Excited to be giving my first talk here in Northwest Arkansas. Going over some simple wins when securing legacy tech in

Takeaways from the NWA Tech Summit this week: Greater Bentonville Area Chamber of Commerce put on a great event. It was a rewarding volunteer experience, no doubt due to all the hard work they did behind the scenes. Northwest Arkansas and Northeast Oklahoma, or as the Tulsa Innovation Labs’ Conor Godfrey and others referred to it, the 412 corridor, is primed for mobility and autonomous systems investments, growth, and opportunity. My family and I moved here in July for the community, outdoors, culture, and people. The opportunities and innovation are yet another reason I don’t see us leaving. There’s a tangible and deliberate alignment in investment and involvement in the area’s growth by businesses of all sizes along with the local, state and federal government. It’s inspiring and gives hope for what’s happening now and next for the region. NW Arkansas is an exciting place to be.

The NSA and CISA have released hardening guidance for Kubernetes. The guidance describes the security challenges associated with setting up and securing a Kubernetes cluster. It includes hardening strategies to avoid common misconfigurations and guide system administrators and developers of National Security Systems on how to deploy Kubernetes with example configurations for the recommended hardening measures and mitigations. This guidance details the following mitigations: Scan containers and Pods for vulnerabilities or misconfigurations. Run containers and Pods with the least privileges possible. Use network separation to control the amount of damage a compromise can cause. Use firewalls to limit unneeded network connectivity and encryption to protect confidentiality. Use strong authentication and authorization to limit user and administrator access as well as to limit the attack surface. Use log auditing so that administrators can monitor activity and be alerted to potential malicious activity. Periodically review all Kubernetes settings and use vulnerability scans to help ensure risks are appropriately accounted for and security patches are applied.

The Biden administration is making a Software Bill of Materials (SBOM), an electronically readable format designed to provide an inventory of third-party components in devices, a requirement amid efforts to improve cybersecurity across the federal government and private sector. https://www.medtechdive.com/news/biden-orders-software-bill-of-materials-to-boost-cybersecurity-advamed-wan/600594/