Dura-Tech joins together with LeadingIT Learn more
Our knowledgeable team will support you organization, allowing your staff to get the most out of your technology.
We implement layers of protection to ensure your organization is secure.
Using best practices, we proactively protect your organization from becoming a victim of cybercrime.
As a Datto Blue Diamond Partner we secure your data with industry leading backup and disaster recovery solutions.
LeadingIT understands the technology needs of your business and offers computer, network and cybersecurity support to help you get the most out of your technology.
Read why businesses small and large across Wisconsin, Illinois and Indiana choose LeadingIT.
Working at LeadingIT means joining a group of people obsessed with taking on the real challenge of cybersecurity and helping businesses.
Stay up to date on the latest security threats your business faces and get tips on how to stay protected and informed.
Several cybersecurity experts have described the recent SolarWinds hack as one of the worst supply chain attacks on U.S. government agencies and private organizations. Even as more details continue to emerge about the breach, it’s quite clear that the 117th Congress will prioritize legislation to prevent similar onslaughts on U.S. technologies.
A few days after the hack’s discovery, Biden’s administration reiterated its promise to make cybersecurity a top priority. And a couple of weeks later, they released a detailed Rescue Plan that calls for allocating $10 billion of the national budget to cybersecurity. If the plan sails through, CISA will receive up to $690 million to enhance security surveillance and fast incident response.
Several legislators have since lauded the move as a step in the right direction, including Representative Jim Langevin (D-RI), who has been very vocal in advocating for more cybersecurity funding. In his statement, Jim says that he is “grateful to see the president-elect pushing for important investments in cybersecurity in the wake of the SolarWinds hack, which has placed a spotlight on the need to act now to protect Americans and our interests in cyberspace.”
Mark Warner (D-VA, the incoming Intelligence Chair, has said that plans are underway to hold hearings on the SolarWinds hack. He has also hinted at a possible re-evaluation of the provisions of the national breach notification laws.
In a webinar hosted by Aspen Institute, Warner likened the SolarWinds breach to the Capitol’s infamous rioter’s siege on January 6th. He said that the hack, which bears the strains of Russian nation-state hacker group Cozy Bear, is “paled in comparison to the damage done to our country in the last 24 hours.”
More importantly, the Intelligence boss questioned whether the SolarWinds attack qualified for consideration as acceptable espionage. According to him, the best solution is to “create some level of international norm-setting, some rules of the road.” He further added that “better cyber hygiene alone is not going to win the battle.”
On the compulsory breach notification issue, he said, “We’re going to need a fulsome review. The fact that the public enterprises don’t even have to report to CISA fully, let alone the private sector where, if the [breach] doesn’t reach a level of materiality, doesn’t even have to report, needs to be fully reviewed.” Most IT stakeholders have since interpreted this to mean the possibility of sterner breach reporting requirements in the future, and nothing could be further from the truth.
Over the past few months, there have been many talks around improving local governments’ ability to detect and prevent data breaches. The two most common topics include:
Given the prevailing SolarWinds hack scare, it’s highly likely that these two issues will equally be a top priority on the Hill this year.
Speaking to CSO, Kiersten Todt (the managing director of the Cyber Readiness Institute) said that “From a cybersecurity perspective, the [siege of the Capitol] should only amplify the prioritization of the [cybersecurity] agenda.”
According to her, this incident and the recent SolarWinds hack highlight why supply chain security should be a forefront topic. She holds that “we still don’t have a (reliable) strategic and actionable approach to supply chain security.”
It’s still unclear how rioters managed to storm the Capitol almost a month down the line or what they managed to steal or destroy. However, several IT experts have affirmed that there could be massive cybersecurity implications from the January 6th incident that we can’t afford to overlook.
Moving forward, we can only expect the Capitol to investigate if the rioters vandalized any hardware devices or compromised IT security systems. And in line with the high threat levels from the likes of the SolarWinds breach, we can also expect additional legislation to improve Capitol’s security posture.
Everybody is taking cybersecurity seriously. Your Chicagoland organization must also continually look for better ways to identify and prevent intrusion and unauthorized access to data. Above all, always keep your ears on the ground in case of new legislation and industry standards. Noncompliance is as unhealthy as a data breach.
LeadingIT offers 24/7, all-inclusive, fast, and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.
©2022 LeadingIT. All Rights Reserved.