Mediaboss Marketing

The latest figures from the National Sheep Association reveal that incidents of sheep worrying are on the rise, with fears that penalties are too weak to act as deterrents.

The survey was completed by more than 300 National Sheep Association (NSA) members, and found that 70% had been victims of dog attacks.

See also: Sheep worrying advice for lambing time

Worse still, of the reported attacks, only 14% of farmers were notified by the owners of the offending dogs, leaving the remaining 86% to discover the attack themselves, or be notified by others, making it near impossible to pursue legal prosecution.

NSA chief executive Phil Stocker said: It is really frustrating and upsetting.

The industry is on the verge of accepting that we are going to have to live with the consequences of dog attacks on sheep on a permanent basis.

So many people now are just blindly putting sheep worrying by dogs in the too difficult to deal with box and we are really struggling to find solutions.

The survey results also showed that the general feeling among farmers was that the attacks are expected and becoming the norm, and that 82% of respondents saw a need for additional powers or legislation to counter the issue.

Mr Stocker said: The proposed level of maximum fine in the Kept Animals Bill is completely inadequate at 1,000 similar legislation went through in Scotland a year ago and saw the penalty raised to 40,000 or a prison sentence.

This is a real deterrent and sends out a real marker to the dog-owning community that this is a serious issue.

I still feel there is a need for legislation for dogs having to be kept on leads in the vicinity of sheep.

But keeping dogs on leads has proven problematic in itself, as 70% of farmers reported facing abuse, intimidation, refusal and general negativity when they approached dog owners to request dogs be put on leads.

Mr Stocker added: I have today sent a letter to Therese Coffey and Mark Spencer, airing our frustration about the slowness of passage through parliament of the Kept Animals Bill, and opening the conversation about making it more fit for purpose.

Visit link:
NSA report reveals 70% of farmers abused and intimidated by dog ... - FarmersWeekly

Exciting plans are underway for a National Sheep Association (NSA) event this autumn that will bring together the nations sheep farmers for a fresh style of enjoyable and informative farming conference.

The new NSA Sheep Farmers Conference will take place on Wednesday 25th October 2023 and, in its inaugural year, will focus on sheep health and its links to sustainability, production and welfare. It will offer a line up of the most experienced and knowledgeable experts from the UK sheep sector, ready to pass on valuable information through various interactive sessions and networking opportunities. Held at the convenient location of the National Conference Centre, Birmingham, very close to road, rail and air links, the day will be relevant and accessible to delegates from England, Wales, Scotland and Northern Ireland.

The new event will be the headline feature of NSAs Health and Welfare week, starting Monday 23rd October.

NSA Chief Executive Phil Stocker says: Given the importance of livestock within the one health agenda, and how vital healthy sheep are to productive farming businesses with an eye on sustainability, lower emissions and a wide range of other public goods, we are bursting with plans for the first ever Sheep Health Week. In addition to the face-to-face conference there will be a range of free-to-access web-based activities from Monday 23rd October, including three SHWAP online webinars.

Sheep Health, Wealth and Production (SHWAP) is an online activity organised by NSA South East Region, with three topics covered over three evenings on Monday 23rd, Tuesday 24thand Thursday 26th October. These will complement the conference, picking up additional topics and themes.

Tickets for the conference will be priced to be affordable for all to attend but will be limited in number so farmers are urged to put the date in the diary now and book as soon as tickets are made available in early summer. NSA members will be informed first and get a preferential rate.

Further detail on the conference will be announced soon so keep an eye on our events page.

See more here:
New conference for the nation's sheep farmers launching this autumn - Farmers Guide

Digital identity compromises are a growing concern and have been tied to massive hacks such as the Colonial Pipeline ransomware incident and the Reddit breach last month.

Coupled with an uptick in reliance on digital transformation and the ubiquity of cloud platforms, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) believe it is time to push framework guidance on identity access management (IAM).

On Tuesday, the two agencies released recommended best practices for infosec professionals who manage digital identities. The 31-page report outlines business processes, policies, and technologies to help shore up government and private-sector security postures. The practice guide, part of the NSA's Enduring Security Framework initiative, was developed through a public-private partnership to help thwart threats facing critical infrastructure and national security systems.

Americas critical infrastructure is a prime target for a broad spectrum of threat sources including advanced and ongoing attacks from nation states and terrorist organizations attacks, according to the paper. IAM weaknesses are frequently exploited in the most insidious threats, APTs, which have led to catastrophic data breaches.

Citing the 2022 Verizon Data Breach Investigation Report, the paper notes that 80% of web applications attacks and 40% of breaches leverage stolen credentials, a tactic used by a wide range of threat actors, including nation-state hacking groups, terrorist organizations, hacktivists, and individual operators. In addition, identity management company Okta reported record-high credential-stuffing attacks in its 2022 State of Security Identity Report, detecting almost 10 billion credential-stuffing events across its Auth0 access management platforms in the first 90 days of 2022.

To counter the growing risks, the IAM framework provides practice guidance and mitigations to address threats related to the following five areas: identity governance, environmental hardening, identity federation/single sign-on, multi-factor authentication and auditing and monitoring around identity access and management tools.

Grant Dasher from the office of the technical director for cybersecurity at CISA, said the release of the practice guide is "a valuable first step to aid critical infrastructure organizations' effort to assess and strengthen their IAM solutions and processes," and plan for further collaborations to improve the IAM ecosystem.

Besides the Colonial Pipeline incident, there have been several recent and notable attacks that highlight the importance of addressing the digital identity threats against critical infrastructure.

In February 2021, an attacker compromised a computer system in a Florida water treatment plant and tried to increase the levels of certain chemicals in the water supply which would have posed serious public health and safety concerns. In 2022, a ransomware gang leveraged stolen credentials and targeted another water treatment plant in South Staffordshire, UK, affecting 1.6 million customers and 35,000 businesses.

While SSO and MFA are widely adopted to strengthen and simplify the authentication process, Murali Palanisamy, chief solution officer at AppViewX, said that critical infrastructure should take extra precautions when monitoring implementations as a compromised SSO system in one area can make it easier for an attacker to gain access in other parts of the network.

"This is especially true for critical infrastructure where you would need access using Secure Shell to troubleshoot an access failure. Leveraging Privilege Accessed Management and SSH access using SSH certificates instead of passwords or keys enables the out-of-band authentication for admins and security teams," Palanisamy said.

Read the rest here:
CISA, NSA push identity and access management framework as risks grow - SC Media

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released new guidance on March 21 that offers system administrators best practices for identity and access management (IAM).

CISA and NSA released the IAM guidance as part of the Enduring Security Framework (ESF), a public-private partnership that aims to address risks that threaten critical infrastructure and national security systems.

IAM is a framework of business processes, policies, and technologies that facilitate the management of digital identities ensuring that only users with the appropriate credentials gain access to data.

IAM is a critical part of every organizations security posture, and we must work collectively with the public and private sector to advance more secure by default and secure by design IAM solutions, said Grant Dasher, Office of the Technical Director for Cybersecurity, CISA.

The ESFs best practices guide is a valuable first step to aid critical infrastructure organizations efforts to assess and strengthen their IAM solutions and processes, he added. We look forward to further collaborations with our partners to improve the IAM ecosystem and aid organizations in achieving a more resilient posture.

The guidances best practices provide system administrators with actionable recommendations to better secure their systems from IAM threats. Specifically, it offers best practices and mitigations to counter threats related to identity governance, environmental hardening, identity federation/single sign-on, multi-factor authentication (MFA), and IAM auditing and monitoring.

It also offers a checklist for actions organizations can take immediately, such as routinely testing and patching your organizations MFA infrastructure; identifying all the local identities on the assets to know who has access to which assets; and determining if your single sign-on integration can collect user context during single sign-on logins including location, device, and behavior.

Malicious cyber actors attempt to hide their activity by exploiting legitimate credentials, either of authorized personnel or of the systems that act on behalf of legitimate users, said Alan Laing, NSA lead for the IAM working group. Rigorous identity and access management allows an organization the ability to detect and thwart these actors persistent efforts to corrupt critical systems and access information of national importance.

Go here to read the rest:
CISA, NSA Issue Guidance on Identity and Access Management - MeriTalk

FORT MEADE, Md. - As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for Administratorsto provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).

IAM is a framework of business processes, policies, and technologies that facilitate the management of digital identities. It ensures that users only gain access to data when they have the appropriate credentials.

In 2021, Colonial Pipeline, a major Southeast oil pipeline system, suffered a major ransomware attack, disrupting the oil/gas distribution system and causing long lines at the gas station and consumer panic. Many people know about the attack and the exploitation of the company for money, but many dont realize that the attack happened because of a leaked password, an inactive VPN account, and a lack of multifactor authentication all of which can be summed up as poor IAM.

Malicious cyber actors attempt to hide their activity by exploiting legitimate credentials, either of authorized personnel or of the systems that act on behalf of legitimate users, said Alan Laing, NSA lead for the IAM working group. Rigorous Identity and Access Management allows an organization the ability to detect and thwart these actors persistent efforts to corrupt critical systems and access information of national importance.The paper provides best practices and mitigations to counter threats to IAM related to the following five topics:

Environmental Hardening

Identity Federation/Single Sign-On

Multi-Factor Authentication

IAM auditing and monitoring

"IAM is a critical part of every organization's security posture, and we must work collectively with the public and private sector to advance more secure by default and secure by design IAM solutions," said Grant Dasher, Office of the Technical Director for Cybersecurity, CISA. "The ESF's best practices guide is a valuable first step to aid critical infrastructure organizations' efforts to assess and strengthen their IAM solutions and processes. We look forward to further collaborations with our partners to improve the IAM ecosystem and aid organizations in achieving a more resilient posture."This release is accompanied by an Identity and Access Management Educational Aid presentation and associated talking pointsto support organizational technical leaders in explaining to decision makers the benefits of a robust IAM program and the associated risks of not implementing one.This guidance was developed and published by an NSA and CISA led working panel with ESF, a public-private cross-sector partnership that aims to address risks that threaten critical infrastructure and national security systems.

Read the full report here.Visit our full library for more cybersecurity information and technical guidance.

NSA Media RelationsMediaRelations@nsa.gov443-634-0721

See the article here:
ESF Partners, NSA, and CISA Release Identity and Access ... - National Security Agency