SecureTheVillage

Last week's news brought discouraging word of the Trump administration's retreat in protecting the nation from Russian cybersecurity activities. Also in last week's news, Troy Edgar nominee for Dept of Homeland Security Deputy Director was quoted as saying the Cybersecurity and Infrastructure Security Agency (CISA) needed to be "reined in." This week we got an illustration of what he meant. And it should bother every one of us. The EI-ISAC was operated by the Center for Internet Security (CIS) as part of its broader mission to protect #criticalinfrastructure. CIS provided real-time network monitoring, #cyberthreatintelligence, and vulnerability mitigation through its Security Operations Center (SOC). These services helped election officials prevent, protect against, respond to, and recover from cybersecurity incidents. Membership in the EI-ISAC was voluntary and free for state, local, tribal, and territorial (SLTT) organizations supporting election operations, ensuring broad participation in election cybersecurity initiatives. As in so much in cybersecurity, cybersecurity doesn't scale down. Security controls that are easy no-brainers for large enterprises push the resource and financial constraints of smaller organizations. The problem is particularly challenging for the thousands of smaller election organizations which tend to be under-resourced and underfunded. It is through the EI-ISAC that these smaller election organizations can defend themselves against #cyberattacks from America's enemies, both foreign and domestic. This is a good thing. A very good thing. So why would the Department of Homeland Security (where CISA resides) terminate funding to the EI-ISAC? If you care about the security of America's elections, why would you terminate funding? And yet this is exactly what DHS did this week.?It terminated funding for EI-ISAC operations. Read about this and more in this week's Cybersecurity News of the Week from Stan Stahl, PhD and SecureTheVillage. Share with your network.

We are beginning to see the Trump administration flesh out its cybersecurity practices. They do not fill me with confidence: → "Trump administration retreats in fight against Russian cyber threats:?Recent incidents indicate US is no longer characterizing Russia as a cybersecurity threat, marking a radical departure" → "Exclusive: Hegseth orders Cyber Command to stand down on Russia planning:?Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, according to three people familiar with the matter." → "Incoming deputy boss of Homeland Security says America's top cyber-agency needs to be reined in." → "DOGE must halt all ‘negligent cybersecurity practices,’ House Democrats tell Trump:?Elon Musk's Department of Government Efficiency group has “introduced negligent cybersecurity practices” into federal systems and should halt all risky activities, a group of House Democrats demanded on Tuesday." → "Here Are the Digital Clues to What Musk Is Really Up To... The mistake is trying to situate Musk solely in the context of politics. He isn’t approaching this challenge like a budget-minded official. He’s approaching it like an engineer, exploiting vulnerabilities that are built into the nation’s technological systems, operating as what cybersecurity experts call an insider threat." *** CLICK THE IMAGE ??to read more in the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

We are beginning to see the Trump administration flesh out its cybersecurity practices. They do not fill me with confidence: → "Trump administration retreats in fight against Russian cyber threats:?Recent incidents indicate US is no longer characterizing Russia as a cybersecurity threat, marking a radical departure" → "Exclusive: Hegseth orders Cyber Command to stand down on Russia planning:?Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, according to three people familiar with the matter." → "Incoming deputy boss of Homeland Security says America's top cyber-agency needs to be reined in." → "DOGE must halt all ‘negligent cybersecurity practices,’ House Democrats tell Trump:?Elon Musk's Department of Government Efficiency group has “introduced negligent cybersecurity practices” into federal systems and should halt all risky activities, a group of House Democrats demanded on Tuesday." → "Here Are the Digital Clues to What Musk Is Really Up To... The mistake is trying to situate Musk solely in the context of politics. He isn’t approaching this challenge like a budget-minded official. He’s approaching it like an engineer, exploiting vulnerabilities that are built into the nation’s technological systems, operating as what cybersecurity experts call an insider threat." *** CLICK THE IMAGE ??to read more in the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

The Federal Government directly manages only about 15% of the nation’s IT infrastructure. Large private-sector companies manage about 70% - the vast majority - of the infrastructure. We expect these organizations to provide the needed management, resources, and budgets to manager their 85% of the total. → The remaining 15% of the nation's IT infrastructure is managed by smaller organizations. Managing only a small fraction of our IT infrastructure, they contribute mightily to our economic success. They employ about 45% of the workforce and contribute about 45% to our GDP. ?? These smaller businesses - small manufacturers, the post-production industry here in Southern California, restaurants, the local dry cleaner, your accountant and lawyer, perhaps your water district - are sadly unprepared for cyber-disruption. Too often they lack the management expertise and the resources to secure their vital 15%. This is why these smaller businesses and nonprofits are victimized in approximately 70% of all cybercrimes. ?? In response, organizations like SecureTheVillage, CyberWyoming, the Cyber Readiness Institute, Sightline Security, and others have built special programs to help these smaller organizations. SecureTheVillage, for example, built our?SoCal Cybersecure? program to specifically address the needs of smaller organizations to prepare for cyber-disruptions and effectively manage the continuity of their business operations during the inevitable disruptions. If every smaller business and nonprofit managed their cybersecurity to basic reasonable standards, America's overall security would be significantly improved. So when you think national security, remember the importance of our smaller businesses and nonprofits to national security. *** CLICK THE IMAGE ??to read more in the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

The Federal Government directly manages only about 15% of the nation’s IT infrastructure. Large private-sector companies manage about 70% - the vast majority - of the infrastructure. We expect these organizations to provide the needed management, resources, and budgets to manager their 85% of the total. → The remaining 15% of the nation's IT infrastructure is managed by smaller organizations. Managing only a small fraction of our IT infrastructure, they contribute mightily to our economic success. They employ about 45% of the workforce and contribute about 45% to our GDP. ?? These smaller businesses - small manufacturers, the post-production industry here in Southern California, restaurants, the local dry cleaner, your accountant and lawyer, perhaps your water district - are sadly unprepared for cyber-disruption. Too often they lack the management expertise and the resources to secure their vital 15%. This is why these smaller businesses and nonprofits are victimized in approximately 70% of all cybercrimes. ?? In response, organizations like SecureTheVillage, CyberWyoming, the Cyber Readiness Institute, Sightline Security, and others have built special programs to help these smaller organizations. SecureTheVillage, for example, built our?SoCal Cybersecure? program to specifically address the needs of smaller organizations to prepare for cyber-disruptions and effectively manage the continuity of their business operations during the inevitable disruptions. If every smaller business and nonprofit managed their cybersecurity to basic reasonable standards, America's overall security would be significantly improved. So when you think national security, remember the importance of our smaller businesses and nonprofits to national security. *** CLICK THE IMAGE ??to read more in the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

Kudos to Nonprofit Cyber on our 3rd Anniversary. SecureTheVillage is a proud member of this important nonprofit collaborative dedicated to having a real scalable impact. #ItTakesAVillage. #ToInfinitiesAndBeyond.

Kudos to The New York Times for their in-depth guide to back ups. Whether on your desktop or in the cloud, make sure your information is safe from accident or deliberate misuse by scammers and others. In recent weeks, Elon Musk and his aides have gained access to many federal agencies’ systems and unknown amounts of data. Many readers have written in to share their fears that the agencies — and the personal data they possess on hundreds of millions of taxpayers — are now vulnerable. When people tinker with vital systems, things can go wrong. New vulnerabilities can emerge that thieves could exploit, or existing tax or loan payments could disappear. And one wrong move can bring a whole website down for days or longer. The level of risk isn’t clear, and in uncertain situations, it’s tempting to do something to feel that you’re protecting yourself. That instinct is perfectly rational. But don’t just download your history of paying into Social Security or freeze access to your credit files because of the politics of now. Back up everything important, everywhere you can. Do this at least once a year or so. It’s just good hygiene. Having multiple copies of all of the things that help you run your life brings a certain kind of peace that lacks a perfect word in English, but it’s the quality or state of being well sorted. In this newsletter, you'll find a guide for what to do. *** CLICK THE IMAGE ??to read this and more in the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

**NEW** SecureTheVillage is proud to announce the release of its newest online resource,?After a Disaster: A Guide to Keep Your Phone Secure, Safeguard Your Information, and Avoid Being Scammed, a concise guide on how to protect yourself from scams in the aftermath of a local disaster, whether it's an earthquake, major fire, hurricane, or other crisis: https://lnkd.in/gD6vbTeW Read these headlines and more in this week's digest: → Ransomware attack on New York Blood Center forces workarounds, drive cancellations → 20 million OpenAI users hacked? → 4 exotic phishing scams are on the rise. Here’s how to catch them in the act → Macs under attack from North Korean malware stealing passwords and more — how to stay safe → Everything You Need to Know About the Privacy-Focused Messaging App Signal → Lawmakers Push to Ban DeepSeek App From U.S. Government Devices → Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries CLICK THE IMAGE ??to read the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

If you aren't using MFA. If you aren’t rigorously patching. If you haven’t trained your people, then you are not reasonable! What is Reasonable Security? Risk-based protective measures that are appropriate, proportionate, and aligned with industry standards and legal requirements to safeguard a business’s data and systems. If you’re a smaller business or nonprofit, join SecureTheVillage’s?SoCal Cybersecure? Program. With it, you’ll get our?Cybersecure Playbook?to manage the reasonableness of your security practices. Smaller businesses, learn more: https://lnkd.in/gTcUHPtp Nonprofits, learn more: https://lnkd.in/gp-223W7 *** CLICK THE IMAGE ??to read about Seven Key Security Strategies, DeepSeek, and more in this edition of the Cybersecurity News of the Week and Patch Report! About SecureTheVillage and author Stan Stahl, PhD: The vision of SecureTheVillage is to make Southern California the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. It takes a village to secure the village.? Repost to share to your network! ?

I’m heading to the 5th annual SecureTheVillage Reasonable Security Summit today where reasonable security is the main topic of conversation. #?National Cybersecurity Alliance #MillerKaplan #SecureTheVillage