Biden Rushes To Protect the Power Grid as Hacking Threats Grow

A White House plan to rapidly shore up the security of the U.S. power grid will begin with a 100-day sprint, but take years more to transform utilities’ ability to fight off hackers, Bloomberg reported Wednesday, citing a draft version of the plan confirmed by two people. From the report:

The plan is the policy equivalent of a high-wire act: it provides incentives for electric companies to dramatically change the way they protect themselves against cyber-attacks while trying to avoid political tripwires that have stalled previous efforts, the details suggest. Among its core tenets, the Biden administration’s so-called “action plan” will incentivize power utilities to install sophisticated new monitoring equipment to more quickly detect hackers, and to share that information widely with the U.S. government. It will ask utilities to identify critical sites which, if attacked, could have an outsized impact across the grid, according to a six-page draft of the plan, which was drawn up by the National Security Council and described in detail to Bloomberg News. And it will expand a partially classified Energy Department program to identify flaws in grid components that could be exploited by the country’s cyber-adversaries, including Russia, Iran and China.

Qualys API Best Practices: Host List API

When you’re looking to add automation to your vulnerability management and policy compliance program, a good starting point is the Host List, which is your scanned asset inventory. More precisely, it represents which assets have been scanned (and when) for Qualys Vulnerability Management (VM) or Policy Compliance (PC). After extracting this data, you can do further analysis of your scan coverage or schedule future scans on all or any subset of your assets.

How Contextualized Intelligence Maximizes Security Outcomes in SecOps Tools

April 14, 2021 • Ellen Wilson

As the attack surface grows,  it’s difficult for security teams to maintain a comprehensive, real-time view of the threats at an operational level. With too little time and not enough information, analysts struggle to determine which alerts represent a critical incident and which may just be a redundancy or a false positive — all while true positives may be slipping through the cracks.