-
DHS to rely on big data to protect critical infrastructure, networks
DHS officials responsible for protecting federal civilian networks and critical industries from cyberattacks are going to rely more on big data analytics to predict, detect, and respond to future hacks, according to a White House progress reportreleased on 5 February. The report details how cybersecurity officials are “working across government and the private sector to identify and leverage the opportunities big data analytics presents to strengthen cybersecurity.”
-
-
CEO responsibilities for data breach
The job of a chief executive officer (CEO) is becoming more difficult every year. Today, in addition to being strategic visionaries and leaders, most CEOs must deal with complex legal issues surrounding their organizations. More often they are being held personally responsible for mistakes made by their organizations. Security breaches are one of the fastest growing legal issues facing many C-level executives. All C-level executives need to be prepared to handle a potential security crisis with the help of IT, legal, and PR (public relation) teams.Taking rapid countermeasures and openly communicating about breaches are key factors in effectively managing expectations of a company’s shareholders and customers.
-
-
Spotting, neutralizing hackers when they are already inside your systems
Since the Internet gained popularity in the 1990s, the traditional model of cybersecurity has been to build systems and software which could keep hackers out of computers. As hackers continue to tap into complex security systems, however, some cybersecurity experts are advising companies to focus on tricking or neutralizing hackers once they have infiltrated networks, rather than spending money only on trying to keep them out.
-
-
Cybersecurity sector welcomes Obama’s $14 billion cybersecurity initiatives in 2016 budget
Massachusetts cybersecurity firms applauded President Barack Obama proposed$14 billion toward cybersecurity initiatives in his 2016 budget. If approved, the federal government would spend more money on intrusion detection and prevention capabilities, as well as cyber offensive measures. Waltham-based defense contractor Raytheon, whose government clients already use the firm for its cybersecurity capabilities and expertise, believes the cybersecurity industry is expected to grow even faster in the coming years.
-
-
Obama continues push for cybersecurity bill
Following his remarks on cybersecurity at the 2015 State of the Union address, President Barack Obama will attenda summit on Cybersecurity and Consumer Protectionat Stanford Universitythis Friday. Attendees will include major stakeholders in cybersecurity and consumer financial protection issues, including executives from the financial services, telecommunications, and retail industries, as well as law enforcement officials and consumer advocates. Obama has requested $14 billion for cybersecurity initiatives in the 2016 federal budget, a 10 percent increase from 2015 budget.
-
-
Growing demand for cyber insurance, especially by small and mid-size businesses
Technology startup firms are leading the way in ensuring not only the security of their customers, but their own security as well. American businesses are expected to pay $2 billion for cyber insurance premiums in 2014, a 67 percent increase from just one year earlier. More than fifty U.S. insurance carriers are now offering cyber insurance policies. Even more impressively, many of these are focusing on small and mid-size businesses.
-
-
Emergence of the Internet of Things significantly weakens privacy protection
Researchers are urging consumers to take a proactive approach to ensure Internet privacy, particularly with companies that use and share Internet data to influence consumer behavior. They warn that privacy “approaches that rely exclusively on informing or ‘empowering’ the individual are unlikely to provide adequate protection against the risks posed by recent information technologies.”Those emerging risks include information compiled by Internet-connected appliances, cars, and health monitors.
-
-
Protecting the security for networks of the future
Today’s company networks comprise hundreds of devices: routers for directing data packets to the right receiver, firewall components for protecting internal networks from the outside world, and network switches. Such networks are extremely inflexible because every component, every router and every switch can carry out only the task it was manufactured for. If the network has to be expanded, the company has to integrate new routers, firewalls or switches and then program them by hand. This is why experts worldwide have been working on flexible networks of the future for the last five years or so, developing what is known as software-defined networking (SDN). It presents one disadvantage, however; it is susceptible to hacker attacks. Researchers have now developed a way to protect these future networks.
-
-
The encryption debate is heating up
The privacy vs. security debate is heating up. Should messages on private devices be encrypted to protect our privacy? Will this dangerously hamper national and international security efforts? If we go the encryption route, are technologies being implemented fast enough to protect sensitive data from criminals?
-
-
Privacy in the digital age essential to protecting basic liberties: Privacy law expert
In our increasingly digital world, the balance between privacy and free speech is tenuous, at best. We often overlook, however, the important ways in which privacy is necessary to protect our cherished civil liberties of freedom of speech, thought, and belief, says Neil M. Richards, JD, a privacy law expert at Washington University in St. Louis and author of the new book, Intellectual Privacy: Rethinking Civil Liberties in the Digital Age, published 2 February.
-
-
U.S. yet to develop a strategy to secure nation’s critical infrastructure
For years, the U.S. government has warned federal and state agencies about the threat posed by hackers who may target computer systems responsible for operating nuclear plants, electric substations, oil and gas pipelines, transit systems, chemical facilities, and drinking water facilities. In February 2013, President Barack Obama issued a directive stating, “It is the policy of the United States to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats.” Two years later the federal government has yet to develop or adopt a consensus on how to secure America’s critical infrastructure from cyber criminals.
-
-
Idaho bolsters the state’s cyber defenses
Idaho’s director of the Bureau of Homeland Security says that cyber threats remain the most important yet least understood risk to government and the private sector. He has announced plans to tackle that vulnerability in the state. The director of the Bureau says that cybersecurity will never be perfect, which makes it imperative for organizations like the Idaho Bureau of Homeland Security to focus on planning that incorporates not just defense, but also detection and the mitigation of damage that has already occurred.
-
-
Patriot Act’s reauthorization an obstacle for cyber information sharing bill
Recent cyber hacking incidents have persuaded lawmakers to pass a cyber information sharing bill which will help protect U.S. private sector networks. Business groups and federal intelligence agencies insist that information exchange is critical to protecting the nation’s cyber infrastructure. One of the hurdles to passing such a bill is that by 1 June, Congress must reauthorize sections of the Patriot Act which are the basis for the NSA’s most controversial surveillance programs. Many lawmakers consider NSA reform to be essential before they can support the White House’s cybersecurity proposal, which would allow cyber information sharing between the public and private sector.
-
-
New technology proves effective in thwarting cyberattacks on drones
Engineering researchers from the University of Virginia and the Georgia Institute of Technology have successfully flight-tested scenarios which could threaten drones, including ground-based cyber-attacks. The demonstration of U.Va’s System-Aware Cybersecurity concept and Secure Sentinel technology was part of a research project led by U.Va. engineers to detect and respond to cyber-attacks on unmanned aerial systems.
-
-
Mandatory cybersecurity regulations necessary to protect U.S. infrastructure: Experts
Since last year’s cyberattacks made public the cyber vulnerabilities of major U.S. firms including Sony Entertainment, JPMorgan Chase, and Target, President Barack Obama has been on the offensive, proposing strict rules better to prosecute hackers and make U.S. firms responsible for protecting consumer information. Experts say, though, that private firms are unlikely, on their own, to make the necessary financial investment to protect against a critical infrastructure cyberattack. What is needed, these experts say, is a mandatory cybersecurity framework followed by all entities involved with critical infrastructure, strong protection of information regarding cyberattacks shared with DHS, and a sincere effort from the private sector to secure their own networks.
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.