Security Scene: December 2021-January 2022 Edition
By Adair Thaxton, Internet2 Cyberinfrastructure Security Engineer
Security Scene is a monthly roundup of cybersecurity news highlights compiled by Internet2 Cyberinfrastructure Security Engineer Adair Thaxton. Adair connects recent headlines to security best practices, within the lens of the research and education community and our broader digital society. Plus, she’s got jokes!
It’s the end of 2021, and I don’t think anyone is sad to see this year go. There have been challenges, but we’ve survived!
[insert dramatic echoing voice here] Security … in … spaaaaaaaaaace! As more and more satellites are launched into orbit, how are they being protected? What could happen if they were compromised, and what steps could you take to guard against that?
According to Homeland Security Today, the answer to these questions is basically in the same ways we protect terrestrial devices. Strong IAM, updateable IOT, IDS, supply chain verification, logging, and encryption. At our respective organizations and institutions, we can be thankful that at least we don’t have to deal with IDS … in … spaaaaaaaaaaaace!
Ars Technica brings us a light-hearted article on debunking worthless security practices. Hopefully, we’re all aware of these, but maybe one of your family members inquired about something on the list over the holidays!
What have we learned from almost two years of working from home?
Work carries on, and businesses and employees find ways to adapt to new security measures. The article mentions “fear fatigue” several times with regard to cybersecurity – are we stressing out employees too much by implementing additional cybersecurity training, in the hopes of raising vigilance? Twenty-seven percent of respondents thought their employees seem “overwhelmed by threats and jaded by cybersecurity procedures,” and 21% thought “[t]here is no clear impact of fear fatigue within my organization.”
Is one of those supposed to be more reassuring than the other? Franklin D. Roosevelt famously asserted that “the only thing we have to fear is fear itself,” but if you’re an IT person whose employees AREN’T afraid of being the compromise vector, these data points give you room for pause.
What an excellent transition to my next bit of info. What data is stored in your Google or Apple accounts that may be needed by your family, if you die? Information on canceling services and subscriptions, files, photos … Both Google and Apple provide ways to pass access down to a trusted person in the event of your demise.
I hope your break was restful, and the family tech support requests were minimal. Happy January!