Cybersecurity's Week From Hell

Data Breach Today

Is this cybersecurity's new normal Fix WhatsApp, Windows, Cisco and CPUs From Intel - Pending Patch Availability Multiple flaws - all serious, exploitable and some already being actively exploited - came to light this week.

Proactive Mitigation: A Cybersecurity Imperative

Data Breach Today

Akamai's Jay Coley on Blunting Hackers by Blocking Emerging Types of Attacks A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley

Analysis: The Cybersecurity Risks Major Corporations Face

Data Breach Today

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face.

Trump Shakeup Impacts Cybersecurity Policy

Data Breach Today

cybersecurity policy, as the agencies play a key role in securing infrastructure and investigating financial cybercrime.

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

government shutdown is impacting agencies integral to the nation's cybersecurity readiness, and experts fear its long-term impact on the country's cyberattack response capabilities, as well as the risk that it will drive away desperately needed new cybersecurity talent from entering public service

The Future of Cybersecurity Education - Part 1

Data Breach Today

ISACA and (ISC)2 on Meeting Changing Demands of Industry, Students What is the role of professional certification companies in the cybersecurity education ecosystem?

Trump Order Aims to Boost Federal Cybersecurity Workforce

Data Breach Today

Executive Order Creates a 'Cybersecurity Competition' to Offer Rewards President Donald Trump on Thursday signed an executive order that offers a mix of incentives and new guidelines aimed at hiring and retaining more security pros to work within the federal government.

The Importance of Protecting Cybersecurity Whistleblowers

Schneier on Security

Interesting essay arguing that we need better legislation to protect cybersecurity whistleblowers. Congress should act to protect cybersecurity whistleblowers because information security has never been so important, or so challenging.

AT&T Cybersecurity Sets Sights on Threat Intelligence

Data Breach Today

Javvad Malik on New Entity's Role in Cybersecurity Market AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and how it will impact delivery of threat intelligence

Congress Considers IoT Cybersecurity Legislation - Again

Data Breach Today

Congress is hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects

IoT 220

A "Department of Cybersecurity"

Schneier on Security

Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. cybersecurity infrastructure internetofthings nationalsecuritypolicyI have long been in favor of a new federal agency to deal with Internet -- and especially Internet of Things -- security.

President's Proposed 2020 Budget: Impact on Cybersecurity

Data Breach Today

Some Agencies Would See Steep Cuts; Others Would Get Funding for Cyber Efforts The Trump administration's proposed fiscal 2020 budget calls for substantial cuts at many non-defense agencies, but it would provide extra funding for certain cybersecurity-related efforts

Bridging the Cybersecurity Skills Gap

Data Breach Today

The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks

The Future of Cybersecurity Education - Part 2

Data Breach Today

Intel's Amit Elazari Bar On and UC-Berkeley's Lisa Ho on Schools and Digital Transformation What are America's universities doing to help fill the cybersecurity skills gap felt by enterprises worldwide?

Teaching Cybersecurity Policy

Schneier on Security

Peter Swire proposes a a pedagogic framework for teaching cybersecurity policy. cybersecurity networksecuritySpecifically, he makes real the old joke about adding levels to the OSI networking stack: an organizational layer, a government layer, and an international layer.

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. 80% of the National Protection and Programs Directorate , which oversees the Office of Cyber and Infrastructure Analysis and the Office of Cybersecurity and Communications. The ongoing shutdown of the U.S.

Cybersecurity for the Public Interest

Schneier on Security

We need policymakers who understand technology, but we also need cybersecurity technologists who understand -- ­and are involved in -- ­policy. When you broaden the definition of Internet security, many additional areas fall within the intersection of cybersecurity and policy.

New Medical Device Cybersecurity Framework Unveiled

Data Breach Today

Recommends Vendors Address Issues Throughout Product Lifecycle A healthcare sector advisory council on Monday released a new voluntary framework for improving the cybersecurity of medical devices throughout their lifecycle.

Healthcare Cybersecurity: Protection and Recovery

InfoGoTo

Cybersecurity threats keep many healthcare professionals up at night. If your healthcare organization hasn’t yet reported any cybersecurity issues, then it may simply not be tracking them properly. Thankfully, more and more healthcare organizations have recognized the need for a healthcare cybersecurity strategy. Many healthcare leaders just want to throw money at their cybersecurity challenges. Despite all these efforts, cybersecurity breaches can still occur.

Investment Adviser's View of Cybersecurity Market

Data Breach Today

AlienVault became AT&T Cybersecurity. Brad Topchick of Mooreland Partners on the Trends Driving 2019 Growth Broadcom acquired CA. These are just two of the deals that headlined in 2018. What does the 2019 market hold? Brad Topchick, managing director of Mooreland Partners, shares insights

Sen. Warner Demands Answers on Healthcare Cybersecurity

Data Breach Today

has sent letters to four federal agencies and 12 healthcare associations posing long lists of questions as a prelude to developing short-term and long-term strategies for improving healthcare cybersecurity

Nine 2019 Cybersecurity Predictions

Security Affairs

Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives and livelihoods.

Groups Offer Ideas for Improving Healthcare Cybersecurity

Data Breach Today

Mark Warner's recent request seeking ideas for improving healthcare sector cybersecurity Recommendations Made in Response to Request by Sen.

Groups 167

Venture Capital Pours Into Cybersecurity

Data Breach Today

billion in cybersecurity companies in 2018, about 20 percent more than in 2017 and twice as much as 2016, according to research from Strategic Cyber Ventures. Venture capitalists invested $5.3 What's ahead for 2019 and beyond

Cybersecurity for the Public Interest

Schneier on Security

We need policymakers who understand technology, but we also need cybersecurity technologists who understand­ -- and are involved in -- ­policy. When you broaden the definition of Internet security, many additional areas fall within the intersection of cybersecurity and policy.

SEC Releases Updated Cybersecurity Guidance

Data Breach Today

Securities and Exchange Commission has released revised guidance "to assist public companies in preparing disclosures about cybersecurity risks and incidents." Regulator Demands More Risk Disclosure, Better Insider Trading Policies The U.S.

Highlights of NIST Cybersecurity Framework Version 1.1

Data Breach Today

Women in Cybersecurity: A Progress Report

Data Breach Today

Nearly one-quarter of the global cybersecurity workforce is now made up of women. But women still face significant compensation and other career challenges, according to a new study. Mary-Jo de Leeuw of (ISC)2 shares analysis

Maximize Cybersecurity Risk Ratings in 2019

Data Breach Today

Insights from the Forrester New Wave: Cybersecurity Risk Rating Solutions, Q4 2018. If you are a security or risk leader, you know that even with a formal third-party risk program in place, you are not effectively keeping track of all of your third parties

Risk 181

Addressing the Human Element in Cybersecurity

Data Breach Today

James Mackay of MetaCompliance Discusses Building Better Risk Awareness Among Employees James Mackay of MetaCompliance explains techniques for educating and motivating employees to be more aware of cyber risks

HHS Publishes Guide to Cybersecurity Best Practices

Data Breach Today

Co-Developed with Healthcare Sector Coordinating Council, Designed for Organizations of All Sizes With the aim of helping healthcare entities of all sizes improve their cybersecurity, the Department of Health and Human Services has issued a four-volume publication of voluntary best practices.

Certifiably Distracted: The Economics of Cybersecurity

Dark Reading

Is cybersecurity worth the investment? It depends

Steve Katz on Cybersecurity's State of the Union

Data Breach Today

Today he is still active in the cybersecurity community and offers his unique perspective on security threats, solutions and the next generation of leaders

HIMSS19: Cybersecurity in the Spotlight

Data Breach Today

A Sampling of What's Slated for Health IT's Biggest Annual Show Once again, cybersecurity issues will be in the spotlight at the Healthcare Information and Management Systems Society Conference, to be held Feb. 11-15 in Orlando, Fla

Embracing Change in Cybersecurity

Data Breach Today

Tom Kellerman of Carbon Black on Ovecoming Failing Architectures Security leaders need to embrace security change to overcome failing architectures that have evolved over the last decade, says Tom Kellerman, chief cybersecurity officer at Carbon Black

Yet Another IoT Cybersecurity Document

Schneier on Security

This one is from NIST: " Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks." cybersecurity internetofthings nistIt's still in draft. Remember, there are many others.

Bolstering the Cybersecurity of Medical Devices

Data Breach Today

As cybersecurity threats in the healthcare sector evolve, medical device manufacturer ICU Medical is taking a number of steps to help safeguard its products. Chaitanya Srinivasamurthy and Marshall Fryman of the company describe these security initiatives

Microsoft's Top 3 Cybersecurity Concerns for 2019

Data Breach Today

Joram Borenstein, general manager of Microsoft's Cybersecurity Solutions Group, discusses his top three concerns for 2019 With an operating system that's used by 90 percent of Fortune 500 companies, Microsoft closely monitors cyberattack trends.

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

White House Eliminates Cybersecurity Position

Schneier on Security

The White House has eliminated the cybersecurity coordinator position. cybersecurity intelligence nationalsecuritypolicyThis seems like a spectacularly bad idea.