A bipartisan bill introduced in the Senate just before the Christmas break aimed at protecting American elections from foreign cyberattacks has been getting generally positive reviews from security professionals.
Password manager company, Dashlane, has added a twist with its list of the “Worst Password Offenders” of 2017, naming high-profile people and organizations that fell into the bad-password trap. President Trump was deemed the worst offender, primarily because of simple passwords reportedly used by cabinet members and policy directors. Outside parties were also the culprits for the Department of Defense, specifically for its contractor, Booz Allen, as well as the Republican Party (stemming from a careless data analytics firm). Paul Manafort, for using “Bond007” as a password, and Sean Spicer, for apparently tweeting his passwords, also came in for scorn.
In a bipartisan effort, Harvard University’s Belfer Center for Science and International Affairs is looking to protect elections from cyberattacks and propaganda. The Cybersecurity Campaign Playbook, released today, gives campaign officials simple, actionable information to better secure campaign information from adversaries attempting to use cyberattacks.
The City of Baltimore hired former Intel executive Frank Johnson as its new CIO and chief digital officer. Along with the new hire, Baltimore has also expanded the CIO’s job description–and salary. Johnson will be now be tasked with modernizing the city’s computer systems across agencies, tackling the city’s reliance on paper, and ensuring data security, as well as working on mayoral initiatives.
Washington CIO Michael Cockrill is moving to the private sector later this month. After being appointed by Washington Gov. Jay Inslee in 2013, Cockrill oversaw the creation of Washington Technology Solutions, the agency created in 2015 to centralize state IT and improve services for the people of Washington through technology. Cockrill spoke with MeriTalk State and Local about his time as CIO and the jump to rejoin the private sector.
A hacker grouped named Dragonfly 2.0 has gained access to several companies that supply electricity to the U.S. power grid, according to Symantec. The new wave of cyberattacks could give attackers the means to severely disrupt affected operations centers in Europe and North America. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government.