ICIT Fellow Insights: Why Leadership Should Be the Top Priority

Public and private sector leaders are slowly accepting the reality that the weakest link – and greatest asset – in their cybersecurity strategy is the human element. The question which now must be answered is how to best train, motivate and inspire the next generation of leaders and change agents who can help improve an organization’s cybersecurity hygine. Join ICIT Fellow Dan Waddell (ISC2) and Sr. Fellow Parham Eftekhari as they discuss one of the most important cybersecurity issues of our day.

For More  , Click Here : http://ift.tt/1Sd1x21

from cyber security caucus http://ift.tt/1RAGeVW
via IFTTT

ICIT Fellow Insights: Making Your CISO and CFO BFFs

Your CFO can be an invaluable ally in your quest to elevate the strategic value of CyberSecurity within your organization. The key is to establish a trust-based relationship in which you understand how to parlay the positive impact cybersecurity investments can have on the business, turning the CISO function into a strategic business driver vs. a cost center. Join ICIT Fellow Brian Contos (Securonix) and Sr. Fellow Parham Eftekhari as they share strategies and ideas to accomplish this goal.

Read More , Click here : http://ift.tt/1RfCGWr

from cyber security caucus http://ift.tt/1oTjB6e
via IFTTT

The Executive Women’s Forum on Information Security, Risk Management & Privacy announces the first Voice Privacy Industry Working group.

The Executive Women’s Forum on Information Security, Risk Management and Privacy, founded by Alta Associates, the leading executive search firm specializing in Cybersecurity, will announce the establishment of a Voice Privacy Industry Group and the version 1 release of high level guiding principles for voice privacy at the annual EWF Meet & Greet at the RSA Conference in San Francisco, CA. The meeting will be held on Wednesday, March 2nd, 2016 at 1pm in the Moscone West Room 2002. Key event takeaways:

• Announce version 1 of the high level voice privacy guiding principles. Further versions of the guiding principles are planned.
• Call for men and women volunteers to get involved and help lead subgroups which will produce detailed guidance, tools and checklists back to industry.
• Visit the EWF booth #3118 during RSA for more information and to sign up in person, or email voiceprivacy(at)ewf-usa(dot)com for more information. For the full article click here 

from cyber security caucus http://ift.tt/1KXOeRK
via IFTTT

Tenable Network Security Automates and Simplifies NIST Cybersecurity Framework Adoption for Commercial and Government Organizations

COLUMBIA, Md.–(BUSINESS WIRE)–Tenable Network Security, Inc., a global leader transforming security technology for the business needs of tomorrow, released a new solution at RSA Conference 2016 that makes it easier for companies and government organizations to improve security posture through conforming to the widely respected U.S. National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework).“By 2020 more than 50 percent of private and public enterprises in the U.S. will use the NIST Cybersecurity Framework, up from 30 percent in 2015,” noted Gartner in the January 2016 report Best Practices in Implementing the NIST Cybersecurity Framework, by Paul E. Proctor, Katell Thielemann, Earl Perkins, and Khushbu Pratap. Tenable’s new Cybersecurity Framework solution automates operation and assessment of more than 90 percent of the CSF technical controls and speeds adoption by providing unified dashboards with actionable data that enable customers to track conformance and prioritize security responses.

“The NIST Cybersecurity Framework transcends its original purpose of improving critical infrastructure cybersecurity, and is being recognized as sound guidance for all types of organizations,” said Ron Gula, CEO, Tenable Network Security. “Tenable’s new Cybersecurity Framework solution makes it easy to implement government-grade frameworks in a corporate environment. Customers can put NIST recommendations into practice through our automated reports and dashboards, measuring conformance in real time so they know immediately what actions they need to take to be secure.” For the full article click here 

from cyber security caucus http://ift.tt/1KXOeRE
via IFTTT

Cybersecurity: ironclad security for high bandwidths

Bandwidths in the gigabit range require new IT security solutions for data transfers. This is especially true for conventional Unified Threat Management (UTM) firewalls, which have limited performance. The new IT-security company Rohde & Schwarz Cybersecurity will be at this year’s CeBIT to present an innovative solution that is the first to meet the challenges associated with higher bandwidths: the UTM+ firewall series with integrated next-generation engine. Like all trade fair innovations from Rohde & Schwarz Cybersecurity, the UTM+ firewalls take a proactive approach to security.

Munich, February 29, 2016 — Firewalls in the UTM+ series have been developed specifically to meet the needs of SMEs. Thanks to integrated single-pass technology, they are as powerful as a next-generation firewall (NGFW). While the performance of traditional UTM appliances already reaches its limit in the megabit range, UTM+ uses the new V16 software to deliver performance in the tens of gigabits. The UTM+ models are also easy to use all-in-one solutions and significantly less expensive than NGFWs. Permanent layer 7 scanning ensures comprehensive, continuous inspection of data packets. In addition, the application control enables fine-grained analysis of network traffic. Firewalls from the UTM+ series take the “security by design” approach ‒ in other words, preventing attacks proactively rather than reactively. For the full article click here 

from cyber security caucus http://ift.tt/1RzLER7
via IFTTT

Pentagon chief to appeal to Silicon Valley for help with cybersecurity

Defense Secretary Ashton Carter will visit a crucial front this week in the war the Pentagon considers its greatest potential threat: cyberspace.

Carter will visit a Pentagon outpost in the heart of Silicon Valley, speak at a cybersecurity conference in San Francisco and go to Microsoft and Amazon headquarters in Seattle to highlight the risks of cyberattacks and the need for greater digital cooperation with the Pentagon.

His visit to the West Coast — his third in less than a year, more than he’s made to Kabul or Baghdad — marks the latest effort by the Obama administration to recruit telecommunications, social media and other technology companies as partners in national security operations despite deep suspicion in Silicon Valley about government surveillance. For the full article click here 

from cyber security caucus http://ift.tt/1TMujI0
via IFTTT

2016 Premier 100 Tech Leader: Paul S. Raines

Working in the ever-changing security field, in a multi­national setting, and dealing with cutbacks in resources driven by world events and geopolitics — now that’s a disruptive situation. But it doesn’t seem to faze Paul S. Raines, chief information security officer of the United Nations Development Programme (UNDP), which runs economic development, quality of life and energy programs in 177 nations and territories.

Raines and his team of 10 security experts help developing nations create cybersecurity programs, from policy and technology review to risk assessment. Last year, for example, the team helped create and train Bangladesh’s first cyber incident response team.

“Due to recent events there’s a great demand for cybersecurity,” says Raines, 56.

Developing nations have vulnerabilities that wealthier countries don’t — due to less developed infrastructure in many cases — and therefore they run a greater risk of experiencing everything from cyberattacks on hospitals or air traffic control systems to shutdowns of phone networks. For the full article click here 

from cyber security caucus http://ift.tt/1nbg69s
via IFTTT

ACM to offer courses in cybersecurity

High paying jobs are available in this region and other places for people who have an education in cybersecurity.

Kristi Smith, associate professor of computer technology and cybersecurity project director for Allegany College of Maryland, said local employers are paying starting salaries of $50,000 for those who are certified in cybersecurity, even without a full degree. Those with bachelor’s or master’s degrees are paid even more. For the full article click here 

 

from cyber security caucus http://ift.tt/1WQtXOu
via IFTTT

Cybersecurity Stocks to Buy Now

The latest cybercrime is straight out of Hollywood—but it’s not a movie. A Los Angeles hospital was held hostage last week when hackers shut down its computer system for a ransom of 40 bitcoin, or a surprisingly modest $17,000. Preventing disaster scenarios such as this has become big business, and cybersecurity stocks have been on a tear—until recently. This year’s pullback gives investors a rare opportunity to invest in the good guys without breaking the bank.

Companies and governments worldwide have unleashed a flood of money in an effort to keep their names out of security-breach headlines, spending nearly $150 billion in 2014 and 2015, and sending the biggest cybersecurity stocks up 50% in the same period. But this year’s volatility brought attention to the fact that much of that spending was slapdash—many companies found themselves with a patchwork of security systems, often juggling as many as 100 vendors—and spurred fears those vendor lists would soon be thinned. That has rattled the stocks, with some down more than 20% in the past three months. For the full article click here 

from cyber security caucus http://ift.tt/1WQtUT0
via IFTTT

USC launches SC Cyber to lead fight on database attacks

The University of South Carolina is taking the lead on protecting personal information and filling a workforce shortage in the cyber security sector. The university is partnering with government leaders, industry executives and academic institutions to form SC Cyber.

“Carolina is proud to serve as the epicenter of this important work. We look forward to working with all our consortium members in leveraging and expanding  access to new technologies, research and education,” said University President Dr. Harris Pastides.

The statewide initiative will work on two fronts. First, SC Cyber will help state agencies, businesses and other organizations reduce the instance of cyberattacks that compromise information on databases, whether it be bank accounts or health records.

SC Cyber will also offer training and education to prepare the next generation of information technology specialists and cybersecurity experts, as well as conduct research and development on the latest technology and trends to prevent hacks to vulnerable networks.

The cybersecurity industry in South Carolina has grown 130 percent since 2010, with about 2,300 available jobs. For the full article click here 

from cyber security caucus http://ift.tt/21pGpLK
via IFTTT

Top Cyber News: One Million Security Jobs, Firewall Stocks To Buy, The U.S. Vs. Apple

Read the top 10 cybersecurity stories from the past week to stay on the cutting edge:

1. Top 5 cybersecurity job hunting tips for 2016 – Job seekers have the upper hand in a competitive market which has one  million job openings in 2016, according to a story in CSO. Experienced candidates should practice patience, skip the job boards, use LinkedIn LNKD +1.61% for their resumes, spend less time working their personal networks and more time making new connections, and go to industry conferences.

2. Cybersecurity Stocks to Buy Now – A Barron’s story looks at three security firms that are poised to benefit as companies bolster defenses against cybercrime — Fortinetand Check Point Software Technologies, which are up 37% and 50% since Barron’s recommended them nearly three years ago – and Palo Alto Networks.  All three play in the hot next generation firewall (NGFW) market.

3. Apple Faces U.S. Demand to Unlock 9 More iPhones – The New York Timesreports that the Justice Department is demanding Apple AAPL +0.13%’s help in unlocking at least 9 more iPhones. Apple’s chief Tim Cook is continuing to battle the FBI and U.S. government. The two sides are awaiting a ruling on whether Apple should be forced to cooperate. For the full article click here 

from cyber security caucus http://ift.tt/21pGpvt
via IFTTT

Centrify Provides Secure Access on the Good Dynamics Secure Mobility Platform

New solution offers ironclad identity security for thousands of cloud and on-premises apps and servers via integrated single sign-on and multi-factor authentication

BARCELONA, Spain–(BUSINESS WIRE)–Mobile World Congress – Centrify, the leader in securing enterprise identities against cyberthreats, today announced a partnership with BlackBerry to provide secure access to thousands of cloud and on-premises applications and servers on the Good Dynamics Secure Mobility Platform. Centrify’s smartcard-based mobile derived credentials are now certified “Secured by Good” on mobile devices, allowing for easy and secure single sign-on (SSO) to apps and privileged password access to servers.

This combination of SSO, multi-factor authentication (MFA) and access to apps and servers from the Good secure container will give highly regulated customers, such as those in the government sector and the financial services industry, the ability to safely use smart-card based authentication from mobile devices without compromising security.

Customers using BlackBerry’s mobility solutions have the highest levels of encryption and security for mobile application data—both in motion and at rest. With Centrify, customers now have a seamless solution for the use of smartcards for secure access on Good-secured devices. Centrify provides turnkey, password-free access to thousands of apps within the Good secure container, as well as support for smartcard-derived credentials for secure authentication to the Good container.

……

To read the full Press Release , Click Here: http://ift.tt/21mWcep

from cyber security caucus http://ift.tt/1R7uzv4
via IFTTT

RiskSense’s Fidel: Albuquerque could become a cybersecurity hub

Albuquerque cybersecurity company RiskSense Inc. made news this week, announcing an expansion to tech hub Sunnyvale, California. The firm is also hiring three new executives to its management team — all developments that support the emerging idea that Albuquerque could become a cybersecurity hub.

“When you have high-ranking universities, such as New Mexico Tech, spinning out founders of tech companies, and a state that gives entrepreneurs the resources and support they need to turn their ideas and research into a business, I think we have a very strong future for becoming a hub for tech,” Fidel said. “As for cybersecurity, I think RiskSense is helping blaze the trail for other cybersecurity companies in this state. We’ve recently brought on an executive management team that includes industry leaders from across the United States. Each executive has a vast network in the cybersecurity industry and this helps continue our path as a growing global company.”

Fidel agrees with other business leaders that the state needs to continue diversifying its economy to wean itself from extractive industries. For the full article click here 

from cyber security caucus http://ift.tt/20Zl3Q0
via IFTTT

US CNAP sets pace as Australian industry continues “holding breath” for overdue cybersecurity policy

Australia’s security industry is on tenterhooks waiting for the pending release of the government’s revised national cyber security policy, the release of which one expert believes will be crucial in initiating a new wave of security investment and skills development.

“We’ve been holding our breath for a long time” for the release of the policy, Nuix CEO Eddie Sheehy told CSO Australia. “A lot of work was done on it last year, but having the present PM’s grouping of ministers, and his own stamp on it, will be very important to actually getting tangible detailed actions” to improve the country’s cybersecurity posture.

Sheehy, who was one of several dozen Australian security experts who travelled to San Francisco this month as part of AusTrade’s Digital Technology Australia-United States Business Week, pointed to US President Obama’s recentCybersecurity National Action Plan – which backs rhetoric on cybersecurity with clear action points and funding commitments – as an example of the type of cybersecurity policy that Australia needs to embrace to deliver an effective, meaningful response to increasing threat levels. For the full article click here 

from cyber security caucus http://ift.tt/1OAbz6C
via IFTTT

Trustees notebook: Penn State addresses cybersecurity, renovations, room and board

HERSHEY

Penn State was the target of cyberattacks on the colleges of Engineering and the Liberal Arts, both of which were revealed in 2015. But what has happened since?

Provost Nick Jones gave an update on that to the board of trustees committee on audit and risk Thursday.

Changes to information technology have already begun even before the university has its new chief information officer, a search Jones said is ongoing, with about 15 candidates on deck.

“Are we able to compete in that?” asked trustee Ted Brown, noting that luring top talent in that area can be pricy.

“We will,” Jones said.

In the meantime, the interim leaders have transformed the department, making IT more of a partnership, according to Jones, and “less of a hammer.”

But not all the changes are in attitude. Some are more simple.

The target of much of the cyberintrusion was personally identifiable information, things like names, dates and Social Security numbers. The problem isn’t just protecting them. It can be having them in the first place. For the full article click here

from cyber security caucus http://ift.tt/21mozJI
via IFTTT

Huawei Spain and INCIBE sign a MoU for the Development of Cyber security

The FINANCIAL — Huawei Spain and the Spanish National Institute of Cyber security (INCIBE) have signed, within the framework of the Mobile World Congress, held these days in Barcelona, a Memorandum of Understanding (MoU) for collaboration in which both organizations are committed to promote cyber security in Spain. This is the first agreement in this regard, signed by the company in a European country.

The document has been signed by Tony Jin Yong, CEO of Huawei Spain, and Miguel Rego, General Manager of INCIBE, an organization within the Ministry of Industry, Energy and Tourism via the Secretary of State of Telecommunications and Information Society (SETSI).

Tony Jin Yong highlighted: “Huawei proactively advocates for the protection of cyber security. We are aware of the importance of ICT in the global economy and therefore remain fully committed to ensure their safety. Cyber security is a challenge that we must address in a coordinated and precisely for this reason we have formalized our commitment through this partnership”.

Miguel Rego has stressed the importance of developing cooperation lines between public and private level and at international level, so that together we can achieve a more cyber secure space and contribute to the development of society and the digital economy. For the full article click here 

from cyber security caucus http://ift.tt/1OAbxvj
via IFTTT

Sharing Cybersecurity Data

The Cybersecurity Information Sharing Act is necessary, but flawed.

A little over a year ago I discussed whether or not to share cybercrime attack data in the No Jitter post, Go It Alone or Share Attack Data. Since then the Senate passed the Cybersecurity Information Sharing Act (CISA), and President Obama signed it into law in December 2015. The bill has generated considerable attention, and of course, some of it is not favorable. Critics say it really helps the federal government spy more effectively and invade our privacy. Unified communications and collaboration systems are not immune to cybercrime.

What is CISA?

CISA is a U.S. federal law that states its goal is to “improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.” The Act supports and encourages sharing of Internet traffic information among the U.S. government and technology and manufacturing companies. For the full article click here 

from cyber security caucus http://ift.tt/20ZjtO5
via IFTTT

Cybersecurity works only half of the times, researchers say

Security firm Venafi says there isn’t a single cyber-security company in the world that can keep you safe, as all of them are trying to protect a system that’s fundamentally flawed and can be secure in roughly 50 per cent of the cases.

Basically, it says we need to re-think the internet.

But let’s not get ahead of ourselves here, let’s see what these people have to say:

The company did a global survey of 500 CIOs which found “overwhelming consensus” among IT executives that the foundation of cybersecurity is being left unprotected.

That foundation lies in cryptographic keys and digital certificates. For the full article click here 

from cyber security caucus http://ift.tt/20WZ10e
via IFTTT

Veterans can get free training for cybersecurity jobs

OMAHA, Neb. — Military veterans who are interested in cybersecurity jobs can receive free training in the field through a special program.

Omaha Internet security firm Solutionary is sponsoring an intensive six-week training program for veterans who qualify as long as they agree to work for the Omaha company for at least two years.

Arlin Halstead with Solutionary says the industry is having trouble finding enough qualified candidates for cybersecurity jobs, so Solutionary decided to offer this training. For the full article click here 

from cyber security caucus http://ift.tt/1SXdry7
via IFTTT

The White House makes cybersecurity its valentine

Officially, October is National Cybersecurity Awareness Cybersecurity Month, but it has become clear that February is the preferred month for the White House to unveil cybersecurity initiatives.

A year ago at this time, the White House convened a Cybersecurity Summit at Stanford University, with President Obama traveling out for a public workshop and meetings with tech executives. It was just before Valentine’s Day 2014 that the director of the National Institute of Standards and Technology (NIST) came to Brookings to unveil NIST’s Cybersecurity Framework, a roadmap for organizations to review their cybersecurity risk and map cybersecurity preparedness to a variety of global standards. One year before that, the administration cybersecurity leaders gathered at the Department of Commerce to announce the executive order that directed and empowered NIST to develop its framework. (And, while only partially related to cybersecurity, the White House announced its Consumer Privacy Bill of Rights in February 2012). For the full article click here 

from cyber security caucus http://ift.tt/1TAUBeR
via IFTTT

Cybersecurity: Boards still happy to pass the buck to the IT department

Cyber criminal threats are massively rising but businesses aren’t adequately prepared for — or in some cases even understanding — the risks they face, a new report by PwC has warned.

The multinational professional services firm has published its findings in its Global Economic Crime Survey 2016, which cites cyber crime as the fastest growing type of economic crime, with only asset misappropriation more common. A total of 32 percent of organisations revealed that they’ve been affected by cybercrime.

If that figure seems low, the report suggests that this is because respondents may not even know that their organisation has suffered a data breach or any other sort of attack by hackers. For the full article click here 

from cyber security caucus http://ift.tt/1TAUBeP
via IFTTT

Exclusive: Ex-GE Tech Chief Joins Unicorn Cybersecurity Startup

He will serve as the firm’s chief technology evangelist.

Larry Biagini, former vice president and chief technology officer at General Electric, has a new gig.

The recently retired GE GE -0.68% exec has joinedZscaler, a privately held San Jose, Calif.-based cybersecurity firm that was last valued at around $1 billion after a recent fundraising round. He has been named Zscaler’s chief technology evangelist, a role that primarily consists of engaging with the firm’s current and potential customers in order to facilitate sales. During Biagini’s 26-year tenure at GE, he helped the company transition to cloud infrastructure and adopted Zscaler’s technology to protect it from cyberattacks. In his new role, he has been tasked with sharing his firsthand experience with large organizations that are considering new cloud security options. For the full article click here 

from cyber security caucus http://ift.tt/1Ox8TGG
via IFTTT

Global Risk Advisors Announces Launch of GRA Quantum

New York, NY, February 23, 2016 — Global Risk Advisors is excited to announce the launch of GRA Quantum: The Evolution of Cybersecurity – our latest move to equip clients with unparalleled, comprehensive protection against emerging threats.

As even the largest, highest profile, and most well-resourced corporations and government agencies continue to fall prey to hackers , it has become clear to us that the plans and products currently on the market are not working. Something is lacking from the existing paradigm.

GRA Quantum has been created to fill this vacuum — to reimagine cybersecurity.

Among the core values of GRA Quantum is an understanding that true security requires more than just software updates and prefabricated “solutions.” GRA Quantum exemplifies the belief that partnership and close collaboration enable the creation and implementation of customized, comprehensive strategies to successfully handle all threat vectors. We believe that the work of GRA Quantum fulfills our mission to serve as a personal, trusted advisor to each of our clients.

As we launch this new venture, Global Risk Advisors remains an active firm committed to continuing our delivery of high quality risk advisory products. GRA Quantum will fully assume and build upon our existing information security services, as well as deepen our mutually collaborative relationships with Silicon Valley.

We look forward to engaging in a dialogue with members of your team about GRA Quantum, and to discussing what, together, we can do to ensure you are protected.

We hope you are just as excited about this endeavor as we are.

Come visit us at www.graquantum.com!

from cyber security caucus http://ift.tt/1LcEJxC
via IFTTT

Cyber security co ReSec Technologies raises $5m

Honeywell offers industrial cybersecurity solution

Honeywell Process Solutions (HPS) and Palo Alto Networks are collaborating to boost the cyber security capabilities of control systems used by industrial facilities and critical infrastructure.

Honeywell’s Industrial Cyber Security business is now offering the Palo Alto Networks Next-Generation Security Platform to industrial customers. The collaboration enables customers to better prevent cyberattacks against their Process Control Networks (PCN) and Operational Technology (OT) environments in order to protect their assets and maximize production uptime and safety.

The joint solution offers unrivalled process network traffic monitoring and advanced threat prevention across the automation environment. It combines Palo Alto Networks’ advanced and natively integrated security platform with Honeywell’s unique process control domain expertise to provide a cyber security solution tailored for industrial customers. For the full article click here 

from cyber security caucus http://ift.tt/1p3CRh5
via IFTTT

New Implementation Guidance for the US Cybersecurity Information Sharing Act

Signed into law on December 18, 2015, the Cybersecurity Information Sharing Act of 2015 (CISA) created new legal authorizations and protections for the sharing of cyber threat indicators and defensive measures between and within the private sector and the government (for more information, see our legal update, “Cybersecurity Information Sharing Act Signed Into US Law as Part of Omnibus Appropriations Legislation”).¹ CISA required various federal agencies to issue guidance, policies and procedures to support this information sharing. To that end, on February 16, 2016, the federal government released new implementation guidance to address:

• Private entities’ sharing of cyber threat indicators and defensive measures with the federal government;
• Privacy and civil liberties procedures within the federal government;
• Receipt of cyber threat indicators and defensive measures by the federal government; and
• Sharing of cyber threat indicators by the federal government.²

In this update we discuss each of these four areas, with particular attention to provisions relevant to private entities. For the full article click here 

from cyber security caucus http://ift.tt/1p3CTp9
via IFTTT

BlackBerry Launches New Professional Cybersecurity Services Practice to Expand Portfolio

WATERLOO, ONTARIO–(Marketwired – Feb. 24, 2016) – BlackBerry Limited (NASDAQ:BBRY)(TSX:BB), a global leader in secure mobile communications, today announced the launch of its new Professional Cybersecurity Services practice that will further expand BlackBerry’s security portfolio by offering organizations new consulting services, tools and best practices to assess and thwart ever-changing cybersecurity risks.

Cybersecurity is a persistent and increasing business risk for organizations that depend on mobile endpoints that connect through networked and cloud-enabled platforms. It is estimated that data breaches currently cost the global economy more than $400 billion every year.⁽¹⁾ Some industry sectors, such as automotive, are being forced to grapple with cybersecurity threats for the first time as cars become more connected, intelligent and self-sufficient. As cybersecurity threats become more pervasive with increasing Internet connectivity, there is a greater demand for more robust defensive tactics to combat these risks. BlackBerry’s Professional Cybersecurity Practice is intended to address that market demand.

Cybersecurity consulting is currently estimated to be a $16.5 billion annual global business that is forecast to grow to $23 billion per annum by 2019.⁽²⁾ As such, cybersecurity consulting represents a natural market opportunity for BlackBerry since it already securely manages hundreds of millions of mobile endpoints and provides critical systems software for more than 60 million connected cars. For the full article click here 

from cyber security caucus http://ift.tt/1WIleOm
via IFTTT

California lawmakers seek progress report on cybersecurity

SACRAMENTO, CALIF.

Lawmakers are pursuing a progress report on California’s cybersecurity following an unflattering risk assessment and Gov. Jerry Brown’s establishment of a task force in August.

Two Assembly committees will hear reports Wednesday from agencies implementing the Democratic governor’s 2015 executive order and various laws aimed at protecting California computer networks from attacks.

Members of the committees are expected to ask what improvements have been made and how to align strategies in multiple state agencies. For the full article click here 

from cyber security caucus http://ift.tt/1LFGZIJ
via IFTTT

Government Cybersecurity Chief Donna Seymour Resigns Before Hearing on Hack of Federal Workers

Donna K. Seymour, the head of cybersecurity for the government’s human resources, resigned on Monday, according to NBC News.

The news came two days before she was scheduled to appear before Congress to talk about last year’s hacks of federal personnel records.

Seymour, the chief information officer for the Office of Personnel Management, characterized her departure in a letter to colleagues as a retirement, saying, “It is in the agency’s best interest that my presence does not distract from the great work this team does every single day.” For the full article click here 

from cyber security caucus http://ift.tt/1WG3xio
via IFTTT

Cybersecurity syndicate Team8 raises $23 million

Though I don’t agree with the 51 percent of Americans who said Apple should comply with a court order to unlock the iPhone to grant the FBI access to a terrorist’s data, there can be no disagreement about this: the four-way data security seesaw between individuals, corporations, governments, and hackers isn’t going away anytime soon. That’s why it’s so timely that Team8, an Israel-based cybersecurity firm, has secured a $23 million strategic round of funding from a long list of big-name investors, including Accenture, Nokia, Mitsui, and Temasek as well as previously announced investors Cisco, Alcatel-Lucent, Bessemer Venture Partners, Marker LLC, and Innovation Endeavors (an early-stage venture capital firm co-founded by Google chairman Eric Schmidt).

“Cybersecurity is a global issue and collaboration is critical to maintaining an advantage over today’s highly innovative and motivated attackers,” said Nadav Zafrir, co-founder of Team8.

Zafrir formerly served as Commander of Israel’s Technology & Intelligence Unit 8200, and Team8’s other co-founders (Israel Grimberg and Liran Grinberg) also hailed from the Israeli Intelligence Corps unit. Unit 8200 has been likened to the National Security Agency in the U.S., as it focuses on intelligence gathering through the interception of communications between people and devices as well as code decryption.For the full article click here 

from cyber security caucus http://ift.tt/1WG3xii
via IFTTT

Security Vendors Launch New Coalition for Cybersecurity Policy and Law

A group of cyber security products and services providers has launched the Coalition for Cybersecurity Policy and Law, an organization that will focus on education and collaboration with policymakers on the increasingly complicated legislative and regulatory policies related to information security.

The founding members of the coalition include Arbor Networks, Cisco, Intel, Microsoft, Oracle, Rapid7 and Symantec.

“The members of this coalition are dedicated to building our nation’s public and private cyber security infrastructure, and their insight and engagement must play a vital role in the decisions being made by our government on cyber security policy,” Ari Schwartz, coordinator of the coalition and former White House special assistant to the President for cyber security, said in a statement.

“The range of digital threats we face has never been greater, including criminal syndicates and state-sponsored attacks, and this coalition will serve as the voice of the industry as we work with policymakers to develop the most effective responses to those threats,” Schwartz said. For the full article click here 

from cyber security caucus http://ift.tt/1p0jZ2q
via IFTTT

FDA Issues Draft Guidance Document for Postmarket Management of Cybersecurity in Medical Devices (Part 3 of 4)

Remediating and Reporting Cybersecurity Vulnerabilities

Manufacturers are required to determine if the residual risk of a cybersecurity vulnerability is “controlled” (acceptable) or “uncontrolled” (unacceptable). Following this initial determination of the seriousness of the risk to “essential clinical performance”, the FDA has recommended a variety of both remediation and reporting requirements. These requirements are logical and pragmatic, in that controlled risk obviously requires a different (lesser) level of response than an uncontrolled risk.

The level of response required is similar to that I experienced with a certain cantankerous 1980 Oldsmobile in my youth. For minor issues, such as random stalling at stop signs, all I needed was a quick hit of carb cleaner and a long shanked screwdriver to loosen the butterfly valve and be on my way. For major problems, I was going to need a either a tow truck or a fire extinguisher. Trust me, once the fire extinguisher made an appearance, there were definitely “reporting requirements” (at least as to my parents). For the full article click here 

from cyber security caucus http://ift.tt/1Uk9tyQ
via IFTTT

Leading Figures in Cybersecurity and Privacy Advocate for an End to the War Between Privacy and Security

Key Takeaways:

• Cybersecurity, government and privacy experts are banding together as part of The ‘Digital Equilibrium Project’ to foster a new, productive dialogue on balancing security and privacy in the connected world. The project aims to address the underlying issues fueling acrimonious debates like the contentious court order between Apple and the U.S. Government.
• The diverse group includes current and former leaders of some of the world’s largest cybersecurity firms and organizations, former officials in the NSA and national law enforcement, and leaders of some of the nation’s most influential privacy organizations. These individuals believe new thinking and collaboration is needed to avert potential catastrophes as the digital and physical worlds become more interdependent.
• The group will release its foundational paper ‘Balancing Security and Privacy in the Connected World’ on Tuesday, March 1^st at the RSA Conference – the world’s largest cybersecurity conference.
• This project and related paper, months in the making, seek to end the kinds of standoffs we are seeing between Apple and the U.S. Government, addressing the underlying lack of social norms and legal constructs for the digital world.
• They will convene a mid-year summit to craft a framework or ‘constitution’ for the digital world. The intent of this constitution is to help guide policy creation, broker compromise and serve as the foundation for decision making around cybersecurity issues. Senior executives from the Justice Department, Apple and other technology firms will be invited to participate.

Some of the nation’s most prominent thinkers and experts on cybersecurity and privacy are advocating for a new revolution in the Internet. But this time it’s not a technology revolution, but a social one.

The Digital Equilibrium Project is comprised of former senior government officials, cybersecurity business and industry leaders, and privacy professionals who share a concern that today’s polarized approaches to privacy and security are resulting in the erosion of both—in ways that jeopardize not only the progress of the digital world but the safety of the physical one as well. (Full list of organizing members below.) For the full article click here 

from cyber security caucus http://ift.tt/1LE29al
via IFTTT

Scientists develop digital ‘magic wand’ to improve health-care, cybersecurity

Scientists have developed a digital ‘magic wand’ that uses radio strength as a communication channel to improve home health-care and prevent hackers from stealing users’ personal data.

Researchers from Dartmouth College in US developed ‘Wanda,’ a small hardware device that has two antennas separated by one-half wavelength.

This makes it easy for people to add a new device to their home (or clinic) Wi-Fi network – they simply pull the wand from a USB port on the Wi-Fi access point, carry it close to the new device and point it at the device. For the full article click here 

from cyber security caucus http://ift.tt/1SMHWGZ
via IFTTT

Are HR Chiefs The Biggest Cyber Threat?

Chief human resource officers (CHROs) are not taking cyber threats seriously, and they are failing to train employees on how to deflect even the simplest hacks.

90% of all malware requires human interaction before it can infect its target (i.e. clicking on an email and opening a Word doc), according to Dell Secureworks, a security awareness training provider.

Hollywood Presbyterian Medical Center in Los Angeles, Calif. declared an internal emergency earlier this month when the hospital had its computer systems cyber attacked and held ransom by hackers, according to an NBC News report. The hospital was infected with the “Locky” virus. CMS Wire reported the hospital staff were unable to turn on their computers and radiation and oncology departments unable to use their equipment. If the hospital employees were trained up on Locky – then they would have known exactly what do when they saw the suspicious email and Word doc. For the full article click here 

from cyber security caucus http://ift.tt/1WDg1Hw
via IFTTT

Channel opportunity heightens as IBM claims clueless C-Suites struggle to understand cybercrime

Many leaders across the C-suite are confused about who the true cybersecurity adversary is and how to effectively combat them, opening the door for channel partners to influence, inform and educate.

The new IBM study of over 700 C-level executives across the world – Securing the C-Suite, Cybersecurity Perspectives from the Boardroom and C-Suite – claims CxOs from 28 countries, across 18 industries struggle to understand the rise of cybercrime, and its subsequent impact on the enterprise.

Excluding the CISO to get a true picture of what everyone else in C-Suite thinks about cybersecurity, the study found key executives need to be more engaged with CISOs beyond planning for security, and take more active role. For the full article click here 

from cyber security caucus http://ift.tt/1WDg3iL
via IFTTT

Emirati cyber-security experts needed to meet growing threat

ABU DHABI // More Emirati cyber-security experts are needed for the country to take full advantage of available technology, experts say.

“We don’t have enough experts in all of the areas we need them,” said Noura Al Suwaidi, manager at the National Electronic Security Authority.

Ms Al Suwaidi said that until that need was met, the UAE’s efforts to become a leader in technology leave it more exposed to a growing “threat landscape”.

“Adoption of the latest technological trends – like cloud computing, wearable devices, automating systems and processes – they bring risks,” she said.

“We don’t want to stop the adoption of technology. We want to make sure our cyber-security experts and critical sectors are taking a risk-based approach.”

Raytheon’s UAE leader Chris Davis said producing homegrown experts would not be easy.

“If the US, with 300 million people, is having a problem finding qualified individuals, what does that mean for the UAE and what decisions will that force them to make in the future?” Mr Davis asked. For the full article click here 

from cyber security caucus http://ift.tt/1Vz2uAF
via IFTTT

Cyber attacks cost Gulf states $1 billion annually

In 2014, the UAE saw a 400 per cent rise in targeted attacks, reaching nearly five per cent of the global total.

Cyber crimes have the upper hand over cyber security worldwide, simply because insufficient security data and not enough people with the know-how in the field.

In the Gulf Arab states, cyber attacks targeting key installations cost an estimated $1 billion annually, and these do not take into account losses from hacker group’s attacks such as the Desert Falcons that target businesses.

Over 100 cyber security experts gathered in Abu Dhabi on Sunday to talk about the latest challenges of cyber security, during the one day UAE Security Forum, organised by the global technology and cyber security company Raytheon and the Arab Gulf States Institute in Washington. “We don’t have enough human talent for cyber security, so we can’t rival our adversaries; we try to subsidise the lack of talent with big efforts in managing security services or centralising information, For the full article click here 

from cyber security caucus http://ift.tt/1Vz2uAB
via IFTTT

Be selective about what data you store and access from the cloud

Caution and awareness are important factors for mitigating security threats

BY THOMAS BOYDEN

Businesses are racing to expand their use of the cloud. The market for cloud services topped $100 billion in 2012 and is expected to surge to nearly $300 billion by 2020.

Cloud computing has numerous advantages. Companies can slash internal IT costs, and are looking to reduce data loss and service interruptions that accompany cyber attacks.

But caution is warranted.

Using the cloud means, in part, surrendering your organization’s data security. Even if your organization invests heavily in state-of-the-art cyber defenses and maintains an all-star staff of technology experts, none of that security transfers over to the data you send to the cloud. After an upload, your organization becomes wholly dependent upon the security protocols of outsiders.

….

To read full article , click here : http://ift.tt/215sZV8

from cyber security caucus http://ift.tt/1XEsFqQ
via IFTTT

Cybersecurity Failures Can Spark Enforcement, SEC Says

Law360, Washington (February 19, 2016, 6:29 PM ET) — A senior Securities and Exchange Commission enforcement official said Friday companies withholding information about data breaches could get hit with civil and criminal enforcement actions from the agency, noting it’s looking to crack down on companies that don’t come forward when they become aware of a breach.

Citing recent court cases against firms and criminal conspiracies, Stephanie Avakian, deputy director for the agency’s enforcement division, said as part of a panel at the Practicing Law Institute’s annual SEC Speaks event that the agency For the full article click here 

from cyber security caucus http://ift.tt/1WyfMO3
via IFTTT

‘WarGames’ and Cybersecurity’s Debt to a Hollywood Hack

The film — starring Matthew Broderick as a tech-whiz teenager who unwittingly hacks into the computer of the North American Aerospace Defense Command (NORAD) and nearly sets off World War III — opened nationwide that June 3. The next night, President Ronald Reagan watched it at Camp David. And that is where this strange story — culled from interviews with participants and Reagan Library documents — begins.

The following Wednesday, back in the White House, Reagan met with his national-security advisers and 16 members of Congress to discuss forthcoming nuclear arms talks with the Russians. But he still seemed focused on the movie.

At one point, he put down his index cards and asked if anyone else had seen it. No one had, so he described the plot in detail. Some of the lawmakers looked around the room with suppressed smiles or raised eyebrows. Three months earlier, Reagan had delivered his “Star Wars” speech, imploring scientists to build laser weapons that could shoot down Soviet missiles in outer space. The idea was widely dismissed as nutty. What was the old man up to now?

After finishing his synopsis, Reagan turned to Gen. John W. Vessey Jr., the chairman of the Joint Chiefs of Staff, and asked: “Could something like this really happen?” Could someone break into our most sensitive computers? General Vessey said he would look into it. For the full article click here 

from cyber security caucus http://ift.tt/1KxPZVv
via IFTTT

Q&A: McCain wants more troops in Syria, settle U.S. cybersecurity battle

Republican Sen. John McCain spoke with Cronkite News Friday about key issues facing the nation, from the choices to replace Supreme Court Justice Antonin Scalia to the challenges of national security.

The interview, which followed an hourlong discussion and questions from students at the Walter Cronkite School of Journalism and Mass Communication, has been edited for length and clarity.

Blake Benard: You’ve been focused on what is happening in Syria for a long time. With the escalating problems, what solutions do you see to helping put an end to the Syrian conflict?

McCain: The solution to start with is a no-fly zone, a safe zone where the refugees can be rather than having to flee and inundate Europe and even come to the United States. The second thing we need to do is take out ISIS. That means go to Raqqa, where their base is. And a multi-national military composed primarily of Sunni-Arab countries. Unites States contributing 10,000 of the 100,000 that would be required. And finally we have to get rid of Bashar Al-Assad because he’s the one that caused For the full article click here 

from cyber security caucus http://ift.tt/1WyfMgY
via IFTTT

LeadFerret Posts Directory of Contacts at Cybersecurity Companies

Today LeadFerret, the free B2B data site, announced the release of their latest specialty directory of contacts at cybersecurity companies. Each contact in this directory includes full information, including email addresses, telephone numbers, and social media links where applicable, and they all work for cybersecurity Companies.

Woodland Hills, Ca (PRWEB) February 19, 2016

Cybersecurity is quickly becoming a massive industry, and is an excellent example of necessity being the mother of all invention. Cybersecurity has become such a large industry because it has become so essentially necessary, because of the enormous impact a breach in cybersecurity can have on countries, companies, and individuals. The necessity for cybersecurity is not typically a difficult case to argue, but in case there are any skeptics out there, they need not look much farther than the FBI’s list of most wanted cyber criminals For the full article click here 

from cyber security caucus http://ift.tt/1oRR94b
via IFTTT

A frustrated Warner says he’ll push for new vet center

Sen. Mark R. Warner said Friday he would continue to push for a new veterans health-care center in south Hampton Roads, clearly frustrated at a lack of progress.

The center, meant to ease patient workload at the Hampton VA Medical Center, is listed in the proposed budget for the Department of Veterans Affairs. However, congressional authorization is needed before the project can begin.

That was news to Warner during the budget rollout earlier this month.

“Every presentation I’ve sat through, there was always, ‘This is how we’re going to deal with our expanding population.’ It was never, ‘This is how we’re going to deal with our expanding population — if you do this,’ ” he said.  For the full article click here 

from cyber security caucus http://ift.tt/1RTQElI
via IFTTT

Microsoft, Others Form Group To Shape Cybersecurity Policy

aw360, New York (February 18, 2016, 9:32 PM ET) — Microsoft, Oracle and five other leading providers of security products and services launched a coalition Thursday that is headed by a Venable LLP managing director and is intended to educate and influence a wide range of lawmakers and regulators on emerging cybersecurity and privacy issues.

According to its founding members, the Coalition for Cybersecurity Policy and Law is planning to speak on behalf of the cybersecurity industry with Congress, federal agencies, international standards bodies, industry self-regulatory programs and in other relevant policymaking venues on “critical policy…  For the full article click here 

from cyber security caucus http://ift.tt/1SWsx7i
via IFTTT

Cybersecurity whistleblowers: Get ready for more

It is not a comfortable topic – virtually all cases involving a cybersecurity whistleblower have ended with a confidential settlement. But experts, and lawyers, say that in an increasingly connected world, those cases are bound to increase 

It is not a public problem yet. But according to multiple experts, it will be.

The password protection policy of a large financial services institution with more than 5,000 employees.

“It” is the cybersecurity whistleblower – an employee who sees a flaw, or flaws, in his or her company’s network security, brings the problem to management but gets ignored or punished – marginalized, harassed, demoted or even fired.

And then the worker either goes public or files a complaint with a federal regulatory agency like the Securities and Exchange Commission (SEC). For the full article click here 

from cyber security caucus http://ift.tt/1QOgnqO
via IFTTT

Fidelis Cybersecurity Highlights at RSA Security Conference 2016

WALTHAM, Mass.–(BUSINESS WIRE)–Fidelis Cybersecurity, the leading provider of products and services for detecting and stopping advanced cyberattacks, invites media and security professionals to engage with Fidelis experts at RSA 2016.During the conference, Fidelis experts will be participating in panel discussions, booth presentations and solution demos geared toward security leaders, CISOs and security operations professionals.

Media, analysts and RSA attendees will discover how Fidelis’ advanced threat defense solutions identify and remove attackers no matter where they hide on your network and endpoints. Learn how Fidelis solutions and incident response services reduce the time it takes to detect and resolve incidents, prevent data theft and stop attackers at every stage in the attack lifecycle. For the full article click here 

from cyber security caucus http://ift.tt/1VserrE
via IFTTT

A look at Obama’s cybersecurity budget proposal

President Barack Obama announced Tuesday significant actions on cybersecurity. The president’sFY17 budget proposal includes more than $19 billion in overall Federal resources for cybersecurity—a $5 billion increase from the previous year. This funding will support a Cybersecurity National Action Plan, which takes near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.

Of that budget, only one-third of 1 percent—$62 million—is earmarked to attract and retain skilled cybersecurity professionals. For the full article click here 

from cyber security caucus http://ift.tt/2132u2F
via IFTTT

HOW IS CISA REALLY GOING TO AFFECT CYBERSECURITY?

Desperate times call for desperate measures, and it was only a matter of time before the U.S. government came up with a new federal law concerning cybersecurity, since the last one, the Cyber Intelligence Sharing and Protection Act, was defeated in the Senate in 2013. Last year was “the year of the breach”, which resulted in many cyber-attacks leading to the passing of a new federal law – the Cybersecurity Information and Sharing Act.

This law is said to greatly improve cybersecurity in the United States, but it actually faces a lot of opponents due to its vagueness. It is definitely going to affect cybersecurity, but in what way? Read on to find out what this bill represents and how it actually affects cybersecurity in the U.S. For the full article click here 

from cyber security caucus http://ift.tt/2132u2B
via IFTTT

Cybersecurity weaknesses threaten to make smart cities more costly and dangerous than their analog predecessors.

The Internet of Things (IoT) is already deeply embedded in cities, making them smarter and providing public officials with data and resources to make them more efficient and cost-effective. As the IoT continues to grow and its innovations improve city life and management, it’s key for public officials to actively work on addressing the real security concerns that come with network connections while the IoT is in its infancy. The costs of ignoring the security risks posed by networked objects are high: fraud can remove efficiency gains and unguarded IoT technologies leave cities vulnerable to costly and/or dangerous digital attacks.

Broadly speaking, the Internet of Things is a network of interconnected physical objects that allows these items to collect and share data. In addition to city-level integration, these networked devices are being used in private homes, for instance Google’s Nest thermostat uses sensors, weather forecasts, and your preferences to adjust your home’s temperature to keep you comfortable and reduce your energy usage. Comparable to the way IoT technologies are improving city life, personal use of these networked devices can help cut costs and streamline your life. However, these personal benefits pale in comparison to the possible improvements that IoT devices can have, and have already had in cities. Smart grid technologycan save cities millions, sensor networks can monitor noise and air quality, which allow police to respond to gun fire before it is reported and city officials to focus on re-routing traffic and other solutions in heavily polluted areas, while public transit, parking and waste collection can all be made more efficient through smart technology. For the full article click here 

from cyber security caucus http://ift.tt/1mJQFLU
via IFTTT

White House Picks Two To Lead Cybersecurity Group

Israeli cyber security firm Siemplify raises $4 million

Israeli cybersecurity firm Siemplify said on Thursday it has raised $4 million as it launched its platform that reduces the time between cyber attack identification and resolution.

The company, whose investors include 83North Venture Capital, said it uses real-time graph analysis and methodologies gained from military intelligence.

 

It noted that pilots are underway at a number of Fortune 50 financial services companies, while early adopters of the technology include Israel’s largest banks and telecom and pharmaceutical companies. For the full article click here 

from cyber security caucus http://ift.tt/1mJQFLJ
via IFTTT

The Pendulum of Cybersecurity : Network Security vs. Data Security

On October 6, 2015 the European Court of Justice ruled to invalidate a long standing agreement regarding the transfer of Europeans’ online information. This Safe Harbor agreement had been in place since 2000, and was critical to an awe-inspiring growth of the trans-Atlantic digital economy.

There were many reasons this decision was inevitable. But the one most compelling to US consumers and most crucial to US companies is the cultural one.In Europe, privacy is seen a fundamental right like freedom of expression. While in the US privacy is more of a consumer protection issue. That difference is colossal.

The hard truth is, here in the US, we don’t treat data well. Our companies don’t recognize data sovereignty or strive to understand it’s corporate footprint. They don’t often treat data as if it’s worth the costs of additional safekeeping beyond whatever standards are imposed by regulatory guidelines like HIPPA or PCI-DSS.

To read full article click here : http://ift.tt/20ZZTqd

from cyber security caucus http://ift.tt/1QJYlG7
via IFTTT

HPE Cyber Risk Report 2016: Old problems and known issues still rampant

StephanieWisdom ‎ 

Today, the HPE Cyber Risk Report 2016 was released—detailing a threat landscape that, unfortunately, is still rampant with old problems and known issues. The annual report, published by HPE Security Research, offers in-depth industry data and analysis on the most pressing security issues, providing business leaders and security professionals with actionable intelligence to better protect their digital enterprises and drive fearless innovation.

This year’s Cyber Risk Report examines the 2015 threat landscape, providing actionable intelligence around key areas of risk, including:

• Application vulnerabilities
• Security patching and the
• Growing monetization of malware

The report also highlights important industry issues such as new security research regulations, the “collateral damage” from high profile data breaches, shifting political agendas, and the ongoing debate over privacy and security.

Within the report, HPE discusses 7 key findings:

1. 2015 was the year of collateral damage
2. Overarching regulations push research underground
3. Vendors are moving from point fixes to broad impact solutions
4. Political pressures attempt to decouple privacy and security efforts
5. The industry learned nothing about patching in 2015
6. Attackers have shifted their efforts to directly attack applications
7. The monetization of malware is the new focus of attackers

To further understand these key findings, better understand the threat landscape, and to best deploy your resources to minimize security risk, read the 2016 Cyber Risk Report.

For more , Click here : http://ift.tt/1PFWLHq

from cyber security caucus http://ift.tt/1U8aUQN
via IFTTT

C-Suite needs to recognise threat of organised cyber crime says IBM

News: Rift between CIOs and their C-Level colleagues on combatting cyber crime exposed.

IBM Security has just released a new study, which reveals that the C-Suite are not aligned on how to combat cyber criminals. While77% of Chief Risk Officers (CRO’s), and 76% of CIOs/CTOS report that their firm’s cyber security strategy is well established, just 55% of CFOs and 51% of CEOs report the same.

The report, “Securing the C-Suite, Cybersecurity Perspectives from the Boardroom and C-Suite,” also found that while 50% of CEOs agreed that collaboration is necessary to combat cyber crime, just one third of them were willing to share their organisations’ cyber security incident information externally, with 68% reluctant to share such information externally.

This is in direct contrast to the growing collaborative ability of cyber criminals operating and sharing information on the dark web. For the full article click here 

from cyber security caucus http://ift.tt/1oJH6OG
via IFTTT

Increased Spending in Cybersecurity Drives Surge in Funding

As funding from venture capitalists tapered off in the fourth quarter of 2015, investment in the cybersecurity sector continued to boom.

Venture capitalists invested $675.43 million in the fourth quarter of 2015, up from $522.41 million in the same quarter a year before, according to data from Dow JonesVentureSource. Total annual venture capital funding in cybersecurity increased 76 %, to $3.34 billion, in 2015 For the full article click here 

from cyber security caucus http://ift.tt/1oJH8Gd
via IFTTT

Japan operator taps Nominum for cybersecurity platform

DNS software services provider Nominum has announced that a Japanese operator is providing consumer protection against online cyberthreats using the Nominum N2 ThreatAvert platform. The operator plans to reduce the risk of cybercriminals exploiting the personal and financial information of its subscribers.

Nominum data scientists process 100 billion DNS transactions per day to discover and validate emerging cyberthreats. The N2 ThreatAvert platform is designed to preemptively help stop cybercriminals in their tracks so that provider networks and the homes they serve are protected.

On September 4, 2015, the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) in Japan released a cabinet decision on cybersecurity strategy. This strategy is designed to “ensure a free, fair, and secure cyberspace; and subsequently contribute to improving socio-economic vitality and sustainable development, building a society where the people can live safe and secure lives, and ensuring peace and stability of the international community and national security”. For the full article click here 

from cyber security caucus http://ift.tt/1oJH6Oz
via IFTTT

Hackers’ Ransom Attack On California Hospital More Proof Healthcare Cybersecurity Is Floundering

Who would have thought that, for healthcare professionals, performing surgery, working long hours and navigating the dense world of U.S. health law would be easier than protecting hospital computer networks? That, however, appears to be the case after yet another hospital was victimized in a cyberattack. It’s just the latest example of a U.S. medical provider on the wrong end of a digital assault made possible by a lack of security measures.

Doctors at Hollywood Presbyterian Medical Center, in southern California, have been suffering serious computer issues for at least a week, the CEO announced Sunday. Doctors have been unable to digitally access patients’ medical records, staff has been communicating via fax machines and patients have reported long delays in receiving care. It’s all the result of a cyberattack carried out by unknown hackers who are demanding 9,000 bitcoins (roughly $3.4 million) to restore the system to normal. For the full article click here 

from cyber security caucus http://ift.tt/218AkzV
via IFTTT

Raytheon joins international partnership on cybersecurity

DULLES, Va., Feb. 17, 2016 /PRNewswire/ — Raytheon (NYSE: RTN) will conduct a week of cybersecurity events in the United Arab Emirates as it partners with government leaders to help build the nation’s cyber defense expertise.

“As a global leader in cybersecurity with more than three decades of experience, I believe we have the responsibility to help address this international security challenge,” said Dave Wajsgras, president of Raytheon Intelligence, Information and Services. “Our partnership in the United Arab Emirates joins our larger effort to further aid allies of the United States to secure their cyber space by developing the next generation of cybersecurity experts and leaders.”

Cybersecurity experts from government, academia and industry will gather for the Raytheon-sponsored UAE Security Forum on Feb. 21 in Abu Dhabi. The forum, hosted by the Arab Gulf States Institute in Washington, will drive dialogue on building cyber expertise in the UAE.

Former U.S. Ambassador to the UAE Marcelle M. Wahba, president of the Arab Gulf States Institute in Washington, said one of her organization’s key strategies is “to bring together policymakers and experts from the United States and our Gulf partners to foster understanding and solutions to a myriad of complex problems and challenges.” For the full article click here 

from cyber security caucus http://ift.tt/1QlAQm2
via IFTTT

Manufacturers Unsure About Cybersecurity Protections and IoT R&D Credit Opportunities — MPI/BDO Stu

CHICAGO–(Business Wire)–While roughly two-thirds of manufacturers believe that the Internet of Things (IoT) will increase their profitability, they are lagging in two critical areas to maximize their IoT opportunities: cybersecurity and research and development (R&D) credits.

Exclusive findings from the MPI Internet of Things Study, sponsored by BDO, uncovered:

• Nearly half of manufacturers (49 percent) are unsure or not confident in their ability to prevent a cybersecurity breach at their company.
• A vast majority of manufacturers (84 percent) are not planning to take advantage of tax credits and incentives, like the R&D tax credit, available for IoT investments.

“Manufacturers agree that IoT is a groundbreaking opportunity for advancement in the manufacturing industry,” said Rick Schreiber, partner and national leader of BDO’s Manufacturing & Distribution Practice. “But they have some catching up to do in order to fully capitalize on IoT’s potential. Shoring up security in the wake of newly connected systems and products and taking advantage of the newly permanent R&D credit are critical steps.” For the full article click here 

from cyber security caucus http://ift.tt/1Oe8Cby
via IFTTT

ICIT Analysis: FDA Guidance on Medical Device Cyber Security

This Institute for Critical Infrastructure Technology blog post, entitled “Assessing the FDA’s Cybersecurity Guidelines for Medical Device Manufacturers: Why Subtle “Suggestions” May Not Be Enough” is an analysis of the recent Food and Drug Administration (FDA) “Draft Guidance for Industry and Food and Drug Administration Staff.” The guidance advises medical device manufacturers to address cybersecurity “throughout a product’s lifecycle” and is the latest action by the FDA which underscores its position that medical device cyber security is a priority for the health sector.  However, despite the implied sense of urgency, the FDA has chosen not to implement enforceable regulations over medical device manufacturers.  This examination of the FDA’s ‘suggestions’ provides a concise summary of the draft guidance as well as recommendations for the healthcare community.

Click Here to download the blog post.

 

For more , Click here : http://ift.tt/1mFuJBs

from cyber security caucus http://ift.tt/1Oejzdg
via IFTTT

ViaSat Helps Validate NREL’s Cybersecurity Framework for Distributed Energy Grids

CARLSBAD, Calif., Feb. 16, 2016 /PRNewswire/ — ViaSat Inc. (Nasdaq: VSAT), a global broadband services and technology company, has successfully completed vulnerability assessment, penetration testing and secure network implementation for the U.S. Department of Energy’s National Renewable Energy Laboratory (NREL) distribution grid management (DGM) system test bed that is being used to develop an end-to-end empirically validated cybersecurity architecture for smart grid applications.

NREL performs research in different types of renewable energy and other Distributed Energy Resources (DER) to learn how these energy resources can be reliably and securely integrated to the electric grid at the transmission, distribution and end-use levels. With support from ViaSat and a select group of partners, NREL set out to develop an end-to-end cybersecurity architecture for a distribution system with DER.

To accomplish this, NREL created an end-to-end DGM system test bed capable of emulating a variety of power systems, use cases involving core distribution system assets and DER assets. ViaSat thoroughly tested, assessed and helped improve the cybersecurity of the DGM system through stringent penetration tests, which initially exposed a critical operational technology vulnerability that could be used to disrupt power delivery in a real-world scenario. Prior to a second penetration test, ViaSat assisted NREL by hardening the test bed. These improvements increased the overall security posture of the DGM 2.0 network, which proved capable of withstanding multiple exploits through successive layers of security, keeping the critical energy control system assets protected. For the full article click here 

from cyber security caucus http://ift.tt/1Oe8zwp
via IFTTT

EU managers need to up cyber security collaboration, study finds

There is still much work to be done in the area of collaboration and sharing responsibility when it comes to preventing data breaches, a study has found 

The lack of collaboration on cyber security between the senior levels of business is leaving UK firms exposed to fines and reputational damage, a study has revealed.

One in 10 C-level respondents to a survey by Palo Alto Networkssaid they “kind of” understand what defines an online security risk, but admitted they “still have to use Google to help explain it”. For the full article click here 

from cyber security caucus http://ift.tt/1omJQl1
via IFTTT

Mandated encryption backdoors? Such a bad idea, says cybersecurity agency

European cybersecurity agency ENISA has come down firmly against backdoors and encryption restrictions, arguing they only help criminals and terrorists while harming industry and society.

In a newly-released report, ENISA warns against policies that limit the use of cryptography to algorithms with backdoors for law enforcement, and regulations that restrict the key size, so only a powerful attacker, such as a nation state, can break the scheme.

The EU agency said in the 1990s, when the US restricted the export of strong encryption, law makers assumed these capabilities could be used exclusively for a legitimate cause.

“Nowadays computing power as a service is a fact, thus this assumption does not hold anymore.” ENISA notes. For the full article click here 

from cyber security caucus http://ift.tt/1Oe8CbF
via IFTTT

Who Gets Called In When a Company Is Hacked?

After nearly every large-scale corporate cyber attack that occurred in the past few years — like the huge breaches that struck Target and Community Health — cybersecurity specialistFireEye (NASDAQ:FEYE) was the company called in to investigate and sort through the wreckage.

In this clip of Industry Focus: Healthcare, Kristine Harjes and Dylan Lewis discuss how the company keeps its clients’ data secure in the wake of an attack, the preemptive measures it uses and how effective they are, implications for the healthcare industry, and what FireEye does to distinguish itself in its market.

A full transcript follows the video.

You missed your chance once, DON’T miss another homerun
196%… that’s how well their average stock pick has done since 2003. If that doesn’t blow your mind, that’s triple the stock market’s returns over the past 13 years. Tom Gardner, CEO of the Motley Fool, and his brother David (who runs what Hulbert Financial called the best performing growth-stock newsletter in the world from 2008 to 2013), Stock Advisor has crushed the market. And this Friday, they’re finally ready to reveal their next big picks to all subscribers. For the full article click here 

from cyber security caucus http://ift.tt/1KU673q
via IFTTT

UNSW wants to become ‘mini-city’ IoT testbed

Sets up cyber security IoT research hub.

UNSW plans to deploy a network of sensors across its main Kensington campus to help manage campus operations and enable new modes of learning.

Dean of Engineering Mark Hoffman said the university’s main Sydney campus was effectively “a mini city” – hosting most of its approximately 50,000 students and 12,000 staff – and was therefore a good candidate for a testbed of smart city and internet of things infrastructure.

UNSW will partner with Cisco, Data 61 and others to realise its “smart city” vision. For the full article click here 

from cyber security caucus http://ift.tt/1WmBNz7
via IFTTT

Biometrics and financial services, smart guns, cybersecurity and facial recognition trending this week

February 14, 2016 –

Here is a recap of the most popular biometrics industry news that appeared on BiometricUpdate.com this past week.

Financial

A new report by Juniper Research titled “Top 10 disruptive technologies in fintech: 2016” discusses technologies that will do the most to transform e-commerce this year and topping the list are biometrics, federated identity and tokenisation. The report highlights the use of biometric authentication in both Apple Pay and Samsung Pay and the proliferation of fingerprint readers in smartphones as making the biggest difference to ‘payment completion’ today.

New research from MasterCard shows New Zealanders are embracing digital payments with 49% expecting mobile devices, biometrics and wearables to replace cash in ten years’ time. “New Zealanders are early adopters of technology and are increasingly seeking fast, convenient and secure ways to pay,” says Peter Chisnall, MasterCard New Zealand country manager. For the full article click here 

from cyber security caucus http://ift.tt/1WmBNiL
via IFTTT

DEFEATING APTS: How can agencies change the game?

Advanced Persistent Threats (APTs) represent a unique threat to government data and are increasingly formidable and ferocious. According to MeriTalk, only one in five Federal IT professionals rate their agency’s cybersecurity solutions as sufficient and sustainable. And with 54% saying their network complexity has increased in the past year and even more anticipating network complexity will continue to increase, agencies can no longer depend on virus scanning software.

 

With so many agencies struggling, governments are clamoring for new solutions; an effective approach requires multiple layers of protection. It requires new ways of assessing the problem and understanding the up-front cost of data security always pales in comparison to the cost of remediation and other damage to an under-protected agency.  For the full article click here 

from cyber security caucus http://ift.tt/1WmBJQ4
via IFTTT

Bringing Innovation into Cyberdefense Technologies

When I spoke on the need for cybersecurity innovation at the January ITEXPO conference in Fort Lauderdale, Fla., I sensed something interesting about my cybersecurity colleagues: They don’t seem to care about innovation; they care about having a job in cybersecurity.

Unfortunately, this is a normal reaction, and has plagued both government and industry, leading to inferior cybersecurity products and deployments that may never catch up with the hacker — unless we change our thinking.

The difference between a hacker and cybersecurity companies is that a hack has no brand, no national loyalty, no secure employment. Hackers immediately use or develop for their purposes the best hacking technology out there. It is this same innovative thinking we must use in approaching our cyber defense technologies. For the full article click here 

from cyber security caucus http://ift.tt/1REWerP
via IFTTT

American Bureau of Shipping Publishes Cybersecurity Guidance

It is the first volume in the ABS CyberSafety™ series, which covers best practices in four key areas: cybersecurity, automated systems safety, data management and software assurance.

The American Bureau of Shipping has published Guidance Notes on the Application of Cybersecurity Principles to Marine and Offshore Operations, the first volume in the ABS CyberSafety™ series. It provides best practices for cybersecurity as a fundamental element of overall safety and security for the marine and offshore industries, according to ABS.

The series covers best practices in four key areas: cybersecurity, automated systems safety, data management and software assurance. For the full article click here 

from cyber security caucus http://ift.tt/1mCfiKd
via IFTTT

Cybersecurity Symposium Covers Law and Policy

Expanding its educational outreach, the University of Maryland Center for Health and Homeland Security(CHHS) held a comprehensive symposium this month entitled “The Law and Policy of Cybersecurity.” The event, co-sponsored by the University of Maryland Francis King Carey School of Law (Maryland Carey Law), was held at the Universities at Shady Grove in Rockville, Md.

Aimed at legal and cyber professionals in the Baltimore and D.C. region who were interested in expanding their knowledge of critical issues, challenges, and legal developments surrounding cybersecurity, the one day Symposium was a first for CHHS.  Under the direction of Founder Michael Greenberger, JD, CHHS has developed academic coursework in cybersecurity at Maryland Carey Law while also providing cyber policy development for private sector clients. The Center is also often called upon by legislative bodies and the media to discuss complex cybersecurity issues.

Welcoming the nearly 100 participants, Maryland Carey Law Dean Donald Tobin, JD, pointed out that “Cybersecurity is not just for cyber engineers or software developers. It’s a vital new field with important legal and policy dimensions.” Tobin also shared educational opportunities at the law school with the audience, including recently launched Master of Science in Law and LL.M. programs with specializations in cybersecurity. University System of Maryland students who are interested in cybersecurity careers were among the attendees. For the full article click here 

from cyber security caucus http://ift.tt/20tJZyI
via IFTTT

Obama’s $19B cybersecurity plan takes aim at cybercrime, underscores skills gap

President Obama’s new national cybersecurity plan will beef up cyberdefense, but does it do enough to close the cyber-skills gap? Also in Searchlight: The Obama family’s Wi-Fi is patchy; Twitter posts lackluster earnings. 

After a string of high-profile cyberattacks on private-sector companies such as Sony and Target and the highest tiers of the U.S. government, President Obama, in the last year of his presidency, is making a bold statement about the escalation of cyber-threats: a $19 billion cybersecurity plan that includes the appointment of a federal chief information security officer.

Security experts are lauding theCybersecurity National Action Plan(CNAP), the highlight of Obama’s budget proposal for the 2017 fiscal year, as a step in the right direction.

“It demonstrates the urgent need for nationwide support and coordination at the highest levels on cybersecurity issues,” Shuman Ghosemajumder, vice president of product at Shape Security, told me in a message. For the full article click here 

from cyber security caucus http://ift.tt/1QdhgyK
via IFTTT

Study: IT staff pressured to buy useless cybersecurity products

A new study found that IT managers feel pressured to purchase new cybersecurity products even if they don’t have the skills to implement the technology properly. 

A new study looking at the various pressures on IT security professionals has found that many are on the rise, especially those related to dealing with the board and with having enough skilled employees.

The 2016 Security Pressures Report is the third commissioned by security and compliance vendor Trustwave Inc. Steve Kelly, Trustwave chief marketing officer, told SearchSecurity that seeing the data year-over-year helps to quantify the changes, which is important because “pressure in a lot of cases can be relative. It could be relative to the person answering the survey; it could be relative to the business you’re in.”

The top three items on the 2016 wish list of respondents in the survey were additional budget (33%), more security expertise/skilled employees (20%), and fewer complex technologies (15%). For the full article click here 

from cyber security caucus http://ift.tt/20tK1qg
via IFTTT

Energy Industry Cyber Security Executive Briefing

CALGARY, Alta. — On January 15, JuneWarren-Nickle’s Energy Group and General Electric hosted a workshop exploring the challenges of cyber security in the energy industry. The event brought together three security experts to discuss challenges and implications of cyber security in the energy industry.

Afterward, attendees gathered for an Inspired Conversation, where they were engaged in dialogue to advance the thinking on these key challenges and potential solutions. For the full article click here 

from cyber security caucus http://ift.tt/1my1ocb
via IFTTT

Cybersecurity: 2015’s top legal developments and what they mean for key sectors

At the US federal level, 2015 ushered in significant new laws, regulations, and guidance on cybersecurity as lawmakers, regulators, and businesses continued their efforts to combat cybercrime − one of the most significant drains on the US economy and a source of potentially grave threats from nation states.

This alert provides a synopsis of these important developments.

CYBERSECURITY INFORMATION SHARING LEGISLATION

On December 18, President Barack Obama signed into law the omnibus appropriations and tax bill that included the Cybersecurity Act of 2015, the informally conferenced version of the cybersecurity information sharing bills passed by both the House and Senate earlier this year.¹  The Cybersecurity Act provides a paradigm for the sharing of information on cybersecurity threats and defensive measures among private sector entities and between the private sector and the government.  It also provides liability protection to private sector entities for sharing cybersecurity threat information and defensive measures with the government and other private sector entities.  Finally, it provides antitrust protection when information is shared only between private entities. For the full article click here 

from cyber security caucus http://ift.tt/1my1oc9
via IFTTT

Insider Threat Webinar : ICIT Fellow Brian Contos (Securonix)

Join featured speaker Brian Contos, ICIT Fellow & Securonix Vice President and Chief Security Strategist, for this provocative analysis of insider threats with real-life use cases. Brian is the author of a well-known book on insider threats, Enemy at the Water Cooler. He also co-authored a book on physical and logical security convergence with former NSA Deputy Director William Crowell. Brian is a frequent speaker at industry events and is often featured in media outlets such as CNBC, NPR, Fox, and Forbes. Following the briefing, David Swift, Principal Architect and security industry expert, will discuss how Securonix can help prevent such breaches in any organization.

 

For More : http://ift.tt/1TXdNEf

from cyber security caucus http://ift.tt/1QwMMSv
via IFTTT

Here’s What $19B Will Buy the U.S. Government in Cybersecurity Measures

Answers by Ed Felten, Deputy U.S. Chief Technology Officer, on Quora.

How will $19 billion be spent on the new cybersecurty program?

The $19 billion for cybersecurity in the President’s budget represents a 35% increase over the prior year’s enacted spending. The biggest piece of the increase is a new $3.1 billion Information Technology Modernization Fund, which is a down payment on the comprehensive overhaul of Federal IT systems that must be undertaken in the coming years. It’s a revolving fund that will enable agencies to invest money up front and realize the return over time by retiring, replacing, modernizing antiquated IT infrastructure, systems, and networks that are expansive to maintain, provide poor functionality, and are difficult to secure. For the full article click here 

from cyber security caucus http://ift.tt/1KK0IvH
via IFTTT