• $5 million for new cybersecurity building at Ben-Gurion University of the Negev

    Ben-Gurion University of the Negev (BGU) is a central component of the new “CyberSpark” initiative, a multi-component cyber eco-system. It is the only complex of its type in the world which is a government-academic-industry partnership and includes Fortune 500 companies and cyber-incubators, academic researchers and educational facilities, as well as national government and security agencies. A $5 million contribution will underwrite construction of the building that will house the Cyber Security Institute.

  • Virtually every agency of the U.S. government has been hacked: Experts

    DHS’ National Cybersecurity and Communications Integration Center (NCCIC) has so far responded to more than 600,000 cyber incidents this fiscal year; has issued more than 10,000 alerts to recipients to help secure their systems; and in seventy-eight cases deployed DHS experts to provide technical assistance.Robert Anderson, the executive assistant director for the FBI’s Criminal, Cyber, Response, and Services branch, told lawmakers that virtually all agencies of the U.S. government have in some way been hacked.

  • A tool helps malware identification in smartphones

    With the massive sales of smartphones in recent years (more than personal computers in all of their history), malware developers have focused their interest on these platforms. The amount of malware is constantly increasing and it is becoming more intelligent. Researchers have developed a tool to help security analysts protect markets and users from malware. This system allows a large number of apps to be analyzed in order to determine the malware’s origins and family.

  • Day of commercially available quantum encryption nears

    If implemented on a wide scale, quantum key distribution technology could ensure truly secure commerce, banking, communications, and data transfer. Los Alamos National Laboratory signs the largest information technology agreement in the lab’s history which aims to bring quantum encryption to the marketplace after nearly twenty years of development at the national-security science laboratory.

  • Retailers spend less on cybersecurity than other industries, and it shows

    Cybersecurity analysts say that retailers are spending less on cybersecuirty measures than banks and healthcare providers. Retailers spend 4 percent of their IT budgets on cybersecuirty, while financial services and healthcare providers spend 5.5 percent and 5.6 percent, respectively. On cybersecurity spending per employee, the banking and finance industries spend roughly $2,500 per employee, while retailers invest about $400 per employee. On Tuesday, Home Depot became the latest retailer to investigate a potential major breach of customer credit or debit card data.

  • Virginia welcomes cybersecurity start-ups to a state-backed business accelerator

    Earlier this week, MACH37, a business accelerator for cybersecurity start-ups in Virginia, welcomed a new group of companies one year after it was launched to help establish the state as a hub for cybersecurity firms. The three-month program, funded with state money, offers a $50,000 investment and access to a network of mentors to companies that can turn their ideas into viable businesses.

  • Who is to blame when iCloud is "hacked" – you or Apple?

    A hacker’s release of personal photos of actress Jennifer Lawrence and other female celebrities on the Internet on the weekend has again drawn our attention to the security of our personal information online. Apple may wish to absolve itself of responsibility when individuals lose control of their personal data, yet understanding the control of data as a personal matter disregards how iCloud and similar services actually operate. If Apple and other cloud-based services want our trust, then they have to acknowledge the role their products play in perpetuating anxieties of data-out-of-control.

  • Deterring cyberattacks requires building a public-private partnership

    Cyberattacks loom as an increasingly dire threat to privacy, national security, and the global economy, and the best way to blunt their impact may be a public-private partnership between government and business, researchers say. The time to act is now, however, rather than in the wake of a crisis, says an expert in law and technology. The expert says that an information-sharing framework is necessary to combat cybersecurity threats.

  • Major weakness discovered in Android, Windows, and iOS

    Researchers have identified a weakness believed to exist in Android, Windows, and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone. The researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested.

  • Maryland creates fund to support cybersecurity startups

    The Maryland Technology Development Corporation, (TEDCO) an independent public organization founded by the Maryland General Assemblyand funded by the state, has created a $1 million fund to invest in startups developing new cybersecurity technologies.

  • New framework facilitates use of new Android security modules

    Computer security researchers have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Android Security Modules (ASM) framework aims to eliminate the bottleneck that prevents developers and users from taking advantage of new security tools.

  • Winners announced in U.S. Cyber Challenge Western regional competition

    Angela Rey, Lee Christensen, and Vincent Venem were on the winning team for the 2014 U.S. Cyber Challenge (USCC) Western Regional “Capture the Flag” competition. The seventy participants were selected based in part on their scores from Cyber Quests, an online competition offered through the USCC in April that drew more than 1,600 participants from almost 700 schools nationwide.

  • Energy companies slow to buy cyberdamage insurance

    The U.S. oil industry will spend $1.87 billion on cybersecurity defense systems by 2018, but less than 20 percent of U.S. companies overall are covered for cyberdamages. “Imagine what could happen if a large refinery or petrochemical facility’s safety monitoring systems were hijacked near an urban area, or a subsea control module was no longer able to be controlled by the people who should be controlling it,” says one expert. “As we’ve all seen from Deepwater Horizon [the 2010 BP Gulf oil spill] those risks and damages can be astronomical. It requires an immediate response.”

  • Financial firms go beyond NIST's cybersecurity framework

    The National Institute of Standards and Technology(NIST) released its Framework for Improving Critical Infrastructure Cybersecurityin February 2014. Utilities, banks, and other critical industries welcomed the guidelines, but many considered the framework to be a baseline for what was needed to continuously protect their networks from cyberattacks. Some financial firms have developed industry-based cyber policies through association such as the Financial Services Information Sharing and Analysis Center’s (FS-ISAC) Third Party Software Security Working Group. The group has been reviewing cyber policies since 2012, before the NIST guidelines were finalized.

  • All-industry cybersecurity association needed: Experts

    A new report is calling for a professional association committed to serving the cybersecurity industry. Theacknowledged the shortage of qualified cybersecurity professionals, as well as the difficulty of recruiting, training, and hiring potential candidates.Experts say that a cybersecurity association could help assess the needs of employers seeking cybersecurity professionals, establish ongoing training and development programs, and also help develop cybersecurity standards across all industries.