Lumeta appoints Duncan Fisken as Vice President EMEA

Lumeta Corporation, the leader in network situational awareness, today announced the appointment of Duncan Fisken to head up their EMEA operations, manage the expanding number of channel partners, roll out the new Lumeta channel partner program, and bring ecosystem solutions (Lumeta integrated with Carbon Black, Cisco, Gigamon, HP ArcSight, Infoblox, McAfee, Verisign iDefense, etc.) to the channel.

Duncan Fisken joins the Lumeta team with considerable management experience in the enterprise software and networking industries, with both manufacturers and channel partners, including private and publicly listed companies. Fisken has focused on technologies within enterprise wireless mobility, networking and security, with particular reference to secure mobility, and has assisted many companies, such as Xirrus, RedSeal, Fluke Networks, Aruba Networks and CA, in growing their European channel and revenue. He also served as the security sector specialist advisor for UK Trade and Investment and was a founding director of the SEEDA-supported Security Innovation Technology Consortium. Fisken also held senior roles with a succession of IT and IT security-focused businesses in Asia, including Racal Datacom, Datacraft Asia and Netegrity.

“With Duncan expanding our EMEA team and heading up our operations, we are now well placed to capitalize on the growth in both revenue and channel partners we have seen over the past three years – a substantial increase in our client base including Government agencies and enterprise organizations in Energy, Oil & Gas, Banking & Financial Services and other key vertical markets,” said Pat Donnellan, CEO, Lumeta Corporation. For the full article click here 

from cyber security caucus http://ift.tt/2e4vlN4
via IFTTT

FCC Holds Off on Security Mandates for Internet of Things

Don’t expect the Federal Communications Commission to rush into issuing network security rules anytime soon, even in the face of a congressional inquiry seeking the agency’s response to the massive Oct. 21 distributed denial of service attack.

At issue is whether the FCC’s Open Internet rules restrict internet service providers’ ability to block insecure Internet of Things (IoT) devices from their networks and whether the commission should mandate greater safeguards.

But the commissioners generally believe the Open Internet order already gives ISPs sufficient leeway to protect their networks from vulnerable internet-connected devices without additional regulations or standards. And, according to FCC officials, there isn’t much of an appetite to issue any new mandates now.

There are also questions as to whether cybersecurity is even in the commission’s purview.

Sen. Mark Warner (D-Va.) sent a letter to FCC Chairman Tom Wheeler on Oct. 25, several days after a hijacked network of IoT devices took large swaths of the United States internet offline. Warner asked detailed questions about the commission’s role in empowering both ISPs and consumers with the means to prevent similar attacks in the future. For the full article click here 

from cyber security caucus http://ift.tt/2e4snbz
via IFTTT

Take steps towards cyber security, protect customer’s data

Think of all the places your personal information is stored. Not just physically at home, but in online accounts, at the businesses you work with, with your employer, your doctor and so on.

Knowing that data breaches have become all too common, we have to hope these places are protecting our personal information. That’s why cybersecurity must be everyone’s job. Whether you’re an owner, manager or staff member, you are a crucial part of protecting information.

We know criminals want to attack big businesses, but small businesses are not immune. Bad guys target smaller organizations because they expect there to be fewer resources and defenses safeguarding data.

Research by the National Cyber Security Alliance and Symantec on small businesses has shown that two thirds say their businesses depend on the internet for day-to-day operations. Sixty-nine percent say they handle sensitive information, including customer data; 49 percent have financial records and reports; 23 percent have their own intellectual property; and 18 percent handle intellectual property belonging to others. For the full article click here 

from cyber security caucus http://ift.tt/2eFJMei
via IFTTT

A Peek Into Singapore’s New Cybersecurity Act.

The Singapore Government announced earlier this year that a new, standalone Cybersecurity Act will be tabled in Parliament in 2017. On 26 October 2016, the Minister for Communications and Information, Mr Yaacob Ibrahim, provided a further glimpse of the impending laws. The Minister was speaking at the Financial Times Cyber Security Summit Asia Pacific held in Singapore.

The new Cybersecurity Act will institute standards for incident reporting, audits and risk assessments. It will also facilitate the sharing of cybersecurity information, and mandate the participation of critical information infrastructure operators in cybersecurity exercises.

Importantly, the Government envisions that the new Act will complement the existing Computer Misuse and Cybersecurity Act, which will continue to govern cybercrime investigation.

The Minister also observed that businesses need to spend more on cybersecurity, to keep pace with increased digitisation. At present, the Government is the largest contributor of cybersecurity expenditure. It plans to further increase its cybersecurity spending to 8 percent of its information technology budget. For the full article click here 

from cyber security caucus http://ift.tt/2eS8kl6
via IFTTT

USNA breaks ground at new Cyber Security Studies Center

The U.S. Naval Academy (USNA) held a groundbreaking ceremony for its new $106-million Center for Cyber Security Studies Oct. 21.

Three hundred people attended the event, including academy officials, Navy leaders and members of the Maryland delegation, U.S. Senator Barbara Mikulski and U.S. Representatives John Sarbanes and C.A. “Dutch” Ruppersberger.

The center was established in recognition of the critical importance that cyber operations play in our national defense and to facilitate the expansion of the Naval Academy’s cyber program, which includes a cyber operations major and required cyber curriculum for all midshipmen. Cyber operations is an interdisciplinary major that includes study in computer architecture, programming, data structures, networks, internet, database systems, information assurance, cryptography and forensics, as well as policy, law, ethics and social engineering. For the full article click here 

from cyber security caucus http://ift.tt/2eTSUut
via IFTTT

Red Cross data breach could have exposed donors to identity theft, cyber security expert says

Information from the Red Cross data breach could have been used for identity theft or sold on the black market if “unsavoury” criminals had obtained it, a computer security expert from the University of Melbourne says.

The personal data of 550,000 blood donors was leaked from the Red Cross Blood Service in what has been described as Australia’s largest security breach.

The organisation said a file containing donor information was placed in an “insecure computer environment” and “accessed by an unauthorised person”.

The file contained the information of people who had donated blood between 2010 and 2016.

The Red Cross said all copies of the data had now been deleted and the risk of the misuse of the data was low. For the full article click here 

from cyber security caucus http://ift.tt/2eTRHDy
via IFTTT

Penn State continues to promote cybersecurity after hacks

Penn State has about 100,000 students across 20 physical campuses, plus an online World Campus. Then there are the faculty, staff and administration.

What do all of those people have in common? Computers. Technology. A rushing stream of information moving invisibly through and around devices and servers around the clock.

It’s amazing. And if you are charged with keeping that information safe, it might be downright terrifying.

The U.S. Department of Homeland Security wants everyone to be aware of that right now. October is National Cybersecurity Awareness Month.

Penn State is certainly aware of it. In May 2015, the school confirmed hacking of the College of Engineering. In June, the school revealed more attacks on the College of Liberal Arts. For the full article click here 

from cyber security caucus http://ift.tt/2dLcStE
via IFTTT

Cyber Security: Five Firms Working to Squash Cyber Attacks

Angry at a journalist for writing mean things about you? Trying to make ends meet and need a blackmail scheme? Get your own DDoS botnet on the internet today!

---

Whodunit?

That’s the multibillion-dollar question this week after hackers took down the internet on October 21 with a distributed denial-of-service (DDoS) attack on one of the largest Domain Name System (DNS) service providers in the world.

Who’s responsible is indeed a compelling mystery.

A more important and immediate consideration is how to protect your network against hackers.

Another is which companies stand to profit from the effort to ramp up security in the aftermath of such a high-profile event.

Below, we discuss two small-cap stocks and three startups that figure to benefit from rising awareness of DDoS attacks and the importance of cyber security.

Here’s what we know so far about what happened last Friday. For the full article click here 

from cyber security caucus http://ift.tt/2ee2Eya
via IFTTT

What Godzilla Can Teach Japan About Its Cybersecurity

Sixty-two years after Japan’s most famous monster first shocked audiences, Godzilla is again packing movie theaters with its latest incarnation in Shin Godzilla (titled Godzilla: Resurgence in the U.S.). Now, I’m not a science fiction fan and I don’t watch a lot of movies. So why am I enthused about this one? Ironically, I only decided to see it after several friends in government and politics strongly urged me to go. The reason is it has a great takeaway: in my mind, the entire film can be interpreted as a parable for fighting hackers.

Essentially, it’s all about threat preparedness and response – or lack thereof (warning: this post contains spoilers). The focus of this film is not the battles with Godzilla itself, but the battles within the powerful bureaucracy that runs Tokyo and all of Japan. Civil servants in the movie are seen jockeying for position when things look promising and then ducking responsibility when events take a turn for the worse. They try to skirt jobs and roles that seem difficult and, initially, various overlapping agencies fail to work together. They’re also distrustful of foreign governments when they should be collaborating with them to fight back. For the full article click here 

from cyber security caucus http://ift.tt/2dJqnFi
via IFTTT

Cybersecurity investment in Asia still insufficient, with most criminals unpunished

Beyond financial and government sectors, all industries across the region need to step up their investment in cybersecurity and do better in identifying and prosecuting cybercriminals.

All businesses must step up their investment in cybersecurity, which is currently inadequate in several industry sectors, and countries need to do better in prosecuting cybercriminals, the majority of which are getting away scot-free.

While some industries traditionally had higher impetus to invest in cybersecurity, such as banking and financial institutions, other organisations also would face high risks as they moved to digitise their systems and processes. Speaking at the Financial Times’ Cyber Security Summit held in Singapore Wednesday, Minister for Communications and Information Yaacob Ibrahim said cybersecurity should not be seen as a cost, but as an investment to manage risk For the full article click here 

from cyber security caucus http://ift.tt/2dJsWqY
via IFTTT

Census attacks ’eminently predictable’, says PM’s cyber security adviser

The attacks on the 2016 online census were “eminently predictable” and should have been prevented, the special adviser to the prime minister on cyber security has said.

Alastair MacGibbon said the distributed denial of service (DDoS) attacks that caused the online census system shutdown on 9 August should have been expected by the Australian Bureau of Statistics and service provider IBM.

“In fact, the ABS did call for denial of service protection in its … tender process with IBM, and IBM responded to say they would put in place denial of service protection,” he said.

Appearing before a Senate inquiry into the problems plaguing the census, MacGibbon said his official review of the incident was handed to Malcolm Turnbull on 14 October.

MacGibbon told senators on the committee that no data had been lost from the census during or after the DDoS attacks. For the full article click here 

from cyber security caucus http://ift.tt/2eqwpRu
via IFTTT

US Lawmakers Slam Opt-in Car Cybersecurity Guidance

US regulators have urged car manufacturers to prioritize cybersecurity in the design of their vehicles, in a new voluntary set of guidelines.

The National Highway Traffic Safety Administration (NHTSA) released on MondayCybersecurity Best Practices for Modern Vehicles – what it claimed to be “a solid foundation for developing a risk-based approach and important processes” to ensure systems are properly secured.

It continued:

“NHTSA believes that it important for the automotive industry to make vehicle cybersecurity an organizational priority. This includes proactively adopting and using available guidance such as this document and existing standards and best practices. Prioritizing vehicle cybersecurity also means establishing other internal processes and strategies to ensure that systems will be reasonably safe under expected realworld conditions, including those that may arise due to potential vehicle cybersecurity vulnerabilities.”

The document sets out best practice advice including information sharing via the Auto ISAC; following established standards such as ISO; pen testing; and creating a new industry-specific vulnerability reporting program. For the full article click here 

from cyber security caucus http://ift.tt/2eFdvTR
via IFTTT

Going easy on cyber security could turn India’s technology growth story into a nightmare

“There are two types of organisations: those who have been hacked and those who don’t yet know they have been hacked.”

I recently stumbled upon this quote by John Chambers, executive chairman and former CEO of tech giant Cisco. It accurately describes where we in India are in terms of cyber security.

The recent data breach of debit cards left an estimated 3.2 million Indian customers vulnerable and is said to be the biggest such rupture in the country’s banking system to date. What happened was scary, but not entirely unexpected. Cyber security continues to be an after-thought in every sector in the country. For the full article click here 

from cyber security caucus http://ift.tt/2emLQrI
via IFTTT

Oil and gas industry gets IIoT cyber security solution

Waterfall Security Solutions has announced it is to protect LogiLube customers from cyber attack. The deal will see Waterfall Unidirectional Security Gateways (USG) deployed to LogiLube customer sites. Waterfall says its USG employ an impassable physical barrier against all external online attacks flowing back into industrial control systems. LogiLube intends to integrate the Waterfall USG with its predictive analytics to provide customers an early warning of cyber attacks.

According to Bill Gillette, CEO of LogiLube: “We selected Waterfall’s Unidirectional Security Gateway technology so we can provide a premium level of cybersecurity to our midstream natural gas clients. We chose Waterfall’s Unidirectional Gateway product because it enhances LogiLube’s innovative predictive analytic solutions with the highest security to mitigate risks associated with cloud and Internet connections. It complements our innovative predictive data analytic solutions for the oil and gas and other industries.”

LogiLube delivers its real-time analytics to customers via its cloud-based SmartOil solution. Its decision to collaborate with Waterfall comes just days after Waterfall announced the launch of its Unidirectional CloudConnect solution. This solution is aimed at users of Industrial Internet of Things (IIoT). For the full article click here 

from cyber security caucus http://ift.tt/2eJNGRA
via IFTTT

Task force close to finalizing cybersecurity recommendations

A state cybersecurity task force is preparing for one last discussion early next month before they sign off on their recommendations in a final report to the governor.

Dan Sipes, deputy chief information officer for the North Dakota Information Technology Department,  said the meeting will be held Nov. 2 in the Rough Rider Room at the state Capitol.

“Our goal will be to go over the details,” he said.

The report will contain recommendations for Gov. Jack Dalrymple’s 2017-19 executive budget.

Sipes said some of the items may come with funding requests, but others involve policy adjustments and changes that could be made to improve operations.

Dalrymple created the task force last year, asking its members to review the state’s cybersecurity policies and develop recommendations to provide better security to state IT networks, as well as the data they store and utilize. For the full article click here 

from cyber security caucus http://ift.tt/2eSi3Jd
via IFTTT

Baltimore cybersecurity exec explains what caused the wave of attacks on Friday

A major cyberattack Friday affected major brands and websites including Amazon, Twitter and Spotify. New Hampshire-based software company Dyn was at the heart of it all.

Dyn offers managed DNS and email delivery services to other companies. Essentially, the service works like Yellowpages, Gary Merry, CEO of Baltimore-based cybersecurity company Deep Run Security. When a person types a URL into their browser, a DNS service acts as a middle man. It takes the request and “resolves” it, or directs the user on a path to their desired website.

The company on Friday suffered a denial-of-service attack.

That happens when servers are swarmed, or are fielding millions and millions of the same request — in this case, requests for sites like Twitter or Amazon. The servers go into a kind of “panic.” They are overwhelmed and can’t meet all of the requests at once, so they lock up and stop resolving any requests, Merry explained to me during an interview at the CyberMaryland Conference.

And when Dyn servers can’t resolve those requests, users are met with a blank screen instead of the website they’re searching for.

“So we say Twitter is ‘down.’ But actually Twitter is functioning perfectly well, you just can’t get to it,” Merry said. “Basically, Twitter just doesn’t exist for a while.” For the full article click here 

from cyber security caucus http://ift.tt/2eSf3fK
via IFTTT

Secura partners tertiary institutions to set up cybersecurity R&D laboratory

CATALIST-LISTED security company Secura Group on Friday said that it will partner Republic Polytechnic (RP), the University of Glasgow, and the University of Glasgow Singapore to establish a joint facility for research and development (R&D) in cybersecurity.

The laboratory will be located within RP’s campus, and focus on topics such as cybersecurity for the Internet of Things, data analytics and Industry 4.0. The latter is also also known as the Fourth Industrial Revolution, under which manufacturing will be revolutionised by the integration of physical processes, robotics, computing and networking.

The estimated aggregate investment in the R&D laboratory for the next three years is S$10 million.

Secura chief Paul Lim said: “We hope that this collaboration will be an incubator to grow the cybersecurity ecosystem and create unique cybersecurity products and solutions for tomorrow’s market.” For the full article click here 

from cyber security caucus http://ift.tt/2dsUvcP
via IFTTT

Monthly Research Round-up: 7 must-read cyber security reports in October

1. Veracode: Security risks in software are endemic

The State of Software Security Report found that 97 percent of Java applications contained at least one component with a known software vulnerability.

Apparently, the top quartile of companies fix nearly 70 percent more vulnerabilities than the average company.Veracode said that best practices, such as remediation coaching and eLearning could improve fix rates by up to 6 times.

Additionally, over half of web applications were affected by misconfigured secure communications or other security defences. For the full article click here 

from cyber security caucus http://ift.tt/2e6Z8XU
via IFTTT

Top cyber security experts to attend Dublin conference

The Dublin Info Sec 2016 meeting will discuss major issues affecting companies, including cyber fraud and hacking and particularly the danger posed from hackers to senior executives.

The average cost of fraud to organisations on the island of Ireland increased from €498,000 (£444,000) in 2014 to €1.7m (£1.5m), with the incidence of cyber attacks almost doubling since 2012.

Whaling the C-Suite is the first event on the agenda. It will explore how senior executives make themselves vulnerable to hackers.

Amongst those topping the bill at the conference, which is taking place at the RDS in Dublin, is Dr Mary Aiken, the expert on whose work the American police drama CSI Cyber was based. For the full article click here 

from cyber security caucus http://ift.tt/2eYcVST
via IFTTT

How Podesta became a cybersecurity poster child

When John Podesta forgot his Apple iCloud password last spring, he asked an aide to remind him — so she emailed it to him. And that set the stage for trouble for Hillary Clinton’s campaign chairman.

First, a WikiLeaks dump last week of Podesta’s alleged Gmail messages revealed the password — “Runner4567″ — to the world. Then someone hijacked Podesta’s Twitter account, possibly using the same password, and blasted out the tweet: “I’ve switched teams. Vote Trump 2015.” The next morning, a security researcher found evidence that digital pranksters had used the password to remotely erase all the contents from Podesta’s Apple devices.

The cascade of woes, which Clinton’s campaign has not confirmed, appears to make Podesta just the latest Washington power player to join an inglorious club — the roster of senior government officials and political operatives who, like tens of millions of other Americans, have failed to take basic protections for their sensitive data. Others in the elite group include Director of National Intelligence James Clapper, CIA Director John Brennan and 2012 Republican presidential nominee Mitt Romney, whose personal emails have all suffered assault from digital intruders. For the full article click here 

from cyber security caucus http://ift.tt/2eYh3CI
via IFTTT

Cyber security threats getting less easy to ignore

As the soon-to-be commissioned USS Detroit sits on the edge of the Detroit River preparing to offer a limited run of tours to the public, a luncheon discussion begins inside the Detroit Marriott about other types of security measures.

Nation-states — such as China, Russia, Iran, North Korea — are more aggressive in cyber attacks. The fraudsters have upped their game beyond the once easy-to-spot spam e-mails filled with bad grammar and spelling mistakes. Cyber security threats are growing more ominous for individuals, small business owners and large corporations.

“In their mind, you’re low-hanging fruit,” said George Smirnoff III, senior vice president and chief information security officer for Comerica Bank.

“As executives, guess what? You’re all targets.” For the full article click here 

from cyber security caucus http://ift.tt/2eUpiPY
via IFTTT

Tech industry ponders how to fill Colorado’s 10,000 cybersecurity job openings

On a recent visit to an unnamed government intelligence organization, Ed Rios spotted cybersecurity specialists using virtual reality to suss out the bad guys. Another was monitoring 50 simultaneous chats.

That led Rios, the new CEO of the National Cybersecurity Center in Colorado Springs, to ask, “What jobs do you need the most?”

“I was thinking it would be technology or software or something with algorithms,” Rios said. “His response was: ‘I need anthropologists and sociologists. I need people to know how to think about cultures, about change and about the way we look at cyber and why cyberhactivists do what they do.’”

The shortage of tech workers is apparently at its most scarce in the cybersecurity world. Rios, speaking at the Colorado Technology Association’s Tech Summit on Wednesday, said that in Colorado alone, there are 10,000 job openings in cybersecurity. We need to think differently about how to fill those jobs, he said. For the full article click here 

 

from cyber security caucus http://ift.tt/2e99vM6
via IFTTT

Luxembourg to launch cybersecurity centre in 2017

(JB) Luxembourg is to create a cybersecurity centre in 2017 to further information security in the public and private sector, it was announced on Tuesday.

The aim of the centre would be to increase the competitive advantage of Luxembourg cybersecurity in the short term and in the medium term contribute to the development of ecosystems in areas like the Internet of Things, space technology and FinTech.

The initiative was announced by Secretary of State for the Economy Francine Closener at the first edition of the “Cybersecurity Day” on Tuesday.

“The concept of the centre is based both on the sharing of proven expertise of various public and private and dynamism emanating from the national cybersecurity ecosystem,” Closener said, adding: “The new structure will help to strengthen the positioning and the economic attractiveness of the country for undertakings in the information technology sector and communication.” For the full article click here 

from cyber security caucus http://ift.tt/2eFfBpl
via IFTTT

Former intelligence chief David Irvine wants cyber security at forefront of Australia’s defences

The task of being an intelligence chief has become tougher with the rise of cyber threats and terrorism, according to the former head of the Australian Security Intelligence Organisation, David Irvine, who says he would like to see a “much stronger” national cyber industry.

Speaking during a rare interview in Canberra, Mr Irvine said “when you put cyber on top of [terrorism], it takes a bit of time off your sleep at night. The two issues have grown exponentially within a couple of decades and while the nature of the threats is the same, the vector has changed. And cyber is a new and very potent vector.”

Mr Irvine, who lead Australia’s overseas spy agency ASIS before he headed up ASIO, said he’d been “horrified” at the revelations of Edward Snowden, the subcontractor to the National Security Agency who exposed vast top secret US government programs for monitoring global communications. For the full article click here 

from cyber security caucus http://ift.tt/2dmYAPF
via IFTTT

Is Your Organisation Really Taking Cyber Security Seriously?

Board must set cyber security agenda – ICAEW

IF BUSINESSES fail to take cyber security seriously in their business planning, regulators may do it for them the ICAEW has warned.

Richard Anning, head of ICAEW’s IT Faculty, said boards must grasp the nettle and deal with it as a priority: “Despite years of warnings, many still regard cyber security as an optional extra. This is why we are increasingly seeing more data breaches that harm consumers and businesses alike. Cyber security is integral to digital business.”

In ICAEWs latest report Audit Insights: Cyber Security, high profile data breaches and the slow pace of cyber security progress means unless boards take control of the agenda themselves, governments may decide to legislate.

Anning, continued: “Unless boards take control of these issues, it is only a matter of time before governments start to bring in tough new laws – this has already begun with the introduction of General Data Protection Regulation (GDPR). The boards can start by using cyber-by-design principles, so cyber security is seen as a precondition for trading at all.” For the full article click here

from cyber security caucus http://ift.tt/2dkcEJF
via IFTTT

Q&A: Frank Abagnale helping catch cyber issues in Phoenix

The inspirational man behind the movie “Catch Me If You Can” was in Phoenix Oct. 6 talking cybersecurity with clients of BMO Wealth Management at Scottsdale Resort at McCormick Ranch.

The inspirational man behind the movie “Catch Me If You Can” was in Phoenix Oct. 6 talking cybersecurity with clients of BMO Wealth Management  For the full article click here 

from cyber security caucus http://ift.tt/2dm8axl
via IFTTT

DarkMatter and vArmour announce strategic partnership to expand data centre and cloud security positioning in the Middle East

Abu Dhabi and Dubai, UAE; Mountain View, CA, USA – DarkMatter, an international cyber security firm headquartered in the United Arab Emirates, and vArmour, a leading data centre and cloud security company, today announced a partnership arrangement to offer joint customers end-to-end cyber security solutions.

DarkMatter will enhance customer data centre and cloud security environments through its newly formed partnership with vArmour by offering best-of-breed data solutions that protect against cyber threats. DarkMatter will provide incident response services that incorporate advanced security analytics and automated cyber attack containment. DarkMatter’s approach to increased cyber resiliency across its clients’ networks will draw on vArmour’s Distributed Security System (DSS) technology, which helps organisations gain application-layer visibility and control of their network, applications and users to prevent, detect and respond to cyber attacks and breaches in data centre and cloud environments.

In today’s increasingly digitised enterprise landscape, organisations across the Middle East are making critical decisions and driving processes based heavily on virtual and cloud-based IT environments. For the full article click here 

from cyber security caucus http://ift.tt/2exy2fA
via IFTTT

A Smart Nation must be built on a secure foundation

A Smart Nation must be built on a secure foundation. That was the key takeaway from the Singapore International Cyber Week held earlier this week.

“Singapore aspires to be a Smart Nation. But to be a Smart Nation, we must also be a safe, cyber nation. We must get cybersecurity right, to capture the benefits of a more connected world,” said PM Lee Hsien Loong as he unveiled Singapore’s first holistic national cybersecurity strategy.

He outlined four key pillars:

1. strengthening critical infrastructure,
2. working with businesses and individuals to create a safer cyberspace,
3. growing cybersecurity capabilities by creating jobs and developing talent, and
4. forging stronger ties with international counterparts.

To level up our existing infrastructure and protect essential services, the Cyber Security Agency of Singapore (CSA) will expand the National Cyber Incident Response Team and National Cyber Security Centre.

The CSA will also address gaps in standards and incident reporting protocols for service providers by strengthening Singapore’s cybersecurity governance and legislative frameworks.

On creating a safer cyberspace, the CSA will implement the National Cybercrime Action Plan to combat cybercrime more effectively. It will also promote a culture of collective responsibility by involving Government, businesses, and the wider community in cybersecurity.

A professional cybersecurity workforce will also be nurtured in order to develop a vibrant cybersecurity ecosystem. This involves making it easier for existing IT professionals to switch to the cybersecurity sector, and creating clear career pathways for existing cybersecurity professionals. The CSA will also work with Institutes of Higher Learning to co-develop suitable curriculum. For the full article click here 

from cyber security caucus http://ift.tt/2dVliA1
via IFTTT

Threat Vector NYC Managed Cybersecurity

The LCO Group releases a new and affordable managed security offering catered to small and medium-size organizations in an effort to combat the rising number of cyber-threats.

New York, New York (PRWEB) October 15, 2016

To meet the growing number of cyber-threats faced by firms in financial services, legal, and other sensitive data-driven industries, The LCO Group, a leading provider of technology consulting services in New York City, has announced that they have re-engineered their security offerings to take advantage of the latest advances and tools available for providing small to mid-size businesses in the tri-state area with enterprise level managed security services.

Threat Vector is a fully integrated, one-stop offering that addresses key vulnerabilities in modern infrastructures and allows for smaller organizations to meet many of their compliance and regulatory needs. Threat Vector is a truly proactive and in-depth solution that will safeguard and protect sensitive business data at the lowest cost of ownership. For the full article click here 

from cyber security caucus http://ift.tt/2de5OFq
via IFTTT

Fighting the person should be cybersecurity best practice: Nuix

One major mistake organisations and governments are making in protecting their systems is neglecting the importance of focusing on the person at the end of the attack, according to Keith Lowry, senior vice president at Sydney-based intelligence, analytics, and cybersecurity software firm Nuix.

The 25-year cyber-veteran said that the majority of all insider threat programs he has been privy to begin with the foundation of technology, and that in reality, the foundation of a counter-insider threat program needs to start with recognising there is a person at the other end.

“It’s about people using technology — it’s not about technology by itself — and too many people focus on the fact that it’s all technology and therefore the answer to it must be a piece of technology,” Lowry said. For the full article click here 

from cyber security caucus http://ift.tt/2e26nA1
via IFTTT

Singapore’s cybersecurity skills shortage: Why it matters

SINGAPORE: In his speech launching Singapore’s national cybersecurity strategyearlier this week, Prime Minister Lee Hsien Loong warned of cyberattacks and threats “becoming more frequent and sophisticated, with more severe consequences”.

He pointed to how a cyberattack on the power grid in Ukraine last December left many Ukrainians without electricity for hours, and how hackers used malware to withdraw more than US$2 million (S$2.77 million) from ATMs in Taiwan in July this year. Closer to home, he said that there have been attacks on government networks and on the financial sector.

According to a 2014 report from Center for Strategic and International Studies, cybercrime costs Singapore an estimated S$1.25 billion annually.

Yet there is a decidedly acute shortage of IT security specialists that can be engaged to help fend off such online threats. For the full article click here 

from cyber security caucus http://ift.tt/2e27zDy
via IFTTT

Connecticut names Arthur House state’s first chief cyber security risk officer

The growing importance of cybersecurity is a national narrative that drills through every tier of government, and Connecticut’s latest hire adds another chapter to that tale.

Gov. Dannel Malloy announced today the immediate hire of Arthur House as chief cyber security risk officer, the first to fill the role for the state. House will be responsible for bridging agencies and sectors to address cybersecurity threats.

“As technology expands into every segment of our lives and creates greater convenience and ease, it also brings a new set of challenges and risks, and that includes essential functions such as our public utility systems. This position … will serve as a leader for the state who will coordinate the work responsible for enhancing Connecticut’s cybersecurity posture, and safeguarding our cyber systems and critical infrastructure in an ever-evolving threat landscape,” Malloy said in a release.  “We want to be a national leader in these efforts, and we are moving forward in a way that will allow us to be prepared for any contingency and safeguard our residents from cybersecurity threats to critical infrastructure.” For the full article click here 

from cyber security caucus http://ift.tt/2e3E5UG
via IFTTT

Regulating New York’s cybersecurity

A regulation recently proposed by Gov. Andrew Cuomo that would require the implementation of a multi-faceted cybersecurity program to protect consumers likely will have a varying level of impact on local financial institutions and insurance companies.

In the regulation — which Cuomo claims is the first of its kind in the nation — banks, insurance companies and other financial service institutions regulated by the state Department of Financial Services must, among other things, adopt a written cybersecurity policy, designate a chief information security officer and develop policies and procedures for dealing with information that is accessible to third-party vendors. “New York, the financial capital of the world, is leading the nation in taking decisive action to protect consumers and our financial system from serious economic harm that is often perpetrated by state-sponsored organizations, global terrorist networks and other criminal enterprises,” Cuomo said in a statement. “This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensures that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible.” For the full article click here 

from cyber security caucus http://ift.tt/2dOF7ZQ
via IFTTT

Boo-boo by Yahoo

Customers must be protected from cybersecurity snafus

Freedom, among other good things, is the right to be left in peace. But with privacy under assault, it’s a right frequently and eagerly trampled. With many of their personal transactions conducted online, Americans are learning that their private business is being vacuumed up without their knowledge. When security breaches occur, victims appeal for government protections only to discover that the feds are spying on them, too. Strong legal barriers to intrusive behavior are urgently needed against prying eyes and ears.

Yahoo is the most recent technology mega-firm exposed as failing to guard the personal information of its customers. The company, headquartered in Silicon Valley and best known for its web portal and search engine, sheepishly informed customers last month that 500 million Yahoo accounts had been hacked.

Most damaging to the customers is the record haul of passwords taken by the thieves, which are even now being run at the speed of light through computer banks at banks, credit card companies and other commercial sites in search of hits that give hackers access to the financial records of Yahoo customers. For the full article click here  

from cyber security caucus http://ift.tt/2e0Csaz
via IFTTT

Bloomington Hosts Cyber Security Summit 2016

Cyber Security Summit 2016 is drawing leaders from around the world to Bloomington this week. It brings together people from the private and public sectors, from the Department of Homeland Security to Security tech company Symantec.

Conference organizer say their goal is to anticipate security attacks and strategize how to prevent, protect and respond to cyber attacks.

“It’s no longer need to know, it’s a need to share information so we can prevent and respond effectively against the many threats that are out there,” UnitedHealth Group’s Elizabeth Stevens said.

Tuesday’s agenda included a debate on privacy vs. security, a keynote address on cyber attacks by the numbers, a discussion on how to respond to a breach, a session on protecting the homeland, and an interactive table top exercise.  For the full article click here 

from cyber security caucus http://ift.tt/2dL4sUm
via IFTTT

Singapore will increase cybersecurity capability as part of new strategy

Singapore’s prime minister Lee Hsien Loong announced the strategy this week during Singapore’s International Cyber Week.

The strategy has been developed by Singapore’s Cyber Security Agency (CSA), which was set up last year. It will have four components, Lee said: strengthening the country’s critical infrastructure; working with businesses and individuals; increasing cybersecurity capabilities; and working with other countries.

“We are investing more to strengthen government systems and networks, especially those handling sensitive data to protect them from cyber attacks. Operators of essential services will have to develop robust cyber risk management frameworks and responses,” Lee said.

One initiative already in place is the separation of internet surfing from other systems such as email in the public service, Lee said. Singaporean government officers can still access the internet, but must do so on a device that is not connected to the internal network. For the full article click here 

from cyber security caucus http://ift.tt/2dS7vpA
via IFTTT

E8 Security, Innovator of Behavior Intelligence for Cybersecurity, Raises $12 Million in Series B Round to Transform Effectiveness of Security Operations

REDWOOD CITY, CA–(Marketwired – October 11, 2016) – E8 Security, an innovator of behavioral intelligence for cybersecurity, today announced that it has closed a $12 million Series B funding round. Strategic Cyber Ventures led the round, bringing total funding to date to $21.8 million. All three Series A investors — March Capital Partners, Allegis Capital, and The Hive — also participated in the round. The new funding will be used for continued innovation of the E8 Security Behavioral Intelligence Platform, as well as to fuel go-to-market and sales execution efforts to support the accelerated demand for the platform’s ability to detect the early warning signs associated with potential compromise or unknown security threats.

“Strategic Cyber Ventures is thrilled to add E8 Security to our growing portfolio of disruptive cybersecurity companies,” said Hank Thomas, Chief Operating Officer at Strategic Cyber Ventures. “Based on our many discussions with E8’s executives and customers and hands-on evaluation of their technology, we’re confident E8 will quickly replace a number of cybersecurity controls currently on the market and enhance others that established security teams rely on today. Strategic Cyber Ventures is honored this group of cybersecurity entrepreneurs, with a product that will revolutionize the industry, chose to join our growing portfolio and partner with our team of experts.”

Adversary success rates, and the vast operational damage ripple-effect, continue to soar at all-time highs across all industries and business types. Organizations have come to the stark realization that the significant shortage of skilled IT security professionals, coupled with reliance upon largely siloed, signature-based methods of threat detection, is no longer acceptable. They are now embracing different approaches that incorporate advances in machine learning for cybersecurity and the significant automation benefits that these technologies create and enable. For the full article click here 

from cyber security caucus http://ift.tt/2dS9RVr
via IFTTT

Singapore urges need to thwart cyberattacks with coordinated local, global efforts

The Singapore government has underscored the need to safeguard critical infrastructures and drive the necessary ecosystem to safeguard the nation’s cyberspace, including pushing ahead with plans to restrict internet access among its employees.

In his opening address Monday at the inaugural Singapore International Cyber Week, Prime Minister Lee Hsien Loong said ICT had enabled the country to develop from a third-world to a first-world economy and continued to play a critical role in its efforts to become a smart nation. However, ICT also opened up new vulnerabilities, introducing cyberthreats and attacks that were increasingly frequent and sophisticated, and resulting in more severe consequences. Lee pointed to the December 2015 attack on Ukraine’s powergrid and and this year’s cyber theft involving Bangladesh Bank, which lost US$81 million. He added that the Singapore government, too, had been a target and had experienced phishing and malware attacks, as well as the defacement of its websites. Government systems also had been compromisedand the financial sector had suffered DDoS attacks, he said. For the full article click here

from cyber security caucus http://ift.tt/2dRtDmi
via IFTTT

Training Cyber Warriors in Virginia

The number of devices that are now connected to the Internet far exceeds the number of people on the planet.  And as Cyberspace grows, so do the legions of hackers looking for ways to break in.  Right now, it’s an A-symmetrical cyber war.  But as Robbie Harris reports, Virginia’s Governor has launched a plan to change that by training a new workforce for the growing field of cyber security.

Governor Terry McAuliffe: “I want us to be the capital of the world for cyber. Our problem is, we’re not filling the high paying jobs. I have 17-thousand cyber jobs right now in Virginia. Starting pay – parents -88-thousands dollars.”

Virginia Governor Terry McAuliffe is touting this high pay for an expensive job, defending against cyber attacks. The plan is for colleges and universities to prepare a small army of students from all over Virginia to enter the cyber security force. For the full article click here

from cyber security caucus http://ift.tt/2dRt5Nf
via IFTTT

Boost your small business cybersecurity with these simple tips

In the modern world, a secure and stable online infrastructure isn’t just important — it’s everything. Companies not only provide their services online, they often collaborate and telecommute behind the scenes.

Nevertheless, small businesses don’t always protect their online assets because they think they have nothing worth stealing. As a result, only 30 per cent of American small businesses have an informal Internet security policy, and just 40 per cent have a contingency plan in case a data breach occurs.

However, Symantec, an American cybersecurity company, revealed thatalmost 40 per cent of the cyberattacks they encountered in the first three months of 2012 targeted companies with fewer than 500 employees.  For the full article click here 

from cyber security caucus http://ift.tt/2dRSFyw
via IFTTT

CSUSB Receives Two Federal Cyber Security Grants

For the past eight years our campus cyber security center has been a top ten cyber security department in the United States.

CSUSB’s nationally distinguished cyber security program received two federal grants to continue outreach and scholarship program.

“While keeping information confidential and assuring to protect our information, those that posses excellent capability in cyber security and computer science should receive the federal grant that will help ones education, training, and workforce development. With a foot in the door studying in this field is a stable well paying job as technology is everywhere,” said computer science major Sharvari Tavkar.

“As a reflections of this excellence, CSUSB was designated as a Center of Academic Excellence in Cyber Defense/ Information Assurance through 2021,” according to CSUSB News.

The Cyber Corps scholarship program is now in its seventh year, available to juniors, seniors, and graduate students, including community college transfers majoring in the cyber security field. For the full article click here 

from cyber security caucus http://ift.tt/2dArRrC
via IFTTT

Computer scientists explore random numbers, cybersecurity

Creating sets of truly random numbers may be harder to accomplish than people think, but that hasn’t stopped UT computer science professor David Zuckerman from trying.

Computers can obtain randomness by monitoring things such as thermal noise or intervals between keystrokes, but they often fail to provide high-quality randomness, Zuckerman said.

“Think of choosing a number from 1 to 100,” Zuckerman said. “It’s perfectly random if each number has a probability of 1 in 100. [In] low-quality randomness, some of these probabilities are as high as 1 in 10.”

In a study in the Society for Industrial and Applied Mathematics, Zuckerman and a team of researchers developed an algorithm called a two-source random extractor. The algorithm takes two independent low-quality random number generators and combines them into a high-quality one.  For the full article click here 

from cyber security caucus http://ift.tt/2e8PYwa
via IFTTT

Share Tweet Pocket Print Mail Bookmark NBU to create center for cyber security incidents

The National Bank of Ukraine (NBU) will create a center to respond to cyber security incidents in the banking system and the payment space of Ukraine, the National Bank’s website said.

“Previously, our efforts were focused on individual transactions such as interbank payments or transactions with payment cards … Now we should consider the issue of appropriate cyber security in a much broader scope and concentrate on ensuring cyber security of all financial and banking sector,” the statement says citing Deputy Governor of the NBU Yakiv Smoliy.

The NBU said that the cooperation in the framework of ensuring cyber security in Ukraine was discussed by representatives of the banking community during the “round table” in Kyiv on October 4: representatives of Cyber Police of Ukraine, Security Service of Ukraine, the State Service for Special Communications and Information Protection of Ukraine were invited to participate in its work. For the full article click here 

from cyber security caucus http://ift.tt/2e8RNZI
via IFTTT

Victoria opens cyber security mega-hub

Data61 unveils newly-located national centre.

The CSIRO’s digital research unit Data61 has opened the doors to its new national cyber security centre in Melbourne, situated alongside IT security experts from Oxford University and the state government.

Data61 agreed to move its national cyber security centre to the Docklands Goods Shed earlier this year, after Oxford University picked the spot as the location for its own global cyber security capacity centre (GCSCC) last December.

It marked the introduction of Oxford University’s first ever international office. For the full article click here 

from cyber security caucus http://ift.tt/2dMZC3p
via IFTTT

Enterprises Struggle to Hire, Retain Cyber-Security Pros, Survey Finds

Nearly half of all companies have difficulty recruiting the cyber-security workers, but are not training or offering career options to the workers they have, according to a survey.

Companies need to help their cyber-security specialists not only keep their skills up to date, but develop new ones, which is a hard idea to sell when these workers change jobs so often, according to a new survey released on Oct. 5 by the Information System Security Association.

The survey of more than 430 security professionals, conducted by the Enterprise Strategy Group, found significant dissatisfaction among workers in the industry while underscoring the demand for these skilled employees and their good job prospects, a combination that highlights companies’ difficulties in retaining security workers.The survey found 56 percent of security professions believed their company did not provide adequate training to keep up their skills. At the same time, 46 percent of those workers received an offer to apply for another job at least every week. For the full article click here 

from cyber security caucus http://ift.tt/2d5vTVu
via IFTTT

PROTECT YOURSELF: National Cyber Security Month

Identity fraud will never happen to me.

A common thought, but every two seconds- someone in the United States becomes a victim of identity fraud.

October is National Cyber Security Awareness Month. The Better Business Bureau is taking action with the White House, and the National Cyber Security Alliance to kick off the “Lock Down Your Login”campaign today. The campaign focuses on strategies you’ve never heard of to protect yourself, since usernames and passwords are not strong enough alone.

There are the three highlighted strategies that utilize strong authentication. That means there is an added step to make sure YOU are the one logging in.

1) Security Key: This is a small device plugged into the USB port that you have in your possession while logging in.

2) Biometric: This is using your fingerprint or camera, typically on smartphones or laptops. For the full article click here 

from cyber security caucus http://ift.tt/2cSGQXl
via IFTTT

CYBERSEC 2016: Cyber-security in the heart of Europe

The challenges facing central and eastern Europe (CEE) in securing cyberspace will be familiar to cyber-security specialists from around the world, but because of its unique history and proximity to Russia, it faces a number of individual challenges as well, challenges that leaders are addressing through the creation of regional cooperation groups.

How successful that will be – in the face of an enemy with many faces which are quick to adapt their strategies in response to new security tactics – will take years to assess.

CYBERSEC 2016 in Krakow, Poland brought together speakers from the CEE region, wider Europe and the rest of the world to focus in on these challenges, which the conference divided into four streams: military, business, state and future.

We caught up with some of the speakers from the various sessions to get their assessment of the challenges and their view on the achievements of the conference.  For the full article click here 

from cyber security caucus http://ift.tt/2dJEAHV
via IFTTT

Clinton School of Public Service Hosts Cybersecurity Awareness Program

LITTLE ROCK, Ark. – The Clinton School of Public Service hosted a cybersecurity program Monday in honor of National Cybersecurity Awareness Month.

The program was called “Cybersecurity in the Real World” and the main theme was “Stop, Think and Connect.”

Dr. Phyllis Schneck, Chief Cybersecurity Official at the Department of Homeland Security, spoke at the program about the importance of internet safety in this day and age.

Dr. Schneck says technology and innovation are outpacing security. She says part of her mission is “mitigation and response to cyber threat”.

“Be cognizant that everything is likely having an electronic component today and it could be talking or sending your information places we don’t yet understand,” Schneck says. For the full article click here 

from cyber security caucus http://ift.tt/2dGqkeI
via IFTTT

Trump: Hillary’s only cyber security experience is ‘her criminal scheme’

Donald Trump whacked Hillary Clinton as unfit to be president, citing her mishandling of e-mail as secretary of state while addressing cyber security on Monday.

“Hillary Clinton’s only experience in cyber security involves her criminal scheme to violate federal law, engineering a massive coverup and putting the entire nation in harm’s way,” Trump said.

“The fact that a former senator and secretary of state claimed not to know what the letter ‘C’ means is just one more example of why she’s unfit to hold public office.” For the full article click here 

 

from cyber security caucus http://ift.tt/2dnXMLH
via IFTTT

Cybersecurity not just for big businesses, Las Vegas firm says

We are a Las Vegas-based cybersecurity company focused on providing affordable, automated, efficient and intelligent solutions to small businesses.

What is your business philosophy?

Part of our mission statement is that if you find a job you love, you never work another day in your life. We believe in finding team members who share our passion for technology and cybersecurity, and we all work together toward our core goal: to protect America’s small businesses from cybercriminals.

Why is it important for small and medium-sized businesses to have cybersecurity? What are the threats of not having security or an IT team?

Seventy-one percent of cyberattacks target small businesses, and the scary follow-up statistic is that 60 percent of small businesses successfully attacked go out of business within six months. Small-business owners frequently operate with the mindset that they are too small to be the target of an attack, but that’s simply not true today. As large corporations invest thousands, if not millions, of dollars in cybersecurity strategy and hardware, it’s the small businesses that are left vulnerable and without protection. Cybercriminals know it. Think of it like a burglar looking to break into a house. Is he going to pick the house with the sophisticated alarm system, dogs and bars on the window? Or is he going to pick the house that has glass windows, no screen door and no alarm? For the full article click here 

from cyber security caucus http://ift.tt/2dTuuDr
via IFTTT

Cyber attacks cost UK businesses up to £1m, according to BAE Systems

New research reveals cyber ignorance putting businesses at risk

Research has thrown further light on the evolution of cyber security from technical issue to board issue, with the average cost of an attack standing at £330,000. For one in ten UK businesses, according to research by BAE Systems, the cost of an attack is much higher – hitting up to £1 million.

79% of the UK businesses leaders surveyed believe that they have the appropriate security controls in place to defend against cyber attacks. Yet this confidence sits at odds with other findings from the research.

More than half (57%) of those surveyed said they had experienced a cyber attack in the past year, with one in five being in the dark when it came to knowing if their organisation has the right security controls in place. Of further concern is the fact that many of those surveyed who were confident about their defences had not tested their incident response plans for at least six months. For the full article click here 

from cyber security caucus http://ift.tt/2dpqiIO
via IFTTT

UK National Cyber Security Centre set to open

The National Cyber Security Centre (NCSC) will officially launch tomorrow, October 1, and will open for service on Monday.

Alison Whitney from the NCSC was speaking at the recent Cyber Security in Healthcare conference when she said that the website will be the first indication that they will be ready to go. The site is due to be launched on Tuesday, October 4.

The government described the intended activities for the NCSC, as well as how it works and the people it works for, earlier this year, but was yet to provide a specific launch date.

The NCSC will be based at new London premises, in addition to offices located close to Cheltenham, Gloucestershire.

Whitney said:
“The primary goal of the NCSC is to simplify the complicated [cyber security] picture across government that made it difficult for organisations to know who to talk to. It brings together all the key organisations under a single organisational umbrella to provide better support and bridge the gaps between government, industry and critical national infrastructure.”

Whitney added that the NCSC has four primary goals, with preparatory work undertaken in the summer, along with pilot studies and trials.

The goals are to diminish the level of cyber security threat to the UK, to competently respond to attacks and limit damage to the country, to gain an awareness of the cyber security landscape and to improve the strength of cyber security in the UK, providing more stability in major cyber security challenges facing this country. For the full article click here 

from cyber security caucus http://ift.tt/2dlcL5o
via IFTTT

Spotlight on National Cyber Security Awareness Month

There has been a quite a bit of buzz lately over the importance of small business cyber security. There are about 500,000 cyber attack attempts per minute around the world, and hackers don’t discriminate — they are targeting everyone from governments to financial institutions to small businesses.

In fact, 44 percent of small businesses report being the victim of a cyber attack, with an average cost of $9,000 per attack. As technology and connected devices become more sophisticated, so do hackers. October marks National Cyber Security Awareness Month, so if you haven’t put much thought into your business’ cyber security strategy, now would be a good time to do so.

National Cyber Security Awareness Month is an annual campaign designed to raise awareness about cyber security by engaging and educating public and private sector partners through events and educational materials. The initiative also strives to provide individuals and businesses with the tools and resources needed to stay safe online, and increase the resiliency of the United States in the event of a cyber incident. For the full article click here 

from cyber security caucus http://ift.tt/2dvZwg7
via IFTTT