Cybersecurity

  • Growing demand for cyber insurance, especially by small and mid-size businesses

    Technology startup firms are leading the way in ensuring not only the security of their customers, but their own security as well. American businesses are expected to pay $2 billion for cyber insurance premiums in 2014, a 67 percent increase from just one year earlier. More than fifty U.S. insurance carriers are now offering cyber insurance policies. Even more impressively, many of these are focusing on small and mid-size businesses.

  • Emergence of the Internet of Things significantly weakens privacy protection

    Researchers are urging consumers to take a proactive approach to ensure Internet privacy, particularly with companies that use and share Internet data to influence consumer behavior. They warn that privacy “approaches that rely exclusively on informing or ‘empowering’ the individual are unlikely to provide adequate protection against the risks posed by recent information technologies.”Those emerging risks include information compiled by Internet-connected appliances, cars, and health monitors.

  • Protecting the security for networks of the future

    Today’s company networks comprise hundreds of devices: routers for directing data packets to the right receiver, firewall components for protecting internal networks from the outside world, and network switches. Such networks are extremely inflexible because every component, every router and every switch can carry out only the task it was manufactured for. If the network has to be expanded, the company has to integrate new routers, firewalls or switches and then program them by hand. This is why experts worldwide have been working on flexible networks of the future for the last five years or so, developing what is known as software-defined networking (SDN). It presents one disadvantage, however; it is susceptible to hacker attacks. Researchers have now developed a way to protect these future networks.

  • The encryption debate is heating up

    The privacy vs. security debate is heating up. Should messages on private devices be encrypted to protect our privacy? Will this dangerously hamper national and international security efforts? If we go the encryption route, are technologies being implemented fast enough to protect sensitive data from criminals?

  • view counter
  • Privacy in the digital age essential to protecting basic liberties: Privacy law expert

    In our increasingly digital world, the balance between privacy and free speech is tenuous, at best. We often overlook, however, the important ways in which privacy is necessary to protect our cherished civil liberties of freedom of speech, thought, and belief, says Neil M. Richards, JD, a privacy law expert at Washington University in St. Louis and author of the new book, Intellectual Privacy: Rethinking Civil Liberties in the Digital Age, published 2 February.

  • U.S. yet to develop a strategy to secure nation’s critical infrastructure

    For years, the U.S. government has warned federal and state agencies about the threat posed by hackers who may target computer systems responsible for operating nuclear plants, electric substations, oil and gas pipelines, transit systems, chemical facilities, and drinking water facilities. In February 2013, President Barack Obama issued a directive stating, “It is the policy of the United States to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats.” Two years later the federal government has yet to develop or adopt a consensus on how to secure America’s critical infrastructure from cyber criminals.

  • view counter
  • Assad regime employed Skype to steal military plans from moderate rebels

    A FireEye report details the activities of a cyber-espionage group that stole Syrian opposition’s strategies and battle plans. To undertake this operation, the threat group employed a familiar tactic: ensnaring its victims through conversations with seemingly sympathetic and attractive women. As the conversations progressed, the “women” would offer up a personal photo, laden with malware and developed to infiltrate the target’s computer or Android phone.

  • New Chinese cyber rules aim to facilitate intellectual property theft: U.S. tech companies

    The Chinese government’s cyberspace policy group in late 2014 approved a 22-page document which contained strict procurement rules for technology vendors. Those rules would require U.S. firms selling computer equipment in China to turn over sensitive intellectual property — including source codes — submit their products for “intrusive security testing,” and use Chinese encryption algorithms. U.S. companies selling equipment to Chinese banks will be required to set up research and development centers in China, get permits for workers servicing technology equipment, and build “ports” which allow Chinese officials to manage and monitor data processed by their hardware. U.S. tech companies charge that the new rules would make it easier for China to steal U.S. companies’ intellectual property.

  • Idaho bolsters the state’s cyber defenses

    Idaho’s director of the Bureau of Homeland Security says that cyber threats remain the most important yet least understood risk to government and the private sector. He has announced plans to tackle that vulnerability in the state. The director of the Bureau says that cybersecurity will never be perfect, which makes it imperative for organizations like the Idaho Bureau of Homeland Security to focus on planning that incorporates not just defense, but also detection and the mitigation of damage that has already occurred.

  • Patriot Act’s reauthorization an obstacle for cyber information sharing bill

    Recent cyber hacking incidents have persuaded lawmakers to pass a cyber information sharing bill which will help protect U.S. private sector networks. Business groups and federal intelligence agencies insist that information exchange is critical to protecting the nation’s cyber infrastructure. One of the hurdles to passing such a bill is that by 1 June, Congress must reauthorize sections of the Patriot Act which are the basis for the NSA’s most controversial surveillance programs. Many lawmakers consider NSA reform to be essential before they can support the White House’s cybersecurity proposal, which would allow cyber information sharing between the public and private sector.

  • New technology proves effective in thwarting cyberattacks on drones

    Engineering researchers from the University of Virginia and the Georgia Institute of Technology have successfully flight-tested scenarios which could threaten drones, including ground-based cyber-attacks. The demonstration of U.Va’s System-Aware Cybersecurity concept and Secure Sentinel technology was part of a research project led by U.Va. engineers to detect and respond to cyber-attacks on unmanned aerial systems.

  • European govts. urge U.S. tech companies to remove terrorist-related postings from sites

    The terror attacks in Paris have led French and German authorities to call on U.S. tech firms to help identify terrorist communications and remove hate speech from social media sites. The United Kingdom has also, for several months now, pressed Internet firms to be proactive in removing extremist content such as videos of sermons by radical Islamic preachers or recruitment material, from their sites. These recent requests for more cooperation between U.S. tech firms and European governments contrast with calls from many of the same governments who, following the Edward Snowden leaks, criticized U.S. tech firms for being too close to law enforcement agencies.

  • U.S.-U.K. cyber war games to test the two countries’ cyber resilience

    American and British security agencies have agreed to a new round of joint cyber “war games” to test each country’s cyber resilience. The move comes after a year of high profile cyberattacks against the U.S. private sector and after warnings from the U.K. Government Communications Headquarters that computer networks of British firms face daily attacks by hackers, criminal gangs, competitors, and foreign intelligence services.

  • 8 Tips to prevent data breaches

    Securing electronic messages should be one of the top IT priorities for organizations in 2015. The process should not be overly complex or expensive, but it does require proper planning and regular revisions. While there is no such thing as a 100 percent breach-proof security system, the majority of attacks can easily be prevented by following the simple steps outlined in this article.

  • Smart keyboard can tell who you are – and also powers and cleans itself

    In a novel twist in cybersecurity, scientists have developed a self-cleaning, self-powered smart keyboard that can identify computer users by the way they type. The smart keyboard can sense typing patterns — including the pressure applied to keys and speed — that can accurately distinguish one individual user from another.