Volume LX, Issue 1

In This Issue

Industry of Things World USA Is Coming

Excerpted from weCONECT Announcement

The DCIA co-sponsored Industry of things World USA (IoTW-USA) is just three short weeks away and the community keeps growing.

Boeing, Donaldson Company, FCA Group, Hitachi, Kimberly Clark, Koike Aronson, Nemak, and Olympus are the latest companies to assign delegations to the event taking place on February 20th and 21st in San Diego, CA.

Please access the current attendee list here.

In cooperation with our partner, The Qt Company, we are also pleased to offer five VIP passes for IotTW-USA.

The Qt Company would like to share its insights in an IoT whitepaper and Infographic that defines and illustrates the requirements for developing an IoT tech strategy in terms of productivity, backbone, framework muscle, ubiquitous connectivity, scalability, and extensibility.

Feel free to forward the event agenda and attendee list to your colleagues to inform them about the event and contact info@dcia.into should you need any further information… Read More

Rounds on Cybersecurity Subcommittee

Excerpted from Morning Consult Report by Brendan Bordelon

Senator Mike Rounds, Chairman of the recently created Senate Armed Services Subcommittee on Cybersecurity, views cyberspace like any other battleground.

“Cyberwar is more than simply stealing emails,” the South Dakota Republican said Tuesday in an interview with Morning Consult.

“Cyberwar is where you’re doing damage that, if it was done using a different weapon – a kinetic weapon, a bomb or a missile – everyone would say, ‘Look, you just damaged our infrastructure.”

“You just messed up the New York Stock Exchange. You just blew up a dam.'”

In Rounds’ view, there is little difference between a missile attack on key US targets and a cyberattack that accomplishes the same kind of destruction.

Rounds said the cybersecurity panel’s first task will be to help the Defense Department craft guidelines for responding to cyberattacks – particularly those perpetrated by hostile states – that mirror the way the Pentagon responds to bombs and bullets… Read More

DCIA Co-Sponsors Intrasect

Excerpted from WorldTEK Announcement

The DCIA is pleased to partner with WorldTEK Events to bring Intrasect to Washington, DC on June 29th and 30th.

Intrasect will be the first conference of its kind to engage key stakeholders in a comprehensive and engaging examination of existing and future regulatory policy governing the usage of commercial autonomous vehicles.

WorldTEK will provide a premier program for hundreds of delegates including congressional policy makers, technology experts, commercial innovators, and others.

Topics will include detect-and-avoid technologies, last-mile economics, integration into manned systems, cybersecurity, insurance and risk containment, operating standards, vehicle tracking, state vs. federal mandates, public perceptions, privacy issues, and urban planning.

Worldwide research and development of commercial applications for autonomous air, land, and sea vehicles is well underway and, in fact, much further ahead of the regulatory and policy agencies now working to adapt governance to the commercial usage of autonomous technology.

Intrasect will be the first conference to address the push-pull that exists between commercial usage of autonomous vehicles and laws… Read More

Report from DCIA CEO Marty Lafferty

Click Here for Video.

The DCIA is pleased to report that the Email Privacy Act (HR 387), which has the full support of our organization, will be on the House of Representatives suspension calendar for Monday.

The bill is very similar to the version that passed the House in the 114th Congress, but did not have time to clear the Senate before its final recess.

Earlier this week, the DCIA joined with more than sixty other trade organizations, public interest advocates, and technology companies in signing onto a letter to Congress urging passage of the measure.

Other signers include distributed computing industry leaders Adobe, Amazon, Cisco Systems. Dropbox, Facebook, Google, IBM, Microsoft, Spotify, Twitter, Verizon, and Yahoo.

HR 387 will update the 1986 Electronic Communications Privacy Act and end the arbitrary rule that allows law enforcement to obtain data stored in the cloud without a warrant after 180 days.

It will provide citizens with the same level of privacy assurance for their digitally maintained information as they expect for physical property that they own.

The bill represents true bipartisan, commonsense reform of privacy and was endorsed unanimously by the House of Representatives in the previous session.

Moreover, its changes reflect current practices by the Department of Justice (DoJ) and FBI to require law enforcement officials seeking content to obtain a search warrant.

Share wisely, and take care.

GOP Expects Sweeping Change at FCC

Excerpted from The Hill Report by Harper Neidig

Republicans are eager to turn the page at the Federal Communications Commission (FCC) after eight years of policies under President Obama that they say have stifled innovation and burdened the tech sector.

President Trump’s appointment of Ajit Pai as FCC Chairman has raised hopes that many of the rules and regulations enacted under Obama – including the controversial net neutrality rules – will soon be on the chopping block.

Pai fought against the enactment of former Chairman Tom Wheeler’s signature Open Internet Order, which codified net neutrality, the idea that all internet traffic should be treated equally.

Republicans like Pai denounced the FCC order for reclassifying internet service providers as utilities.

The move subjected internet providers to heavier regulation, with the FCC effectively taking over regulatory jurisdiction on issues like privacy from the Federal Trade Commission (FTC).

Congresswoman Marsha Blackburn (R-N), who tried to roll back the net neutrality order through legislation, said Republicans are deliberating how to tackle net neutrality now that the party is in charge of both the executive and legislative branches… Read More

Federal Government Must Prioritize Mobile

Excerpted from FCW Report by Bob Stevens

The Presidential Commission on Enhancing National Cybersecurity and the Center for Strategic and International Studies (CSIS) both released reports recently that share a pressing message: the US government must address mobile security now.

“The days of employees working only at an office using an organization-issued desktop computer fully managed by the organization are largely over,” the Cybersecurity Commission states in its report.

“Mobile technologies are heavily used by almost every organization’s employees, yet security for mobile devices is often not considered as high a priority as security for other computing platforms.”

Employees in the public sector use mobile devices every day to get their jobs done, whether supervisors know about it or not.

Fully 40 percent of employees at agencies with rules prohibiting personal smartphone use at work say the rules have little to no impact on their behavior, according to a Lookout survey.

Further complicating the issue, 64 percent of IT security leaders say it is very likely that sensitive data is present… Read More

Trump to Face Major Cybersecurity Challenges

Excerpted from National Defense Magazine Report by Yasmin Tadjdeh

As top US intelligence officers state that Russia engaged in a major cyber campaign to influence the 2016 election, experts are mulling over how President Donald Trump will tackle cybersecurity issues during his administration.

During his campaign, Trump said cyber matters would be an immediate and top priority for his administration.

Trump plans to order an assessment of all US cyber defenses and vulnerabilities by a review team made up of individuals from the military, law enforcement, and private sector, he said on his campaign website.

“The cyber review team will provide specific recommendations for safeguarding different entities with the best defense technologies tailored to the likely threats,” he said.

Trump also plans to beef up the nation’s offensive cyber capabilities to mitigate attacks from state and non-state actors and wants to “enhance” US Cyber Command.

In December, Trump appointed Thomas Bossert as his administration’s assistant to the president for homeland security and counterterrorism, which will have a heavy focus on cybersecurity… Read More

New Senate Cybersecurity Subcommittee

Excerpted from FedScoop Report by Chris Bing

The Senate Armed Services Committee has a new subcommittee focused on cybersecurity, with Mike Rounds (R-SD), serving as Chairman and Bill Nelson (D-FL), as ranking member.

The Cybersecurity Subcommittee’s founding follows the historic publication of evidence by the U.S. intelligence community linking Russian government officials to an extensive hacking campaign aimed at US politicians, political organizations, think tanks and lobbying firms.

While Nelson has cosponsored a handful of bills loosely related to cybersecurity policy since taking office in 2001, Rounds, who is two years into his first term, will take the Chairmanship with limited relevant experience.

In early January, prior to the appointment, Rounds wrote an op-ed that appeared in Fox News’ opinion page about federal cybersecurity strategy:

It should be apparent to all Americans that the United States is not immune to damaging cyber-attacks from hostile foreign nations and other bad actors.

We must update our national security policies to deter such attacks before a future debilitating attack occurs… Read More

Cybersecurity Trends to Watch in 2017

Excerpted from Business2Community Report by Eric Basu

Today, North American households play host to an average of 13 internet connected devices.

It’s at times like these when parties of all sizes should be relying on the expertise of IT professionals – however, a recent report showed that more than 80% of cybersecurity experts say there’s a deficit of skilled workers in the sector, and nearly as many said this has a serious impact on the compromising of devices and applications by cyberattacks.

That’s the theme of the new year we’re in: no device nor individual is safe from the wrath of cyberattacks.

Take a look at the cybersecurity trends that started in 2016 and are expected to continue to make news throughout the new year.

Cybersecurity issues have been, and will continue to be, dominated by the rise in botnets targeting Internet of Things (IoT) devices with Distributed Denial-of-Service (DDoS) attacks.

In 2016, we saw hackers harnessing the power of smart devices to take down large domains and internet providers, affecting thousands of websites, including Twitter and Spotify… Read More

Skills Gap for Cybersecurity Workers

Excerpted from Wall St. Journal Report by Angus Loten

US companies, girding for an expected clampdown by the Trump Administration on hiring foreign IT workers, are facing fierce competition for cybersecurity professionals at home, according to a report by job-search site Indeed.com.

Jobseekers nationwide responded to just 66.7% of all cybersecurity jobs posted on the site between July and September last year, suggesting demand outweighs supply, the report said.

That’s up from 60% over the same period in 2014, but below a 68.7% rate for similar job postings in Canada.

The results are based on aggregated and anonymized data from jobseeker and employer behavior on the site, researchers said.

Among all 10 countries analyzed in the report, the U.S. and Canada were the only two where jobseeker interest exceeded more than 50% of employer demand.

Yet a “skills gap” of varying degrees was found in every country, the report said.

Jobseeker interest in the UK, Brazil, and Germany were all below 35% of posted jobs, while Israel had the worst response rate, at 28.4%… Read More

Using Threat Modeling to Prove Security

Excerpted from CSO Online Report by Michael Santarcangelo

Do you threat model? If so, when and how do you use it? If not, why?

Imagine a way for technical and business leaders – without a formal background in security – to rapidly assess threats against their minimum viable product.

That’s a key first step, early in the process, to building security in.

Asking about threat modeling is how I met Archie Agarwal.

Our initial discussion was packed with passion and energy.

Archie Agarwal is the Founder, CEO and Chief Technical Architect of ThreatModeler.

He has leveraged his more than ten years of real-world experience in threat modeling and threat assessment to help numerous Fortune 1000 companies in setting up their threat modeling process.

Archie has also created numerous threat models for web, mobile, cloud, IoT, SCADA, drone, aircraft, and various other systems… Read More

Budgeting to Boost Cybersecurity

Excerpted from CFO Report by Christopher O’Hara

As CFOs settle into the new year, routine concerns about cybersecurity readiness are being compounded by non-traditional, “nimble” technology-enabled competition, rapid globalization, and significant political changes in major markets, including ones stemming from the US Presidential election and the UK Brexit decision.

Despite the financial demands triggered by those uncertainties, some CFOs show signs of boosting their cybersecurity spending this year.

That’s encouraging, considering that information-security budgets were essentially flat in 2016.

They registered a barely perceptible 1% dip last year, according to PwC’s Global State of Information Security Survey 2017.

Overall, IT spending this year may be wavering. Research firms Gartner and IDC recently issued a slight downward revision in forecasts for global IT spending in 2017.

While the outlook for IT and security spending is indistinct, one thing is certain: CFOs today are more involved in cybersecurity budget discussions and decisions… Read More

Financial Services & Cloud Conundrum

Excerpted from Cloud Computing Intelligence Report

Depending on your source, UK cloud adoption rates are currently anywhere between 78% and 84%, and while cloud is no longer a new phenomenon, its importance to not only the CIO but also the full c-suite of decision makers such as CEOs, CMOs, and CFOs, is paramount as they jostle to gain a competitive advantage over competitors.

It has been argued that cloud adoption heralds the largest disruption in enterprise computing since the advent of the PC, with many industries embracing cloud-based platforms to not only cut costs but also drive efficiency.

Despite this, there has been a certain amount of trepidation from the financial services sector to make the transition and fully embrace cloud and its many advantages.

At the mere utterance of the word ‘cloud’ we used to hear a plethora of reasons why financial services organizations could not make the leap.

There were concerns over regulatory compliance as well as the complexity of functional replacement, security, and control.

And, in an era where financial institutions are more highly regulated than ever before, one could forgive these organizations… Read More

Big Data Future of Cybersecurity

Excerpted from CIO Report from Jenn Livingston

Although current industry statistics may seem somewhat intimidating, data science experts and big data enthusiasts are excited and prepared for a future that’s becoming increasingly connected to the web.

Some techniques used to harness this raw information, such as data mining, help give us an insight into the future of cybersecurity and what areas may pique interest moving forward.

Unlike the various television personalities who claim to foresee the future and tragedies in our lives, big data gives us a real-world insight into the current state of affairs.

When processing the data from large social media platforms, we begin to notice various trends and key interest points within the population.

As a brief example: when political or governmental movements begin to occur in a certain country, we notice a movement in the general consensus of that population favoring one side of the argument as opposed to another.

Similarly, when we notice an uprising popularity in certain pieces of technology, we can use this information as a forecast… Read More

Top Five Ways to Secure Your IoT

Excerpted from TechRepublic Report by Tom Merritt

Don’t let your smart bulbs and thermostats fall prey to attack by bots.

Use these five tactics to secure your IoT devices.

Distributed denial of service (DDoS) attacks have been bad for years, but the widespread infection of the Internet of Things (IoT) has given bots a new power to DDoS.

Here are the top five ways to secure your IoT:

1. Keep your firmware updated. Smart devices are no different than Windows. New vulnerabilities crop up, and patches come out to fix them. If auto-update is an option, turn it on, otherwise make it your business to know you have the latest patches.

2. Change the default password. Newer devices are forcing you to choose one, but if your device doesn’t, make sure “admin” or “12345” are not the passwords for your devices. Don’t make it easy for the bots to get in.

3. Disable remote login. If you don’t need to turn off your lights from elsewhere, then don’t make that an option… Read More

TPP Move Setback for Cloud Computing

Excerpted from Network World Report by Kenneth Corbin

On the heels of the news that President Trump has removed the United States from the Trans-Pacific Partnership (TPP), a massive trade deal that he blasted as a candidate, experts warned of the fallout for cloud-computing companies that have been advocating for policies to break down digital trade barriers that restrict the flow of data traffic across international boundaries.

Here at the annual State of the Net tech policy conference, the news was met with disappointment by a panel of experts, who said that the provisions of the TPP governing the activities of tech companies would have been an important step toward establishing international norms for trade in the digital age.

“Basically, it was the first step in terms of important international agreements that began to set a legal foundation for digital trade,” said Claude Barfield, Resident Scholar at the American Enterprise Institute, a conservative think tank.

“And now with the TPP being gone that has now been swept away.”

“So the Trump administration is starting from zero, as it were, in terms of digital trade rules with whatever else it does.”

Trump’s executive order canceling US involvement in the TPP was hardly a surprise… Read More

Coming Events of Interest

Industry of Things World USA — February 20th-21st in San Diego, CA. Global leaders will gather to focus on monetization of the Internet of Things (IoT) in an industrial setting.

fintech:CODE — March 16th-17th in London, UK. A new international knowledge exchange platform bringing together all DevOps, IT, and IoT stakeholders who play an active role in the finance and tech scene. Key topics include software development, technical challenges for DevOps, DevOps security, cloud technologies and SaaS.

retail:CODE — March 16th-17th in London, UK. 20 real-life case studies, state-of-the-art keynotes, and interactive World Café sessions, 35+ influential speakers will share their knowledge at the intersection of the retail and technology sectors.

Delivery of Things World — April 24th and 25th in Berlin, Germany. Over 400 IT executives will discuss what DevOps really means for business. This event brings together all stakeholders to share their experience and expertise.

Security of Things World — June 12th and 13th in Berlin, Germany. A world class event focused on the next information security revolution. Security concerns that preoccupy enterprise customers today and pragmatic solutions to threats.

Autonomous Systems World – June 14th and 15th in Berlin, Germany. An international knowledge exchange among top experts in the field, providing a unique glimpse into the fascinating world of autonomous robots, intelligent machines, and smart technologies.

Posted in Newsletters