• NSA: Perfect Citizen program is purely "research and engineering effort"

    Perfect Citizen, a new National Security Agency (NSA) project, would deploy sensors in networks running critical infrastructure such as the electricity grid and nuclear-power plants; the sensors would detect intrusion and other unusual activity indicating a cyberattack on U.S. critical infrastructure; NSA spokeswoman says the program is “purely a vulnerabilities-assessment and capabilities-development contract—- This is a research and engineering effort” and “There is no monitoring activity involved, and no sensors are employed in this endeavor”

  • U.S. quietly launches protection program against cyber attacks on critical infrastructure

    The administration has quietly launched Perfect Citizen, a digital surveillance project to be run by the NSA; the project’s goal is to detect and detect cyber attacks on private companies and government agencies running critical infrastructure such as the electricity grid, nuclear-power plants, dams, and more; the program would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack — although it would not persistently monitor the whole system

  • GAO: U.S. lacks cybersecurity R&D master plan, leadership, coordination

    GAO says United States does not have prioritized national cybersecurity research and development agenda; “Without a current national cybersecurity R&D agenda, the nation is at risk that agencies and private sector companies may focus on their individual priorities, which may not be the most important national research priorities,” auditors wrote

  • Secureworks World Cup of cyber security finds India the safest nation, U.S. the least safe

    Digitally speaking, the United States is the least cyber-secure country in the world: with 265,700,000 active PCs, there were 441,003,516 attempted cyber attacks, or 1,660 attacks per 1,000 computers; India is the safest digital country in the world, with a mere 52 attacks per 1,000 PCs

  • Lebanon: alleged Israeli spy had access to "most significant segment" of cell phone network

    Lebanon arrested a high-level employee of one of the two Lebanese mobile phone networks, saying he has been working for Israeli intelligence since 1996; the authorities say he may have planted monitoring devices allowing the Israelis to tap directly into the Alfa network, one of the two major cell phone companies operating in Lebanon

  • Chase: IE6 "more secure" than Chrome, Opera

    Banking giant Chase said it found the old IE6 to be more secure — and popular — than either Google’s Chrome or Opera; the bank’s online banking services will, therefore, continue to support aging the IE 6 but drop support for Chrome and Opera; also making the cut are Mozilla’s Firefox 2.0 and higher and version 3.0 and higher of Apple’s Safari on the Mac — but not the PC

  • Obama emphasizes identity management

    The Obama administration is planning to promote identity management throughout the government; Howard Schmidt: “The ability to interact with the government in a very secure manner, where privacy and civil liberties are protected and you can only do that with some of the things you look at from an identity management perspective”

  • U.S. government to direct more to cybersecurity

    The three themes undergirding the Obama administration’s multi-billion dollar cybersecurity strategy: first, “tailored trustworthy spaces,” which means creating different security levels for different government and non-government Internet activities; second, “moving targets,” in which the search is for security systems that change constantly to increase uncertainty for hackers; third, “economic incentives,” which involves seeking to find ways to motivate users to adopt cybersecurity defenses

  • Lawmakers to combine cybersecurity bills

    Reforming the Federal Information Security Management Act (FISMA) and defining the role of the White House and other agencies are common themes in the many cybersecurity bills now circulating on the Hill

  • Smart Grid cybersecurity market to reach $3.7 billion by 2015

    Spending on security for the smart grid will represent approximately 15 percent of total smart grid capital investment between now and 2015; cumulative investment in the security sector will reach $21 billion between 2010 and 2015, with annual revenue reaching $3.7 billion by 2015; among other incentives, one key condition for smart grid funding awarded last year under the federal stimulus program was that the awardees incorporate strong security into their smart grid initiatives

  • Industry concerned about DHS standards on cybersecurity

    Private cybersecurity companies worry that too-stringent cybersecurity laws and regulations could have a detrimental impact on private sector innovation; “The government needs to be very careful about imposing too much of a top-down standards process,” said McAfee vice president of government relations Tom Gann; “We need to bring products to market very quickly. They need to make sure we can get latest technology”

  • Microsoft offers developers cloud security tips

    New paper provides best practices for writing applications for Windows Azure; one Microsoft security official: “it is important that people building software or hosting services in ‘The Cloud’ understand that they must also build software with security in mind from the start”

  • World Cup security uses quantum encryption to thwart hackers

    Scientists in South Africa are helping the organizers of the World Cup by tapping the laws of physics to prevent hackers from monitoring videos, e-mails, and phone calls relayed between Durban’s Moses Mabhida Stadium and a nearby operations center for police, firefighters, and military personnel

  • "Zero knowledge" keeps secrets you put on the net safe

    Intrigued by topics that touch on mathematics, computer science, physics and neuroscience, Professor Shafrira Goldwasser has made far-reaching contributions to keeping your data safe on-line; the solution she discovered used randomized methods of encoding, which came to underlie all future protocols for secure Internet transactions and data privacy

  • Web services could work with sensitive data -- without decrypting the data

    A cryptographic method could allow cloud services to work with sensitive data without ever decrypting it; a novel technique could see future Web services work with sensitive data without ever being able to read it; several implementations of a mathematical proof unveiled last year will allow cryptographers to start making the proposal more practical.