Cybersecurity's Automation Imperative

Data Breach Today

Cybersecurity: Building Better Teams

Data Breach Today

Deborah Kish of Fasoo on Rethinking the Approach When it comes to rethinking how enterprises structure their cybersecurity teams, Deborah Kish of Fasoo says that teamwork and better coordination among stakeholders are essential

Cybersecurity's Week From Hell

Data Breach Today

Is this cybersecurity's new normal Fix WhatsApp, Windows, Cisco and CPUs From Intel - Pending Patch Availability Multiple flaws - all serious, exploitable and some already being actively exploited - came to light this week.

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead

NSA Launches New Cybersecurity Directorate

Security Affairs

NSA is redefining its cybersecurity mission and with the Cybersecurity Directorate it will enhance its partnerships with unclassified collaboration and information sharing. ” The State of Cybersecurity. What the NSA’s Directorate Means for Cybersecurity.

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

“Even if the vendor in question is a cybersecurity company, it doesn’t necessarily mean they’re eating their own dog food.”

Creating a 'Defensible' Cybersecurity Program

Data Breach Today

Tom Scholtz of Gartner Says Flexible, Executive-Endorsed Programs Succeed Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz.

HHS Proposes Allowing Cybersecurity Donations to Doctors

Data Breach Today

Safe Harbor' Would Modify Stark Law, Anti-Kickback Regulations Federal regulators are proposing a "safe harbor" that would permit hospitals to donate certain cybersecurity software and services to physicians.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. academicpapers cybersecurity insurance riskassessment risksFrom the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security.

Open Cybersecurity Alliance: In Pursuit of Interoperability

Data Breach Today

With 18 Vendors on Board, Experts Assess New Group's Chances for Success Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications.

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

government shutdown is impacting agencies integral to the nation's cybersecurity readiness, and experts fear its long-term impact on the country's cyberattack response capabilities, as well as the risk that it will drive away desperately needed new cybersecurity talent from entering public service

Trump Shakeup Impacts Cybersecurity Policy

Data Breach Today

cybersecurity policy, as the agencies play a key role in securing infrastructure and investigating financial cybercrime.

Medical Device Cybersecurity: 3 Alerts Issued

Data Breach Today

CERT, a Unit of CISA, Warns of Vulnerabilities That Need Mitigation Federal regulators have recently issued three advisories on cybersecurity vulnerabilities identified in medical devices.

Most Americans Fail Cybersecurity Quiz

Threatpost

Facebook Mobile Security Privacy Vulnerabilities Web Security 2FA americans cybersecurity awareness HTTPS Instagram Pew Research Center Phishing WhatsAppStudy participants fail to correctly identify core security concepts and tools to help them stay safe online.

The Role of DNS in Cybersecurity

Data Breach Today

Stuart Reed of Nominet on Improving Visibility DNS is cybersecurity's best-kept secret for eliminating threats, says Stuart Reed of Nominet, who explains the value of analyzing traffic

Cybersecurity Leadership: The Next Generation

Data Breach Today

IoT, the cloud, third-party risk - we hear a lot about how the cybersecurity risk surface and threat landscape have evolved. But what about the new business demands on cybersecurity leaders? Christopher Hetner, former global CISO at GE Capital, shares insights

Congress Approves New DHS Cybersecurity Agency

Data Breach Today

Bill Creating Cybersecurity and Infrastructure Security Agency Awaits President's Signature The United States will soon officially have a single agency that takes the lead role for cybersecurity.

GAO Blasts Cybersecurity Efforts of Federal Agencies

Data Breach Today

Healthcare Cybersecurity Info Sharing Resource Unveiled

Data Breach Today

A new resource designed to help healthcare organizations of all sizes engage in cybersecurity information sharing is now available. Errol Weiss, who helped create the "cybersecurity matrix," describes how to use it

Wanted: Cybersecurity Imagery

Schneier on Security

Eli Sugarman of the Hewlettt Foundation laments about the sorry state of cybersecurity imagery: The state of cybersecurity imagery is, in a word, abysmal. You can help: participate in the Cybersecurity Visuals Challenge. cybersecurity securityeducation securityengineering

The Future of Cybersecurity Education - Part 1

Data Breach Today

ISACA and (ISC)2 on Meeting Changing Demands of Industry, Students What is the role of professional certification companies in the cybersecurity education ecosystem?

Proactive Mitigation: A Cybersecurity Imperative

Data Breach Today

Akamai's Jay Coley on Blunting Hackers by Blocking Emerging Types of Attacks A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley

Gamification Can Transform Company Cybersecurity Culture

Threatpost

Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. 80% of the National Protection and Programs Directorate , which oversees the Office of Cyber and Infrastructure Analysis and the Office of Cybersecurity and Communications. The ongoing shutdown of the U.S.

AT&T Cybersecurity Sets Sights on Threat Intelligence

Data Breach Today

Javvad Malik on New Entity's Role in Cybersecurity Market AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and how it will impact delivery of threat intelligence

NSA Announces New Cybersecurity Directorate

Adam Levin

National Security Agency announced the formation of a new Cybersecurity Directorate earlier this week. The establishment of the directorate is part of a wider move on the part of the Federal Government to bolster the effectiveness of its cybersecurity, both defensively and offensively. .

Analysis: The Cybersecurity Risks Major Corporations Face

Data Breach Today

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face.

Nine 2019 Cybersecurity Predictions

Security Affairs

Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives and livelihoods.

President's Proposed 2020 Budget: Impact on Cybersecurity

Data Breach Today

Some Agencies Would See Steep Cuts; Others Would Get Funding for Cyber Efforts The Trump administration's proposed fiscal 2020 budget calls for substantial cuts at many non-defense agencies, but it would provide extra funding for certain cybersecurity-related efforts

Congress Considers IoT Cybersecurity Legislation - Again

Data Breach Today

Congress is hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects

IoT 222

Trump Order Aims to Boost Federal Cybersecurity Workforce

Data Breach Today

Executive Order Creates a 'Cybersecurity Competition' to Offer Rewards President Donald Trump on Thursday signed an executive order that offers a mix of incentives and new guidelines aimed at hiring and retaining more security pros to work within the federal government.

Healthcare Cybersecurity: Protection and Recovery

InfoGoTo

Cybersecurity threats keep many healthcare professionals up at night. If your healthcare organization hasn’t yet reported any cybersecurity issues, then it may simply not be tracking them properly. Thankfully, more and more healthcare organizations have recognized the need for a healthcare cybersecurity strategy. Many healthcare leaders just want to throw money at their cybersecurity challenges. Despite all these efforts, cybersecurity breaches can still occur.

Bridging the Cybersecurity Skills Gap

Data Breach Today

The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks

A "Department of Cybersecurity"

Schneier on Security

Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. cybersecurity infrastructure internetofthings nationalsecuritypolicyI have long been in favor of a new federal agency to deal with Internet -- and especially Internet of Things -- security.

The Future of Cybersecurity Education - Part 2

Data Breach Today

Intel's Amit Elazari Bar On and UC-Berkeley's Lisa Ho on Schools and Digital Transformation What are America's universities doing to help fill the cybersecurity skills gap felt by enterprises worldwide?

ENISA Gets Permanent Mandate as EU Tackles Cybersecurity

Data Breach Today

EU Cybersecurity Act Now In Full Force With the European Union's Cybersecurity Act now in full force, the European Union Agency for Network and Information Security, or ENISA, has a new name and a permanent mandate - as well as more money and staff - to oversee a range of cybersecurity issues

Teaching Cybersecurity Policy

Schneier on Security

Peter Swire proposes a a pedagogic framework for teaching cybersecurity policy. cybersecurity networksecuritySpecifically, he makes real the old joke about adding levels to the OSI networking stack: an organizational layer, a government layer, and an international layer.