• Registration opens for NIST Cybersecurity Framework Workshop

    Executive Order 13636, Improving Critical Infrastructure Cybersecurity, gave NIST the responsibility to work with industry to develop a voluntary “framework” — incorporating existing standards, guidelines, and best practices — that institutions could use to reduce the risk of cyber attacks. The National Institute of Standards and Technology (NIST) has opened registration for its Third Cybersecurity Framework Workshop, to be held 10-12 July 2013, in San Diego, California.

  • Israel taps 10th graders’ cybersecurity skills to expand cybersecuity recruitment pool

    Israel has been subjected to a growing number of cyberattacks – and has itself used cyber-warfare against its adversaries. To make sure it stays ahead, Israel is accelerating its recruitment and development efforts in cybersecurity. Among other initiatives, the country is expanding the pool of potential cyberwarriors by going into high school classrooms to tap the cyber skills of tenth-graders.

  • NSA director: surveillance programs prevented “dozens” of terror attacks

    Gen. Keith Alexander, the director of the National Security Agency (NSA) and commander of the U.S. Cyber Command, told lawmakers yesterday (Wednesday) that the NSA’s electronic surveillance programs have been indispensable in thwarting “dozens” of terrorist attacks on targets in the United States and abroad. He told the senators that securing a “cyber arena” could be done without infringing upon the privacy rights of Americans. “We do not see a tradeoff between security and liberty,” Alexander said, later adding, “We are trying to protect Americans.”

  • House panel to unveil cybersecurity bill

    Republicans on the House Homeland Security Committee are close to finalizing a long-awaited cybersecurity bill, following extensive discussions with private companies.The bill formally establishes DHS’s already-operating National Cybersecurity and Communications Integration Center, to circulate cyberthreat and vulnerability data.

  • ACLU files lawsuit challenging NSA's phone surveillance

    In the wake of the past week’s revelations about the NSA’s surveillance of phone calls, the yesterday American Civil Liberties Union (ACLU) filed a lawsuit charging that the program violates Americans’ constitutional rights of free speech, association, and privacy.

  • BugBuster automatically finds bugs in applications

    To overcome problems associated with using Web sites, problems which range from the annoying to those which inflict severe financial pain on large companies, a Swiss start-up has developed the first intelligent tool which finds out on its own how to interact with an application whose code it tests according to various possible scenarios.

  • Government-developed standards not an effective cybersecurity approach: analyst

    DHS said the department has “recently learned of a vulnerability that existed in the software used by a DHS vendor to process personnel security investigations.” analyst says that it is bad enough that hackers gained access to the personal information of thousands, but what is even more worrisome is the fact that DHS, with it spotty cyber security record, has been placed in charge of regulating the cybersecurity efforts of critical infrastructure industries.

  • Los Alamos director: cyber-securing U.S. electrical grid key to energy security

    Los Alamos National Lab (LANL) director Charlie McMillan told a gathering of energy executives that securing the U.S. electrical grid is a major concern now, and it is only becoming more serious.

  • Hagel says Chinese cyberattacks a “growing threat”

    Defense Secretary Chuck Hagel warned of a “growing threat” of cyberattacks against the United States, saying that America and its allies need to “establish international norms of responsible behavior in cyberspace.” Hagel spoke to an audience of defense analysts and defense ministers from Asia and Europe at the annual conference of the International Institute for Strategic Studies on Saturday.

  • Android anti-virus products easily evaded: study

    Researchers tested ten of the most popular antiviral products for Android and found each could be easily circumnavigated by even the most simple obfuscation techniques. “Many of these products are blind to even trivial transformation attacks not involving code-level changes — operations a teenager could perform,” one of the researchers say.

  • Chinese government hackers steal designs of advanced U.S. weapons systems

    The Chinese government has been conducting a broad, sustained, and disciplined campaign of cyberattacks against U.S. government agencies, critical infrastructure, private companies, and news organizations. The public version of a study prepared for the Pentagon by the Defense Science Board now says that Chinese government hackers have also been able to penetrate the computer networks of all the major U.S. defense contractors, stealing the designs and specifications of the most advanced weapon system in the U.S. arsenal, and gaining insights into broad technologies on which U.S. military advances are based.

  • Report: U.S. companies should consider counter-hacking Chinese hackers

    A group studying how the United States should respond to the sustained campaign of cyberattacks conducted by Chinese government hackers against U.S. companies, said the United States should seriously consider a campaign of retaliatory cyberattacks against the hackers.

  • U.S. to help protect private companies from malicious cyberattacks

    The U.S. government said it will help protect private companies from cyber attacks. DHS secretary Janet Napolitano said a system is being developed which will monitor Internet traffic directed to critical infrastructure businesses and block attacks on software programs.

  • Panel's draft bill shields DHS funds

    A house panel introduced a bill last week that will protect DHS from budget cuts facing other domestic agencies under the house’s budget plan. This will allow the department to hire 1,600 new agents at Customs and Border Patrol agency, replace cuts to local and state governments, boost spending on cybersecurity, and abandon cuts to the Coast Guard.

  • Cybersecurity framework for critical infrastructure: analysis of initial comments

    On 12 February 2013 President Obama issued the “Improving Critical Infrastructure Cybersecurity” executive order, which called for the National Institute of Standards and Technology (NIST) to work with industry to develop a voluntary framework to reduce cybersecurity risks to the nation’s critical infrastructure, which includes power, water, communication, and other critical systems.