Cybersecurity, big data top priorities for state’s IT chief

Dewand Neely is the chief information officer for the state of Indiana, overseeing a 300-plus employee operation that is the sole provider of IT services to about 100 state agencies. He’s been at the Indiana Office of Technology since its inception in 2005 (agencies previously had their own IT teams and resources), and he assumed the helm in October 2015 after Paul Baltzell stepped down.

Neely, 38, recently spoke with IBJ about cybersecurity, the innovation his office is driving, and being one of only a few African-American state government CIOs in the country. The following are edited excerpts from that conversation.

IBJ: You’ve been in your job for a little over a year now. How have you made your mark on this office?

NEELY: I came in [in 2005] as an infrastructure guy a few years out of school and was lucky enough to be one of the first folks to work with the newly created Office of Technology. One of the things I remember early on is the struggle we had with changing the culture when we started doing consolidated IT—how much we had to bend over backward to make sure we were being customer-service focused and delivering value to win over people who were against consolidation.

One of the things I did right away after [becoming CIO] was to really put another focus on that. We were doing some really cool things, but sometimes that work can get in the way of the customer service. For the full article click here 

from cyber security caucus http://ift.tt/2fywAoz
via IFTTT

Trump Presidency: Where does cyber security go now?

Given the unexpected results of the US election, it is hard to predict the future, particularly in sorting out campaign rhetoric from policy intent. In general, Trump’s pro-jobs, pro-business resolve will likely loosen constraints on companies in terms of industry regulations and taxation while supporting employee expansion and capital investments.

Trump will need to reconcile his image as a populist Washington outsider who will champion the common man with the business leader that will ease burdens and restrictions.

Changes will be made to cyber security – this is nearly certain. The election itself was highly charged with security issues that created at the very least tension, and at its height, a kind of hysteria. A string of email attacks that ensnared DNC leaders and even Hillary Clinton’s campaign manager revealed the impact that cyber warfare can have on a national election. For the full article click here 

from cyber security caucus http://ift.tt/2fyyZPU
via IFTTT

Autistic People Can Solve Our Cybersecurity Crisis

ALAN TURING WAS the mastermind whose role in cracking the Nazi Enigma code helped the Allies win World War II. He built a machine to do the calculations necessary to decipher enemy messages and today is hailed as the father of the com­puter and artificial intelligence. He’s also widely believed to have been autistic.

Turing was not diagnosed in his lifetime, but his mathematical genius and social inelegance fit the profile for autism spectrum disorder (ASD). And his story illustrates how society benefits when it gives a voice to those who think different. Until he came along, no one perceived the need for a com­puter; they simply needed to crack the code. It took a different kind of mind to come up with that unexpected, profoundly consequential solution.

While Turing’s renown has arguably never been higher, today we are failing to recognize the potential in millions of other talented minds all around us. Like Turing, many of them are also capable of exceptional technological expertise that can help to safeguard our nation. For the full article click here

from cyber security caucus http://ift.tt/2fyqF5W
via IFTTT

Cyber security must go beyond the traditional

The world is engaged in an invisible war, with honest businesses at one end and cybercriminals at the other. Cyber security is no longer just a concern, but is inevitable, writes NITHEN NAIDOO, CIO of Snode

Cybersecurity is no longer just a pressing concern for the IT industry, it is a very real issue that every business has to contend with. Put plainly, a cyberattack is not just likely, it’s inevitable.

What’s more, many organisations’ security can already have been compromised, without them necessarily knowing even it. Today’s security landscape is no longer defined by the known and familiar attack vectors, responded to by the traditional defences of installing a firewall, antivirus solutions and constantly updated threat signatures. Rather, companies are being attacked in ways they cannot predict and often, don’t even detect using traditional approaches to cybersecurity.

Furthermore, companies are understandably reluctant to share details of how and when their security has been compromised, for fear of their reputations being damaged. This is exacerbated by the fact that they are facing advanced, highly motivated, and extremely well organised attackers, who are globally dispersed and often part of a much larger crime syndicate. This gives cybercriminals a structural advantage, making it all the more likely that they will continue to win the battles they wage. For the full article click here

from cyber security caucus http://ift.tt/2fZksRs
via IFTTT

BLETCHLEY PARK CHOSEN SITE FOR CYBER SECURITY COLLEGE

Bletchley Park has been chosen as the site for the UK’s first National College of Cyber Security.

The plans were confirmed by the not-for-profit cyber security body QUFARO, with intentions to open the site by 2018. The new facility will be built at the site’s G-Block, which is one of the facility’s largest buildings. At present, a £5million restoration project is being conducted to convert the building to a security technology centre.

The college will be a free-to-attend boarding school for up to five hundred 16-to-19 year olds. Pupils are to be selected on talent regardless of background, and taught cyber skills as well as a range of related subjects. The programme is intended to help increase the UK’s potential for helping young people learn cyber security skills, in the face of the increased threat of cyber warfare.

The site is to be built at the historic location where codebreakers including Alan Turing broke the Enigma code during World War Two. For the full article click here

from cyber security caucus http://ift.tt/2gpvxcq
via IFTTT

Internet Society: Change Cybersecurity Stance

“Once bitten, twice shy” is the sentiment among many consumers when it comes to companies that were the subject to a data breach. A new report from the Internet Society finds that 59 percent of Internet users said they would not likely do business with a company that fell victim to a data hack.

“One of the key questions raised by this report is, why are organizations doing so little to protect their customers’ data?” said Michael Kende, economist and Internet Society fellow who authored the report, in a press release. “Everyone knows that data security is a major issue for both consumers and businesses, yet companies are not doing everything they could to prevent breaches.”

According to the Internet Society, the average cost of a data breach is now about $4 million, up 29 percent since 2013. What’s more, in 2015 there were a reported 1,673 breaches and 707 million exposed records. With that in mind, the Internet Society said it is urging companies to change their stance on cybersecurity and follow some key recommendations. For the full article click here

from cyber security caucus http://ift.tt/2faVHCE
via IFTTT

Cyber Security – Technologies & Global Markets – Key Vendors Are Palo Alto, Fireeye & Symantec Corp. – Research and Markets

DUBLIN–(BUSINESS WIRE)–Research and Markets has announced the addition of the “Cyber Security: Technologies and Global Markets” report to their offering.

The scope of the report encompasses various technologies used in cyber security applications. Additionally, the application industry for the market is segmented into banking and financial services institutions, defense and intelligence, healthcare, retail, IT and telecommunications, government, and others, which include education and manufacturing sectors. The present cyber security market offers an opportunity to the stakeholders, largely because of a surge in cloud-based services and the increased use of the internet for online financial transactions.

This report highlights different solutions in the cyber security market, which includes identity and access management (IAM), encryption, data loss protection (DLP), firewall, antivirus and antimalware, disaster recovery, risk and compliance management, and other solutions. Other types of solutions include unified threat management (UTM), distributed denial of service mitigation and web filtering. In addition, the report also offers major regional analysis of the Americas, Europe Middle East and Africa (EMEA), and Asia-Pacific. The estimated and forecast market revenue considered in this report is the summation of prices for software, hardware and subscription services. For the full article click here 

from cyber security caucus http://ift.tt/2f5ZAsc
via IFTTT

U.S. says cybersecurity skills shortage is a myth

The U.S. government has released what it claims is myth-busting data about the shortage of cybersecurity professionals. The data points to its own hiring experience.

In October 2015, the U.S. launched a plan to hire 6,500 people with cybersecurity skills by January 2017, according to White House officials. It had hired 3,000 by the first half of this year. As part the ongoing hiring effort, it held a job fair in July.

At the Department of Homeland Security (DHS), “We set out to dispel certain myths regarding cybersecurity hiring,” wrote Angela Bailey, chief human capital officer at DHS in a blog post Monday. For the full article click here 

from cyber security caucus http://ift.tt/2gAGzP6
via IFTTT

Why Insider Threats Are Hurting North American Businesses

A new report from Kaspersky Lab revealed that company employees are among the leading cyberthreats to North American companies.

According to the “Business Perception of IT Security: In the Face of an Inevitable Compromise” report, 20 percent of businesses worldwide experienced four or more data breaches in the last 12 months, while North American businesses suffered double the global amount at 44 percent.

Enterprises in North America said careless/uninformed employee actions (59 percent) and phishing/social engineering (56 percent) were the largest drivers of the serious data breaches they experienced.

“The survey results indicate the need for a different view on the growing complexity of cyberthreats,” Veniamin Levtsov, vice president of enterprise business at Kaspersky Lab, said in a press release. For the full article click here 

from cyber security caucus http://ift.tt/2fYepd6
via IFTTT

McAuliffe announces new cybersecurity with Australia

RICHMOND, Va. (AP) – Virginia Gov. Terry McAuliffe has announced a new partnership with the Australian state of Victoria to share resources and information related to cybersecurity.

McAuliffe’s office announced the memorandum of understanding Monday, as he continues a 10-day trade and marketing mission to Asia and Australia.

The governor’s office said the agreement would also allow both governments to share ideas on the best way to grow skilled workforce, promote entrepreneurship and other areas.

McAuliffe has made expanding Virginia’s cybersecurity industry a key priority. Virginia is home to the Pentagon, the CIA and various other defense-related agencies. For the full article click here 

from cyber security caucus http://ift.tt/2ghkAKc
via IFTTT

Soliton Enters Europe and Targets Enterprise Cyber Security Space With Rebrand of Excitor

Soliton Systems, a leading provider of IT security in Japan, today announced its expansion into Europe with the rebrand of Excitor, the mobile security specialist. Soliton recently acquired Excitor and will continue to offer Excitor’s secure mobile and remote access products alongside its range of enterprise-class network security solutions. Excitor will be rebranded as Soliton as the company ramps up its operations across Europe, expanding its channel partnership programme to target the cyber security market.

The enterprise mobility sector has matured over the course of the past two years with a subtle shift away from protecting and managing the device towards secure data management. Protecting access to that data is now a priority for the connected business. Sophisticated and veracious attacks and the imminent application of more stringent data regulation in the form of legislation such as the EU GDPR will increase the onus on the organisation to secure data.

Recognising this shift in demand, Soliton Systems will now focus not just on enterprise mobility but on data and access protection through a suite of cyber security products. The Mobicontrol MDM, DME mobile container, and G-On remote access device previously offered by Excitor will be complemented by cyber controls that protect, guard and actively defend data. The Soliton services For the full article click here 

from cyber security caucus http://ift.tt/2fjcAJF
via IFTTT

Cyberbit Launches Channel Program To Create A Profitable Opportunity To Solve Customers’ Most Critical Cyberthreats

AUSTIN, Texas — /PRNewswire/ –Cyberbit, whose cybersecurity solutions protect the world’s most sensitive systems, today announced the launch of its Channel Program for North American Partners: MSSPs, VARs, distributors and consultants, who play a critical role in helping companies defend themselves against evolving cyberthreats. The Cyberbit Channel Program will deliver enhanced margins to partners, by providing Cyberbit’s suite of solutions, addressing today’s most complex cyber security problems for customers.

Cyberbit partners will get access to the industry’s most advanced endpoint detection and response (EDR), SOC automation and orchestration, cyber range training and simulation platform, and industrial control systems security. The Cyberbit Channel Program is led by enterprise and IT security channel veteranStephen Thomas, former Vice President of Channel Sales at Symantec, who has more than 20 years of sales leadership and building channel programs for partners of all sizes. Now Vice President of Sales at Cyberbit, Thomas will position partners to address pressing challenges in cybersecurity as part of the company’s 100-percent-channel-focused strategy. For the full article click here 

from cyber security caucus http://ift.tt/2fTCMsp
via IFTTT

Cybersecurity Threats May Impact Your Digital Health

As the healthcare industry continues to embrace the Internet of Things, cybersecurity may present unprecedented health and privacy risks to patients. Wireless-enabled medical devices are increasingly common. For some patients, this means that their hearts are, quite literally, connected to the Internet of Things. For others, mobile medical apps and wearable products are collecting personal health data that may be inadequately protected.

The medical device industry came under fire this year when a Senator from California sent a letter to the top five U.S. medical device manufacturers expressing “serious concerns that the cybersecurity vulnerabilities in medical devices are putting the health and safety of patients in California and across the country at risk.” Senator Barbara Boxer (D-CA) wrote her letter in response to findings from an independent security researcher who discovered certain vulnerabilities in drug infusion pumps used in hospitals. The researcher discovered that the device software was vulnerable to infiltration that had the potential to manipulate the pump’s drug dosage levels. Unfortunately, this is not the first time this risk has been demonstrated. For instance, similar studies have revealed the vulnerabilities of wireless-enabled pacemakers and defibrillators, which in some cases have led to embarrassing public disclosuresby companies seeking to profit from such vulnerabilities. For the full article click here 

from cyber security caucus http://ift.tt/2g2kc0A
via IFTTT

Cybersecurity experts offer advice for incoming Trump administration

WASHINGTON — The new Trump administration could better protect the nation from cyber attacks by teaming with Silicon Valley to boost the cyber workforce and creating an agency to find new ways to safeguard digital security, UC Berkeley’s Center for Long-Term Cybersecurity said in recommendations unveiled Friday.

Those ideas were among five major cybersecurity suggestions that the center’s experts offered during a panel discussion at the Bipartisan Policy Center. The University of California, Berkeley center has reached out to Trump’s transition team to offer its advice. Trump has not yet named a cybersecurity adviser.

“The new administration has an important opportunity to change the way Americans think about cybersecurity,” the center said in a short report presented by Executive Director Betsy Cooper and Faculty Director Steven Weber. “We believe cybersecurity needs to be thought of as an existential risk to core American interests and values, rising close to the level of major armed conflict and climate change.” For the full article click here 

from cyber security caucus http://ift.tt/2fbkO6s
via IFTTT

Embracing cybersecurity remains a challenge for many firms: Expert

SINGAPORE: Awareness and investment in cybersecurity may have grown in recent years, but the longer-term strategy of embracing the issue remains a challenge for many, said Mr Low Chee Juee, chief technologist of the cybersecurity practice at consulting firm Booz Allen Hamilton.

Speaking at the tech risk conference during the Singapore Fintech Festival on Thursday (Nov 17), Mr Low said embracing cybersecurity remains a challenge even though organisations could reap the potential benefits of lower costs and improved organisational efficiency.

“In terms of action, we’re still a step behind in a lot of areas where we need to be ahead. If we’re looking at it from a scale of one to 10, with 10 being ‘ready’, I think we’re still at ‘four’ in terms of where we’ve engineered a change,” Mr Low said.  For the full article click here 

from cyber security caucus http://ift.tt/2fYQuJN
via IFTTT

NHS Cybersecurity: Breaches Up, Spending Low

A new Freedom of Information (FoI) request has uncovered a litany of cybersecurity failings by NHS trusts across the UK.

Sky News received responses from 97 trusts and found data breaches in the health service had risen from 3133 in 2014 to 4177 last year.

What’s more, the average annual amount spent on cybersecurity was just £23,000, although six trusts claimed to fork out over £100,000.

More worrying is the fact that 45 trusts were unable to put a figure on spending at all, while seven trusts serving more than two million people spent nothing at all in 2015, the report claimed.

The news site engaged consultancy Hacker House to do some digging and claimed to have found that “security across the board was weak for many factors.” For the full article click here 

from cyber security caucus http://ift.tt/2f7qa2K
via IFTTT

Closing the Gender Gap in Cybersecurity: Its Time to Back Ourselves as an Industry

Whilst I spent most of my maternity leave in coffee shops and parks, I did manage to engage my brain for long enough to write a few industry reports, one on the reformation of the computer science GCSE, and one on closing the gender gap in cybersecurity. The lack of women in the industry is something that has always perplexed me, but this research allowed me to truly indulge my curiosity by spending time with representatives from across the industry; from government departments to recruiters to pen-testers to CISOs, and get to the bottom of why there is such a lack of women, and what can be done about it.

At the Big Bang Careers Fair earlier this year, CREST, in partnership with the government, ran a digital defenders stand to try and encourage schoolchildren to consider careers in cybersecurity. Interestingly – and encouragingly – they welcomed to the stand just as many schoolgirls as schoolboys expressing an interest in cybersecurity. That’s the good news. Yet, only 17% of computer science graduates are females, and according to the latest (ISC)2workforce study, only 10% of industry professionals are women. So what’s going wrong and why are we, as an industry, not converting those interested schoolgirls into graduates and then industry professionals?

Does it even matter? Many industries have gender imbalance, so is it something we should even be worrying about? The answer is unequivocally yes. There are arguments that a diverse workforce increases productivity; that research shows increased profitability in companies with more women; and recruiters even say that women bring a loyalty and stability to the industry that male counterparts, on the whole, don’t. Whilst these arguments are all valid, it’s actually simpler than that: cybersecurity is facing a frightening skills gap, with predictions that by 2020 there will be 1.5 million unfilled positions, so to put it simply, we need more people, so we need more women. It just makes sense. For the full article click here

from cyber security caucus http://ift.tt/2fFlgrQ
via IFTTT

White House and Homeland Security Publish Cybersecurity Guidelines for IoT Devices

Two independent IoT (Internet of Things) cybersecurity publications were released yesterday by the White House and the Department of Homeland Security, covering guidelines and principles for creating IoT devices with in-built security measures, as well as recommended protocols for implementing such measures.

The Obama administration ‘rushed’ the NIST (National Institute of Standards and Technology) publication a month ahead of the planned release, primarily due to the escalated urgency surrounding cybersecurity for IoT devices following last month’s major Distributed Denial of Service attack that disabled parts of the United States’ internet infrastructure.

Cybersecurity has long been a concern since Internet connectivity started becoming more prolific in the 1990s. As connectivity came to mobile devices en masse in the 2000s, it became an even bigger issue. Today, the Internet of Things is next in line for in-depth scrutiny because it involves a large number of interconnected devices that are perpetually online. That increases the quantum of risk by a significant magnitude. For the full article click here

from cyber security caucus http://ift.tt/2fXfp4e
via IFTTT

Cybersecurity Law aims to ‘protect people’s interests’

New legislation set to be a hot topic among experts, officials at the annual internet meeting

Cybersecurity and related issues have been hot topics among internet and judicial experts since China’s first Cybersecurity Law was adopted earlier this month.

The law and its related topics, including how to put coordination of government departments into practice and how to review products and services before they are made available on the internet, will also be heated topics of discussion at the World Internet Conference, experts said.

Li Yuxiao, secretary-general of the Cybersecurity Association of China, said that he will go to Wuzhen, Zhejiang province, to participate in the third WIC, which runs from Wednesday to Friday, adding that one of his focuses will be legal issues.

“It’s good to see that our nation has finally drawn up and adopted its first Cybersecurity Law,” Li said.

“It’s the guide when we draft some other cybersecurity-related rules, and I think its adoption has brought more confidence to internet and judicial professionals,” he said. “I’d like to share the law with foreign guests and listen to their opinions at the conference.” For the full article click here 

from cyber security caucus http://ift.tt/2fUPRCT
via IFTTT

Cyber security expert to speak at 2016 State of the Region

There’s a war going on, and Dane Deutsch is on a mission to make sure companies and businesses don’t become collateral damage.

Deutsch, the president and CEO of Rice Lake information technology company DCS Netlink, will speak on the topic of cyber security at the sold-out second State of the Region event, sponsored by the 7 Rivers Alliance and to be held Wednesday at The Court Above Main. Federal Reserve Bank of Minneapolis Outreach Director Ron Wirtz also will provide some regional economic advice, the results of the 7 Rivers 2016 business survey will be presented, and Tribune Executive Editor Rusty Cunningham will present the 2016 Rising Stars Under 40 at the event.

“This will give a sense of the economic health of the region,” 7 Rivers CEO Lisa Herr said.

Herr started as executive director of the organization in 2014, and when she first arrived said there wasn’t a lot of detailed data on the region’s economy. Her staff tweaked the organization’s business survey to gather more information and worked with the Federal Reserve to create the State of the Region program.

“The intent of all of this is to help inform business and community leaders about what has gone on and what to anticipate for the coming year,” she said. For the full article click here 

from cyber security caucus http://ift.tt/2fUSmVH
via IFTTT

DocuSign Opens Cybersecurity Centre of Excellence in Dublin

DUBLIN, Nov. 14, 2016 /PRNewswire/ — DocuSign announced today the opening of its Cybersecurity Centre of Excellence in Dublin as part of its ongoing commitment to Europe and protecting its customers’ data and privacy. The Centre will be committed to conducting research into the latest cyberattacks and trends, while developing tools for the advanced detection of such threats.

The project is supported by the Department of Jobs, Enterprise & Innovation through IDA Ireland.

A critical focus for the Centre within the next three years will be undertaking research and development into security orchestration and automation, which will directly inform advancements and innovation for DocuSign’s security tools. As a result, the company’s customers and employees will benefit from DocuSign’s ability to respond even faster to rapidly evolving threats.

Welcoming the new investment by DocuSign, the Minister for Jobs, Enterprise and Innovation, Mary Mitchell O’Connor TD said, “This new Cybersecurity Centre of Excellence will be a valued addition to Ireland’s existing strengths in the ICT sector. We are very keen to attract a wider range of specialist IT companies, especially in Cybersecurity, as we are all very conscious of the crucial importance of being able to deal with Cybersecurity threats.  It is great news that a company of the stature of DocuSign has decided to open this new facility here.  We have the IT skills available to enable the company to grow and to embed their operations in Ireland.  Their arrival is a great vote of confidence in what Ireland has to offer and I wish the team the very best for their future in Ireland.” For the full article click here 

from cyber security caucus http://ift.tt/2eSj3b9
via IFTTT

WISeKey creates a Joint Venture company “WISeKey Argentina” for the development of cybersecurity in Latin America.

ZUG, Switzerland & GENEVA & BUENOS AIRES, Argentina–(BUSINESS WIRE)–WISeKey International Holding (WIHN, a company listed on the Swiss stock exchange) through WISeKey ELA (its Spanish company headquartered in Bilbao), AC Investment & Consultant S.A. and Trend Technologies S.A. reached an agreement to form a Joint Venture for the creation of a new company WISeKey Argentina, with the objective of extending WISeKey’s global presence in Argentina.

WISeKey’s global expansion during recent years has focused on the development of joint ventures with strategic partners on a national level, which has permitted WISeKey to deploy their information technology security and the Internet of Things in emerging economies in India, Brazil, China and now Argentina. These joint venture companies are developed in these countries with strategic partners that pave their way into the market providing important clients and contracts that are facing a high growth demand for cybersecurity solutions such as, digital identity and privacy, secure mobile communication, secure cloud computing, the Internet of Things, secure semi-conductors, BlockChain and other innovative technologies offered by WISeKey.

The new joint venture will expand current operations in Argentina with the possibility of extending into other Latin American countries as well. The WISeKey alliance with its new partners creates a synergy between leading companies whose values and product portfolio provide state of the art technology and cybersecurity services. This initiative also contemplates that the company offer its services and solutions from a highly secure data center located in the region. The partnership includes a strategic investment in WISeKey Argentina, representing a 49% ownership to the new partners and a 51% share for WIHN. For the full article click here 

from cyber security caucus http://ift.tt/2f7XdBh
via IFTTT

Teaching Kids About Cybersecurity? Ask Garfield.

Children are spending more time online, chatting up strangers and sometimes giving them personal information that could put them in harm’s way. But a new collaboration that enlists a particularly troublesome cartoon feline is looking to teach kids a few things about cybersecurity.

Mobile devices have become the babysitters of the technology age, engaging and distracting kids in equal measure.

“Children are growing up with these things,” said Patrick Craven, Director of the Center for Cyber Safety and Education. “They practically have them in the crib with them and so they don’t see the danger that could be.”

Online strangers that come across as friendly and chatty might seem harmless to a child. But giving them too much information – a home address or the name of the child’s school – or even meeting with them, might invite cyberbullying or worse. For the full article click here

from cyber security caucus http://ift.tt/2g57TVc
via IFTTT

My grandpa is more qualified to run America’s cybersecurity than Rudy Giuliani

Rudy Giuliani’s name has been floated as a possibility for several cabinet level positions—everything from attorney general to secretary of defense. But the longtime Trump supporter and necromantically animated skeleton said in an interview this morning on Fox News that his real calling is keeping America’s internet safe.

Wow, what a great idea! It’s unclear exactly what job Giuliani is lobbying for, but he clearly has some sort of position in mind relating to cybersecurity. But I have another candidate I’d like to put forward for this mystery office: my grandpa.

At first glance, the two appear to have a lot in common. They’re both Italian-American men from New York City who moved to Long Island in the 1950s. They both have a history of public service—Giuliani through his time as U.S. Attorney and mayor of New York City, and my grandpa as a World War II veteran (happy Veteran’s Day Grandpa!). At 98 years old, my grandpa is a fair bit older than the 72-year-old Giuliani, but that just means he’s got more experience, right? For the full article click here

from cyber security caucus http://ift.tt/2g53eTo
via IFTTT

Cybersecurity job candidates underqualified, professionals say

The ISACA Cybersecurity Jobs Index reveals a significant increase among cybersecurity professionals who report job candidates not being sufficiently qualified at time of hire.

The index found that 59% of professionals now say fewer than half of their job candidates were considered ‘qualified upon hire’, which is an increase of 9% in just one year. In addition, 27% need six months to fill a cybersecurity position, which is an increase of three points from 2014.

This comes at a time when cybersecurity threats are on the rise, with 76 breaches in APAC in the first six months of 2016. Indeed, Australia is ranked first in data breaches, with NZ taking fourth place.

The average cost of a data breach in Australia is now $3.46 million, with the main industries affected being financial (2%), education (1%), health care (30%), government (57%) and other industries (35%). For the full article click here 

from cyber security caucus http://ift.tt/2eJ4uGR
via IFTTT

Reader Comment: Cybersecurity requires all-hands-on-deck effort

Americans and many around the world are living increasingly digital lives. According to one recent study, there will be 6.4 billion Internet-connected devices in use this year alone — including mobile phones, laptops and Internet routers – a 30 percent increase just from 2015. By 2020, that number is projected to jump to more than 20 billion. This means there will be more than two connected devices for every individual on the planet.

While this growing connectivity brings many benefits for consumers, it also creates new opportunities for sophisticated cyber criminals — as well as foreign entities – to intercept personal information, disrupt the delivery of essential services and even compromise our national security and critical infrastructure.

Today, cyber-attacks are among the most serious threats facing the United States and our citizens. The Department of Justice’s Internet Crime Complaint Center recorded 269,422 cybersecurity related complaints in its 2014 report, an increase of more than 1,500 percent since 2000. According to another survey, more than one-third of U.S. consumers reported having experienced a computer virus, hacking incident or other cyber-attack in the last year. With vulnerabilities always present in advancing technology, and cyber incidents constantly making headlines, it is important to take cybersecurity seriously, whether it be at home, at work or on the go. For the full article click here 

from cyber security caucus http://ift.tt/2fHyQMb
via IFTTT

SaaSMAX Cybersecurity Channel Road Show To Debut November 17

Event’s first stop in Irvine, CA, to bring together cybersecurity innovators and thought leaders with VARs, MSPs & IT consultants for an evening of intriguing conversations and opportunities.

SaaSMAX Corp., the IT Channel’s value-add marketplace and growth engine for Cloud Software (“SaaS”) companies and IT Solution Providers, is proud to announce it will be hosting its inaugural Cybersecurity Road Show Series focusing on trends and threats currently affecting IT solution providers, Cloud Services Providers (CSPs), VARs, MSPs, and MSSPs in the SMB IT channel.

Set for November 17, 2016, the Road Show will make its first stop in Irvine, CA, at the modern WeWork workspace located in the Spectrum Center. The event will kick off at 4:30pm with a networking session, allowing attendees and sponsors to mingle and network. A panel session on “Threat Detection, Prevention & Correction from the Front Lines,” will then commence, followed by a discussion on the current types of Security as a Service offerings. HIPAA Compliance as a Service will also be featured, as well as SECaaS Product introductions from event sponsors. The Road Show will close out at 8:30pm with a final one-hour networking session featuring refreshments and prize giveaways. For the full article click here 

from cyber security caucus http://ift.tt/2fHz8m7
via IFTTT

AbacusFLEX Private Cloud conforms to UK cyber security guidelines

Abacus says its services already meet or exceed these standards.

Abacus, which in October announced a major expansion of its services and the opening of a second data centre in London, provides cyber defences to its more than 400 clients in the alternative investment field globally.

Noting that the US Securities and Exchange Commission (SEC) has been increasing its requirements for cyber defence compliance on the same investors, Abacus CEO Chris Grandi (pictured) says the firm is committed to continually investing in research and development to maintain vigilance in both the US and UK markets..

“One of our core disciplines is maintaining a secure platform for funds to operate from,” says Grandi. “As the amount of regulatory responsibility grows, investment firms are addressing whether they have the resources available to address and manage them effectively. With respect to cybersecurity, it will be important to leverage third-party technology and cybersecurity experts to assist with adherence to regulatory requirements in the UK and in the US.” For the full article click here 

from cyber security caucus http://cybersecuritycaucus.com/abacusflex-private-cloud-conforms-to-uk-cyber-security-guidelines/
via IFTTT

United States: Five Questions General Counsels Should Ask About Cybersecurity And Data Privacy Litigation

Cybersecurity and data privacy litigation continues to grow rapidly in scale and complexity. Putative class actions not only follow major data breaches but also increasingly allege vulnerabilities in a wide range of products, from cars to toys, even before any attack has occurred. And plaintiffs continue to assert privacy claims against both cutting-edge technologies and longestablished business practices.

Significant financial and reputational risks can accompany cybersecurity and data privacy litigation. These high stakes make it important for companies to respond strategically and practically. To that end, while each case differs, companies generally should evaluate the following five questions if they face cybersecurity or data privacy litigation.

Does the Plaintiff Have Standing?

Whether a plaintiff has standing to bring suit in federal court continues to be a central question in most, if not all, cybersecurity and data privacy cases. In particular, whether the plaintiff has suffered an injury in fact is frequently pivotal. The US Supreme Court’s recent decision in Spokeo, Inc. v. Robins, 135 S. Ct. 1540 (2016), clarified that a plaintiff cannot merely allege a technical legal violation but must suffer an actual, real-world injury (or face the certainly impending threat of one). Companies will look to rely on the Spokeo decision in the coming years, including as they litigate the types of future injuries that may still be sufficient to confer standing under Clapper v. Amnesty International USA, 133 S. Ct. 1138 (2013). A judge in the Sixth Circuit recently noted that the US courts of appeals already have split on that latter point, for example, and further significant litigation is highly likely. For the full article click here 

from cyber security caucus http://cybersecuritycaucus.com/united-states-five-questions-general-counsels-should-ask-about-cybersecurity-and-data-privacy-litigation/
via IFTTT

Financial Conduct Authority concerned about cyber security of banks

The FCA expresses concern about the cyber security of banks after 9,000 Tesco Bank customers lost £2.5m in fraudulent transactions 

The UK’s Financial Conduct Authority (FCA) has said it is concerned about weaknesses in banks’ IT systems, after cyber attackers drained £2.5m from 9,000 Tesco Bank current accounts at the weekend.

The bank halted online banking after discovering suspicious activity relating to 40,000 current accounts and initially feared that around 20,000 had been affected by fraudulent transactions. For the full article click here 

from cyber security caucus http://cybersecuritycaucus.com/financial-conduct-authority-concerned-about-cyber-security-of-banks/
via IFTTT

Trump Likely to Take Military Approach to Cybersecurity

Donald Trump takes over the presidency at a time of increased anxiety about cybersecurity and consumer privacy. High-profile data breaches at insurance companies, healthcare providers, major retailers, government agencies – and his vanquished opponent’s own aides– illustrate a need for action.

“Government regulations are forcing us to open up our systems and transmit our data, yet we are left to defend ourselves from the hackers who want to steal all the free-flowing data,” says Pamela McNutt, senior vice president and CIO at Methodist Health System. “As threats grow, so does the amount of money providers must spend to secure their environments.”

On the stump, Trump was sometimes aloof about the cyber threat. When it was suggested that Russian agents had hacked the Democratic National Committee, Trump famously said, “It also could be somebody sitting on their bed that weighs 400 pounds, OK?”

But he also was able to leverage his opponent’s weakness on the subject to his advantage. As Hillary Clinton wrestled with the fallout from the investigation into her use of a private e-mail server while Secretary of State, and e-mails from her chief of staff John Podesta trickled out over the course of months , Trump seized the opportunity to differentiate himself. For the full article click here 

from cyber security caucus http://cybersecuritycaucus.com/trump-likely-to-take-military-approach-to-cybersecurity/
via IFTTT

China’s new cybersecurity bill alarms human rights experts

Internet censorship in China could be about to get much worse.

The country on Monday passed a new cybersecurity bill that may have severe implications for both Chinese internet users and international tech companies, reports Reuters. These new measures will come into effect June 2017.

On the privacy front, the final draft of the bill stated that “critical information infrastructure operators” — tech companies in and outside China — are required to store their data on users on servers in the country. The publication adds that the draft requires that these companies give “technical support” to security firms and pass national security standards. Additionally, companies that operate within China will be legally bound to enforce censorship, and will be held responsible for content spread through their platforms. For the full article click here 

from cyber security caucus http://ift.tt/2eRkxD4
via IFTTT

18-year-old Wins Cyber Security Challenge UK

Ben Jackson, an 18-year-old student from the Sussex town of Bexhill-on-sea, has won the Cyber Security Challenge UK’s Masterclass competition, making him the youngest ever champion.

Jackson beat 41 other talented amateurs in a three-day cyber-attack simulation led by PwC with help from the National Crime Agency, GCHQ and the Bank of England.

That challenge, which took part in a Security Operations Center in Shoreditch, required participants to investigate a data breach at a power station.

Working in teams, candidates were presented with the profiles of ‘employees’ which may have carried out the attack, and were required to work against the clock under the twin pressures of hacktivist cyber-attacks and live updates from government agencies and the company’s board.

They were also tasked with keeping the operation under wraps from journalists. For the full article click here 

from cyber security caucus http://ift.tt/2ei6I4C
via IFTTT

Will China’s cyber security law restrict online freedom?

The Chinese government on Monday passed a new cyber security law, as part of heightening Beijing’s control on the Internet.

Under the new law, the government will take measures to “monitor, defend and handle cybersecurity risks and threats originating from within the country or overseas sources, protecting key information infrastructure from attack, intrusion, disturbance and damage.”

It was passed by China’s legislature, the National People’s Congress(NPC) and takes effect from June 2017.

“Despite widespread international concern from corporations and rights advocates for more than a year, Chinese authorities pressed ahead with this restrictive law without making meaningful changes,” said Sophie Richardson, China Director. “The already heavily censored Internet in China needs more freedom, not less.” For the full article click here 

from cyber security caucus http://ift.tt/2fvg3DJ
via IFTTT

The Week Ahead: Government officials address health cybersecurity, oil and gas issues

Federal officials will discuss healthcare cybersecurity, oil and gas security, and more following Election Day, while numerous industry events around the world this week will tackle issues from data protection to federal agency IT security.

On Wednesday at the National Cybersecurity Center of Excellence in Rockville, MD, Suzanne Schwartz, the Food and Drug Administration’s lead on medical device cybersecurity, will speak on cybersecurity in the healthcare sector. For the full article click here 

from cyber security caucus http://ift.tt/2fvmd6X
via IFTTT

After election, DHS will work with voting machine vendors on cybersecurity

After next week, the Homeland Security Department plans to start working with election machine vendors to make sure they’re defending against cyberattacks, a DHS official told reporters today.

The idea is to “make sure they have cybersecurity built into their systems,” but also to offer them the department’s information sharing services, “so they’re seeing the same indicators we are,” the official said.

“We understand a lot of states will be modernizing their voting machines over the next several years, and we want to make sure that as they modernize their machines, they do it in a way that is secure,” an official said.

The department doesn’t want to send the signal about election security that “this is not a problem we’re looking at for Nov. 8, and then we’re done,” the official said. “We’re trying to figure out how to make this a long-term program.” For the full article click here 

from cyber security caucus http://ift.tt/2f3YAUl
via IFTTT

Robert O’Brien: Hillary Clinton best placed for cyber security battle

‘Emailgate’ ensures that Hillary Clinton has a much greater insight into cyber security than Donald Trump. Mrs Clinton now has real world experience of the potential for damage resulting from a cyber security breach and will be much more aware of pitfalls to avoid.

There is no doubt that the tough lessons sorely paid for through her email activity, have helped elevate Mrs Clinton into a stronger position to lead in any cyber war.

Mr Trump does not elicit anywhere near as much confidence. As someone who works daily with organisations to improve cyber security awareness, I have found that every organisation finds this issue challenging. Two of the most challenging groups of users are executives and senior managers. The people that run governments and lead them are generally not any different. For the full article click here 

from cyber security caucus http://ift.tt/2fppbJU
via IFTTT

CSUN Film Students, Faculty Help FBI Raise Cyber Security Awarness

The simple act of opening an email can leave businesses and private individuals vulnerable to cyber attacks — from hackers who hold data for ransom to thieves who compromise legitimate business email accounts to steal thousands of dollars through unauthorized wire transfers.

California State University, Northridge faculty and students teamed with federal law enforcement officials to create a series of public service announcements  to educate the community about trending cyber crimes, as well as remind people about the consequences of online piracy.

“Cyber crimes are increasingly becoming more and more detrimental to all of us,” said CSUN cinema and television arts professor Nate Thomas, who oversaw the university’s involvement in the project. “We worked on a similar campaign on intellectual property theft with the federal Department of Justice and FBI three years ago that got some attention. I guess they liked what we did and asked us to work with them again.”

Thomas, who has his own production company that has created PSAs for a variety of organizations over the years, said he saw an opportunity to teach his students about their responsibility to use their craft for more than just making entertainment. For the full article click here 

from cyber security caucus http://ift.tt/2flPG35
via IFTTT

Why Cybersecurity Is a Big Factor In Ecommerce

Even the birds in the trees know that eCommerce is growing and the number of people who shop online is increasing at a steady pace. For instance, eCommerce sales made up for $1.08 trillion in 2013, and in 2018. This number is expected to get close to $2.5 trillion in the foreseeable future.

In the first three months of 2015, people spent $10 billion just by shopping on their mobile devices in the United States alone. A lot of people globally are buying online, and more of them are getting on this bandwagon with each month that passes.

Primal Fear

A big problem for eCommerce business owners is that these numbers would be even greater if not for one very understandable fear – the fear for one’s security and privacy when purchasing online.

A recent study conducted by the National Telecommunications and Information Administration in the U.S. showed that around 26% of the people they talked to, avoid buying goods or services online because they are afraid for their security.

Even more, people avoid conducting many financial transactions online for the same reason. For the full article click here 

from cyber security caucus http://ift.tt/2flTWiY
via IFTTT

Cyber security image putting women and girls off, says panel

There is still a lot of work to be done to change the perception of cyber security and corporate culture to attract more women to the profession, according to a panel of security professionals

The image of cyber security and the people who work in the profession is putting women and girls off from considering it as a career, according to a panel of women working at Intel Security.

“We need to change the way the profession is perceived and emphasise that it is about helping and protecting people,” said Lynda Grindstaff, speaking at Intel Focus 2016 in Las Vegas.

“Few people understand that cyber security provides opportunities to work for the common good both now and for future generations,” she said. For the full article click here 

from cyber security caucus http://ift.tt/2ehEfXG
via IFTTT

Cybersecurity is focus to protect voter information, track ballots for Wisconsin’s Elections Commission

Cybersecurity is a focus for state election officials as voters prepare to cast their ballot on Tuesday.

Officials from the state Elections Commission said they have been bolstering security and coordinating with several state and federal agencies to ensure voter information is safe and Wisconsin’s elections are transparent and fair.

Wisconsin is one of several states that has accepted help from the U.S. Department of Homeland Security to protect its computer systems that handle voter information and ballots. Commission spokesman Reid Magney said it is also working with the state Department of Administration’s Division of Enterprise Technology, which administers the computer systems for elections; the FBI, U.S. Department of Justice, local district attorneys’ offices and the state Attorney General’s office to plan for scenarios that could arise on Election Day.

from cyber security caucus http://ift.tt/2fHiFRt
via IFTTT

Optus, Singtel open cybersecurity centre in Sydney

The new cybersecurity centre for enterprise and government customers will provide data analytics, automated incident response, and threat intelligence

Optus Business has announced opening its Advanced Security Operations Centre (ASOC) alongside Trustwave, offering managed cybersecurity services to enterprise and government customers.

The ASOC joins Optus and parent company Singtel’s network of security operations centres, providing customers with access to data analytics, automated incident response, and threat intelligence, backed by Singtel’s 2,000 security professionals and “elite” response team known as SpiderLabs.

“Cybercrime is a persistent, global threat. It is the number one economic crime in Australia … business and government must be able to confidently operate, innovate, and maintain trust with customers and stakeholders in this evolving landscape,” said Optus Business managing director John Paitaridis. For the full article click here 

from cyber security caucus http://ift.tt/2ezczyq
via IFTTT

Cybersecurity talent shortage on the radar of government, business

An international shortage of cybersecurity talent is expected to grow over the next few years, according to the Information and Communications Technology Council.

The council’s vice-president of talent innovation, Sandra Saric, said there’s an expected need for more than 1.5 million people to work in cybersecurity globally by 2020.

Solving the talent shortage was one of the challenges emphasized by government and private industry executives at a cybersecurity forum at the GTEC conference in Ottawa on Tuesday. It’s an annual technology event that brings together business and government.

“Getting more people to take science, technology, engineering and mathematics courses and degree programs, and also training them to be cybersecurity savvy is probably the first challenge,” said Scott Jones, assistant deputy minister responsible for the information technology security program with Communications Security Establishment Canada (CSEC). For the full article click here 

from cyber security caucus http://ift.tt/2ezc5s3
via IFTTT

A Wake-up Call To CEOs and Marketers: The Perfect Cyber Security Storm Is Approaching

When the Target data breach occurred in 2013, the response was surprising as it took too much time to manage the consumer fallout. Watching communications unfold over time, I assumed that lawyers must have managed the response, because marketers would have handled it differently–focusing effort on mitigating consumer trust damage, brand damage, and negative financial consequences.

And so I’ve been interested in this topic—marketing’s role in data breaches—for some time. I came across an exceptionally knowledgeable individual on the topic, Holly Rollo, the CMO of RSA, the Security Division of EMC. RSA solutions enable customers worldwide to deliver business-driven security strategies. After listening to her, I decided to create a multi-part series on why CEOs and marketers need to wake up to the cyber security storm that is approaching. The following is the first post on the topic–focusing on the basics of cyber security as described by someone in marketing.

Whitler: What does a data breach mean? We use this term a lot, but how would you define it?

Rollo: Put simply, a data breach is a disclosure of information to an unauthorized party.  Oftentimes, people use terms like breach, compromise, or intrusion interchangeably. However, precision is critical, as there are consequential differences between these terms and the risk each presents to an organization. For the full article click here 

from cyber security caucus http://ift.tt/2eWL4iK
via IFTTT

UK to launch £1.9 BILLION cybersecurity strategy to strike back at hackers

The UK is set to drastically step up its cybersecurity defences against malicious hackers from both within and outside our borders.

Philip Hammond will announce a £1.9 billion known as the National Cyber Security Strategy at a Microsoft conference in London later today.

Attacks on the power grid networks and the country’s air traffic control are believed to be the chief concerns. A large portion of the cash will also go towards training more cybersecurity experts.

“Our new strategy… will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked,” Mr. Hammond will say today. For the full article click here 

from cyber security caucus http://ift.tt/2eWNGgu
via IFTTT