and safe-by-design is good for strategic and reputational growth."
“Let's move the responsibility of staying safe away from customers to our incredibly capable vendors," Easterly says.
Read 6 tweets
Eric Geller Profile picture
Oct 14
Truly incredible #Andor episode this week.

Not just the adrenaline rush of the heist, but also the exquisite characterization and exposition packed in alongside the main event.

I continue to be impressed by how effectively they're serving so many people and storylines.
Let’s start with Cassian. I absolutely did not expect him to kill Skeen. Yes, we’ve seen him in cold blood before, but I thought he'd bonded too much with Skeen for that.

Also didn't expect him to take his cut of the job this way, even though we knew he was a mercenary.
Skeen said Cassian was just like him, and that pretty shocking ending proved that, at least for now, he was right.

It's still hard to get used to seeing Cassian like this, but the show is doing it in a way that makes sense.
Read 26 tweets
Eric Geller Profile picture
Oct 14
New: Cellular modems that transmit unofficial election-night results could put the midterms at risk, fueling false fraud claims or letting hackers access sensitive systems and data.

Experts say it's time to ditch modems, but election officials love them.

politico.com/news/2022/10/1… Image
I found that at least 36 counties in Florida, Illinois, Iowa, Massachusetts, Michigan, and Minnesota use modems. D.C. uses them citywide. Rhode Island uses them statewide.

In Florida, 18 counties including Broward (2nd most populous) use modems.
Modems transmit results from voting machines to central computers over cell networks, creating a new way to remotely compromise election equipment.

Hackers could plant malware on voting devices or election management systems, or they could corrupt unofficial results in transit.
Read 13 tweets
Eric Geller Profile picture
Oct 13
Speaking at an Axios event tonight, Anne Neuberger, the deputy national security adviser for cyber, suggests that industry pushback to pipeline cyber rules was partly driven by executives' lack of appreciation for the scope of the threat facing them.

(quote in next tweet)
As the Biden administration digested industry criticism, Neuberger said, they realized, “Here’s a key gap: We see the classified intelligence around threats. … Leaders in that sector need to know that as well.”
After delivering classified threat briefings for pipeline executives, “TSA … used that model of bringing in executives and briefing them with aviation and rail," Neuberger said.
Read 5 tweets
Eric Geller Profile picture
Oct 13
Speaking at Washington Post event, NSC top cyber official Anne Neuberger says Russia may have held off from cyberattacks on Ukraine that would have burned capabilities they needed for intelligence gathering, especially as they got bogged down.
There's "a tradeoff between using accesses for intelligence collection versus attack," Neuberger said. "And it may well be that as the invasion went poorly and continued to go poorly, the priority [was placed on] intelligence collection."
Next cyber regulations from the Biden admin, per Neuberger:

1. FCC rulemaking for "emergency and public warning systems"

2. EPA rule for water sector

3. HHS rule for hospitals, followed by rules for medical "devices and broader healthcare as well"
Read 4 tweets
Eric Geller Profile picture
Oct 13
.@RepJohnKatko is speaking at a Washington Post event this morning on cybersecurity.

"We need to do more to empower Chris Inglis as the national cyber directo," Katko says. "Inglis is the head coach. He needs to have the powers of the head coach."
@RepJohnKatko Katko on calls for more regulation: "The private sector is incentivized to work with CISA. If you get a regulatory scheme, it becomes almost like shirts and skins," where CISA and the private sector feel like they're on opposing teams.
Katko on global cyber norms: "We don't know what should be considered an act of war yet. But I think we need to decide within our team here … what is an act of war in the United States, or is any cyber attack an act of war?"
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

Email the whole thread instead of just a link!

Separate emails with commas

:(