• The boom (or is it a bubble?) in federal cybersecurity

    The Obama administration and Congress are allocating more funds to cybersecurity; much of that new spending, estimated at $6 to $7 billion annually just in unclassified work, is focused on the Washington region, as the federal government consolidates many of its cybersecurity-focused agencies in the area; some VCs warn of a cybersecurity bubble

  • Cybersecurity summit pays little attention to control system's security

    Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference; the problem is safeguarding infrastructure’s control systems against attackers is that such protection requires a different approach to securing PCs or networks; Windows-based security products will not help; says one expert: “All the devices that sense things — temperature, pressure, flow, and things like that — are not Windows, those are proprietary, real-time or embedded, and there’s no security there”

  • U.K. launches competition to find cyber security experts

    The United Kingdom suffers from a dearth of cybersecurity experts; several private and public organizations have launched the Cyber Security Challenge competition — a series of challenges and games that would test the talent and skills of people; the challenges will be built around eight key skill areas which include digital forensics, network analysis and logical thinking

  • Commercial networks are now victims of targeted cyberattacks

    State-sponsored groups with deep technical skills and computing resources have long been directing targeted cyberattacks at government organizations and military targets; the Chinese intelligence services’ cyberattacks on Google are but the latest indication that cybercrooks are expanding their horizons and start aiming targeted attacks at commercial networks

  • Cybersecurity incidents in industrial control systems on the rise

    The good news is that only about 10 percent of U.S. industrial control systems are actually connected to the Internet; the bad news is that even with minimal Internet access, malware and breaches are increasingly occurring in utility, process control systems; cybersecurity incidents in petroleum and petrochemical control systems have declined significantly over the past five years — down more than 80 percent — but water and wastewater have increased 300 percent, and power/utilities by 30 percent

  • Congress to address important cybersecurity initiatives

    Congress is setting to tackle important cybersecurity-related issues — including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development, and realign the National Institute of Standards and Technology’s (NIST) laboratories

  • The 2010 Security Treasure Hunt cybersecurity competition launched in California

    California on Tuesday launched the 2010 Security Treasure Hunt; the online competition is part of a national effort to identify young men and women with the potential to become world-class cybersecurity professionals

  • To avoid cyberwar and protect infrastructure -- fight cybercrime first

    Fighting cybercrime is the first step to avoiding cyberwar, protecting infrastructure; Christopher Painter, the White House’s senior director for cybersecurity: “There are a couple of things we need to do to harden [critical infrastructure] targets” — “But the other thing you need to do is reduce the threat. And the predominant threat we face is the criminal threat — the cybercrime threat in all of its varied aspects”

  • Cybersecurity companies weather the economic downturn

    Cybersecurity companies may have suffered during the economic downturn — but they suffered less; some companies even saw an increase in revenues; “The things that we’re delivering have become more of a necessity than a nice to have,” says the president of an Iowa-based company which provides technical support and corporate security for desktop computers — and which increased its annual revenue by 41 percent in 2009

  • IT experts: Security risks of cloud computing outweigh benefits

    Cloud computing services are expected to experience dramatic growth, hitting $44.2 billion by 2013, outpacing traditional IT spending; other estimates, including a recent study by Global Industry Analysts, indicate that by 2015 cloud computing services could represent a more than $200 billion market opportunity; still, worries about the security of cloud computing linger: 45 percent of IT professionals responding to an ISAAC survey say the risks of cloud computing outweigh the lower total cost of ownership (TCO), high return on investment (ROI), increased efficiency, and pay-as-you-go services

  • FCC to move forward with national broadband plan

    FCC will move forward on the with key recommendations in its national broadband plan — even though a federal appeals court this week undermined the agency’s legal authority to regulate high-speed Internet access; plan calls for advancing “robust and secure public safety communications networks”

  • U.S. government encounters shortage of skilled cyber-security workers

    DHS and the FBI, among other government agencies, are now posting job openings in cybersecurity, describing the chief responsibilities of these jobs as preserving the nation’s freedoms and securing the homeland; the recruitment campaign is going slowly because the pool of truly skilled security professionals is a small one, and the government is only the latest suitor vying for their talents

  • Federal IT professionals: Cyberattack on U.S. critical infrastructure looming

    More than half of federal IT professionals surveyed believe the potential is “high” for a cyberattack from a foreign nation against critical IT infrastructure in the next year; moreover, 42 percent of them think the U.S. government’s ability to prevent or handle such an attack is merely fair to poor.

  • Cybercriminals exploit search engine optimization techniques

    Cybercriminals have another tool at their disposal: search engine optimization (SEO); hackers use automated kits to apply blackhat SEO methods — cynically exploiting tragic or salacious breaking news stories — to subvert searches in order to point surfers toward scareware download portals or other scams

  • FAA bolsters cybersecurity with help from IBM

    Malware introduced into the U.S. Federal Aviation Administration’s (FAA) computer network which monitors and controls U.S. aviation can bring down a plane and cause havoc as surely as liquid explosives or underwear bombs can; the IBM is teaming up with the FAA to build a cybersecurity system which will improve defense against cyberattacks on the U.S. civilian aviation network; the flexible model used in the prototype system will be designed to look retrospectively at event occurrences and system compromises, and it will also be able to correlate historical traffic patterns with dynamic data from monitors, sensors, and other devices capturing information about network traffic and user activity in real time