• FERC orders development of physical security standards for transmission grid

    The Federal Energy Regulatory Commission (FERC) on Friday directed the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the Bulk-Power System to address risks due to physical security threats and vulnerabilities.

  • Software spots malicious behavior by apps

    Last year at the end of July the Russian software company Doctor Web detected several malicious apps in the app store Google Play. Downloaded on a smartphone, the malware installed — without the permission of the user — additional programs which sent expensive text messages to premium services. German computer scientists have now developed software which can discover such malicious apps already in the app store. The software detects pieces of code where the app accesses sensitive data and where data is sent from the mobile device.

  • Biometric security for mobile devices becoming mainstream

    Biometric security such as fingerprint, face, and voice recognition is set to hit the mainstream as global technology companies market the systems as convenient and easy to use. The latest biometric technologies are not without their security issues, but they are marketed as more convenient than traditional methods rather than more secure, and encourage adoption by people who currently do not have any security on their phone at all.

  • Platform for operating systems would outwit cyber criminals

    As smartphone use surges, consumers are just beginning to realize their devices are not quite as secure as they thought. A Swedish research team is working on a way to secure mobile operating systems so that consumers can be confident that their data is protected.

  • Collecting digital user data without compromising privacy

    The statistical evaluation of digital user data is of vital importance for analyzing trends. It can also undermine users’ privacy. Computer scientists have now developed a novel cryptographic method that makes it possible to collect data and protect the privacy of the user at the same time.

  • U.S. Army releases first field manual for war in the electromagnetic spectrum

    Sergei Gorshkov, former Admiral of the Fleet of the Soviet Union, once remarked that “the next war will be won by the side that best exploits the electromagnetic spectrum.” The U.S. Army agrees, releasing its first field manualfor Cyber Electromagnetic Activities (CEMA). The Pentagon defines cyber electromagnetic activities as activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy the use of such capabilities, and protecting the mission command system.

  • Pro-regime Syrian hackers threaten cyberattacks on CENTCOM

    Last Friday, the Syrian Electronic Army (SEA) threatened to launch a cyberattack on U.S. Central Command (CENTCOM) if the United States would conducts cyberwarfare operations against Syria.

    The SEA is a group of Syrian computer hackers who support Syrian President Bashar al-Assad. Cyber experts say the group’s threat should not be dismissed. “This is a very capable group that has done some very significant things against well-defended targets,” says Bob Gourley, a former Chief Technology Officer for the Defense Intelligence Agency (DIA).

  • Securing Industry 4.0

    An increasing number of unsecured, computer-guided production machinery and networks in production facilities are gradually evolving into gateways for data theft. New security technologies may directly shield the sensitive data that is kept there.

  • Safeguarding networks when disasters strike

    Disasters both natural and human-caused can damage or destroy data and communications networks. Several presentations at the 2014 OFC Conference and Exposition, being held 9-13 March in San Francisco, will present new information on strategies that can mitigate the impacts of these disasters. Researchers created an algorithm that keeps data safe by moving or copying the data from data centers in peril to more secure locations away from the disaster. The algorithm assesses the risks for damage and users’ demands on the network to determine, in real-time, which locations would provide the safest refuge from a disaster. Other researchers suggest that if fiber-optic cables are down, wireless communication can fill the void and be part of a temporary, emergency network. For such a system to work, however, wireless technology would have to be integrated with the fiber-optic network that transports data around the world.

  • BGU startup Titanium Core wins Cybertition cyber security competition

    Ben-Gurion University of the Negev startup Titanium Core won the first Jerusalem Venture Partners (JVP)-sponsored Cybertition cyber security competition. Titanium Core uses a multilayered security approach to repel attacks on mission-critical systems, provide real-time attack information, and prevent threats from moving onto other computer systems. The company will receive $1 Million investment from JVP and space in the JVP Cyber Labs incubator, located in the cyber center in Beer-Sheva, adjacent to Ben-Gurion University.

  • Experts call for a new organization to oversee grid’s cybersecurity

    In 2013, U.S. critical infrastructure companies reported about 260 cyberattacks on their facilities to the federal government. Of these attacks, 59 percent occurred in the energy sector. A new report proposes that energy companies should create an industry-led organization to deflect cyber threats to the electric grid. Modeled after the nuclear industry’s Institute of Nuclear Power Operations, the proposed organization, to be called the Institute for Electric Grid Cybersecurity, would oversee all the energy industry players that could compromise the electric grid if they came under a cyberattack.

  • NIST’s voluntary cybersecurity framework may be regarded as de facto mandatory

    The National Institute of Standards and Technology’s (NIST) voluntary cybersecurity frameworkissued in February establishes best practices for companies that support critical infrastructure such as banking and energy. Experts now warn that recommendations included in the framework may be used by courts, regulators, and even consumers to hold institutions accountable for failures that could have been prevented if the cybersecurity framework had been fully implemented by the respective institution.

  • University of Texas at San Antonio ranked top U.S. cybersecurity school

    The University of Texas at San Antonio (UTSA) ranks as the top school for cybersecurity courses and degree programs according to a Hewlett-Packard (HP)-sponsored surveyof 1,958 certified IT security professionals. The schools undergraduate and graduate programs received top marks for academic excellence and practical relevance.

  • CounterTack, developer of an end-point threat detection solution, closes out Series B funding at $15 million

    CounterTack, a developer of real-time endpoint threat detection solutions, has closed out its Series B financing round with an additional $3 million to complete a $15 million raised. With this extension, the Venture Capital unit of Siemens (SFS VC) joins CounterTack investors including Goldman Sachs, Fairhaven Capital, and a group of private financiers to fund an accelerated technology expansion and market delivery of CounterTack’s Sentinel platform.

  • CloudLock, a cloud security specialist, raises $16.5 million Series C round

    CloudLock, a cloud security specialist, has raised $16.5 million in a Series C funding round from new investor Bessemer Venture Partners, and participation of existing investors Cedar Fund and Ascent Venture Partners. The company says that 2013 saw continuing growth in adoption by cloud-bound organizations of the company’s people-centric security automation approach, with a pure SaaS content-aware and policy-based solution, by companies in different verticals, across multiple cloud platforms like Google Apps and Salesforce.