• NIST to refine Cybersecurity Framework after comments from stakeholders

    NIST is developing a minor update of its Cybersecurity Framework based on feedback from its users. In the just-released Cybersecurity Framework Feedback: What We Heard and Next Steps, NIST is announcing that a draft of the update will be published for comment in early 2017.

  • Closing security gaps in the Internet of Things

    Cars, fridges, household appliances – in the future, many everyday items will be online. This opens up numerous new targets for attacks. IT experts are developing protection mechanisms. The experts are developing a new method for detecting and fixing vulnerabilities in the applications run on different devices — regardless of the processor integrated in the respective device.

  • HIPAA audits and what you need to consider to keep your organization compliant

    HIPAA has long been a regulation which has been confusing, in many aspects requiring a legal degree to understand the complexity and exactly how to become and remain complaint.HIPAA was enacted in 1996, and it has taken twenty years for it to become the elephant in the room it is today.The regulation has become more sophisticated based on the overwhelming increase in data breaches with the medical industry experiencing the greatest impact.

  • Harnessing solar, wind energy in one device to power the Internet of Things

    The “Internet of Things” could make cities “smarter” by connecting an extensive network of tiny communications devices to make life more efficient. But all these machines will require a lot of energy. Rather than adding to the global reliance on fossil fuels to power the network, researchers say they have a new solution.

  • How Israel became a cybersecurity superpower

    Israel’s rise as one of the world’s leaders in cybersecurity has been boosted by cooperation between the military, government, education, and private sectors, a level of partnership unmatched in the Western world. Israel’s cybersecurity sector is now worth half a billion dollars annually — second only to the United States.

  • Cybersecurity cracks the undergraduate curriculum

    In a time when million-dollar security breaches of household name corporations regularly make headlines and complicate lives, computer science undergraduates at America’s universities remain surprisingly underexposed to basic cybersecurity tactics. the Software Assurance Marketplace (SWAMP), a national cybersecurity facility housed at the Morgridge Institute for Research in Madison, Wisconsin, has been working to address this skills gap by offering a suite of software security tools that Bowie State has been integrating into undergraduate coding courses, giving students a way to examine and rid their code of security weaknesses.

  • Argonne hosts Cyber Defense Competition

    More than seventy-five aspiring cyber defenders from across Illinois and Iowa converged last Saturday on the U.S. Department of Energy’s (DOE’s) Argonne National Laboratory to take on the challenge of Argonne’s first Collegiate Cyber Defense Competition. The competition provided a strong challenge for eight teams from seven colleges, forcing them to defend simulated power utility networks from a variety of realistic attacks by a “Red Team” made up of cyber experts from Argonne and industrial partners.

  • System predicts 85 percent of cyber-attacks using input from human experts

    Today’s security systems usually fall into one of two categories: human or machine. So-called “analyst-driven solutions” rely on rules created by living experts and therefore miss any attacks that do not match the rules. Meanwhile, today’s machine-learning approaches rely on “anomaly detection,” which tends to trigger false positives that both create distrust of the system and end up having to be investigated by humans, anyway. But what if there were a solution that could merge those two worlds? What would it look like? Virtual artificial intelligence analyst developed by the MIT’s Computer Science and Artificial Intelligence Lab and machine-learning startup PatternEx reduces false positives by factor of 5.

  • Hyperion cyber security technology receives commercialization award

    The commercial licensing of a cybersecurity technology developed at the Department of Energy’s Oak Ridge National Laboratory has been recognized by the Federal Laboratory Consortium for Technology Transfer (FLC) as a good example of moving technology to the marketplace. Hyperion, which has the capability automatically to analyze executable programs and recognize behaviors that signal malicious intent and vulnerabilities, was licensed to Virginia-based R&K Cyber Solutions, LLC, in late 2014.

  • Using unpredictability to defend computers from cyberattacks

    We want our computers to perform the way we expect. But what if the key to defeating malware is introducing a bit of chaos? Researchers think a bit of unpredictability could help outsmart malware. This is the logic behind Chameleon, the operating system they are developing. In Chameleon, which is still in the conceptual phase, unknown programs that could be malware run in a special “unpredictable” environment, where the OS intentionally introduces some unpredictability to the way they operate.

  • U Wyoming could become cybersecurity hub

    Wyoming Governor Matt Mead has requested state funding to develop a program at the University of Wyoming to become a center of excellence in cyber defense. According to the Wyoming Cybersecurity Education Initiative, proposed curriculum in the College of Engineering and Applied Science’s Department of Computer Science would educate students to defend against such attacks and “provide meaningful and sustainable impact to Wyoming’s technology sector through cybersecurity and information assurance higher-education programs.”

  • Optical illusions which fool computer vision raise security concerns

    Computers are learning to recognize objects with near-human ability. But researchers have found that computers, like humans, can be fooled by optical illusions, which raises security concerns and opens new avenues for research in computer vision

  • Kaplan launches cybersecurity education company

    Education provider Kaplan announced Wednesday that it has created a 12-person spin-off, split from a separate sister company called Cybervista, to offer Web-based cybersecurity courses. The creation of this new cybersecurity unit is an indication that the private sector is aware of, and trying to benefit from, the shortage of qualified security employees.

  • Tool improves government computer network security

    Government agencies, along with state and local governments, could receive a helping hand from a computer network security tool developed by computer scientists and engineers at DOE’s Lawrence Livermore National Laboratory. The LLNL software-based technology, known as the Network Mapping System (NeMS), does not allow a rogue computer which has gained access to a computer network to use a company’s virus protection systemd. The goal is to uncover any unauthorized devices to ensure a company is not at risk.

  • In our Wi-Fi world, the internet still depends on undersea cables

    Not many people realize that undersea cables transport nearly 100 percent of transoceanic data traffic. These lines are laid on the very bottom of the ocean floor. They’re about as thick as a garden hose and carry the world’s Internet, phone calls and even TV transmissions between continents at the speed of light. A single cable can carry tens of terabits of information per second. The cables we all rely on to send everything from e-mail to banking information across the seas remain largely unregulated and undefended. Any single cable line has been and will continue to be susceptible to disruption. And the only way around this is to build a more diverse system, because the thing that protects global information traffic is the fact that there’s some redundancy built into the system. But as things are, even though individual companies each look out for their own network, there is no economic incentive or supervisory body to ensure the global system as a whole is resilient. If there’s a vulnerability to worry about, this is it.