Cybersecurity's Automation Imperative

Data Breach Today

Cybersecurity: Building Better Teams

Data Breach Today

Deborah Kish of Fasoo on Rethinking the Approach When it comes to rethinking how enterprises structure their cybersecurity teams, Deborah Kish of Fasoo says that teamwork and better coordination among stakeholders are essential

Cybersecurity's Week From Hell

Data Breach Today

Is this cybersecurity's new normal Fix WhatsApp, Windows, Cisco and CPUs From Intel - Pending Patch Availability Multiple flaws - all serious, exploitable and some already being actively exploited - came to light this week.

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

“Even if the vendor in question is a cybersecurity company, it doesn’t necessarily mean they’re eating their own dog food.”

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead

Australia to Update National Cybersecurity Strategy

Data Breach Today

Government Invites Feedback on Addressing Cyber Challenges The Australian government is looking to update its national cybersecurity strategy by 2020.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. academicpapers cybersecurity insurance riskassessment risksFrom the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security.

Creating a 'Defensible' Cybersecurity Program

Data Breach Today

Tom Scholtz of Gartner Says Flexible, Executive-Endorsed Programs Succeed Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz.

NSA Launches New Cybersecurity Directorate

Security Affairs

NSA is redefining its cybersecurity mission and with the Cybersecurity Directorate it will enhance its partnerships with unclassified collaboration and information sharing. ” The State of Cybersecurity. What the NSA’s Directorate Means for Cybersecurity.

Electrical Grid Cybersecurity Measure Advances

Data Breach Today

Proposed Legislation Calls for Development of National Strategy A proposal that won U.S. House approval Wednesday calls for crafting a strategy for securing the nation's electrical grid. It also would create a two-year pilot program within the U.S.

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

government shutdown is impacting agencies integral to the nation's cybersecurity readiness, and experts fear its long-term impact on the country's cyberattack response capabilities, as well as the risk that it will drive away desperately needed new cybersecurity talent from entering public service

Trump Shakeup Impacts Cybersecurity Policy

Data Breach Today

cybersecurity policy, as the agencies play a key role in securing infrastructure and investigating financial cybercrime.

FEC: Campaigns Can Use Discounted Cybersecurity Services

Krebs on Security

Federal Election Commission (FEC) said today political campaigns can accept discounted cybersecurity services from companies without running afoul of existing campaign finance laws, provided those companies already do the same for other non-political entities. The U.S.

Watchdog Finds DOE Falling Short on Cybersecurity

Data Breach Today

Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year. Audit Finds Vulnerabilities in Energy Department's Unclassified Systems An audit from the U.S.

Resources for Measuring Cybersecurity

Schneier on Security

Kathryn Waldron at R Street has collected all of the different resources and methodologies for measuring cybersecurity. cybersecurity riskassessment

Congress Approves New DHS Cybersecurity Agency

Data Breach Today

Bill Creating Cybersecurity and Infrastructure Security Agency Awaits President's Signature The United States will soon officially have a single agency that takes the lead role for cybersecurity.

Teaching Cybersecurity Policy

Schneier on Security

Peter Swire proposes a a pedagogic framework for teaching cybersecurity policy. cybersecurity networksecuritySpecifically, he makes real the old joke about adding levels to the OSI networking stack: an organizational layer, a government layer, and an international layer.

The Role of DNS in Cybersecurity

Data Breach Today

Stuart Reed of Nominet on Improving Visibility DNS is cybersecurity's best-kept secret for eliminating threats, says Stuart Reed of Nominet, who explains the value of analyzing traffic

A "Department of Cybersecurity"

Schneier on Security

Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. cybersecurity infrastructure internetofthings nationalsecuritypolicyI have long been in favor of a new federal agency to deal with Internet -- and especially Internet of Things -- security.

HHS Proposes Allowing Cybersecurity Donations to Doctors

Data Breach Today

Safe Harbor' Would Modify Stark Law, Anti-Kickback Regulations Federal regulators are proposing a "safe harbor" that would permit hospitals to donate certain cybersecurity software and services to physicians.

Cybersecurity Leadership: The Next Generation

Data Breach Today

IoT, the cloud, third-party risk - we hear a lot about how the cybersecurity risk surface and threat landscape have evolved. But what about the new business demands on cybersecurity leaders? Christopher Hetner, former global CISO at GE Capital, shares insights

Medical Device Cybersecurity: 3 Alerts Issued

Data Breach Today

CERT, a Unit of CISA, Warns of Vulnerabilities That Need Mitigation Federal regulators have recently issued three advisories on cybersecurity vulnerabilities identified in medical devices.

GAO Blasts Cybersecurity Efforts of Federal Agencies

Data Breach Today

The Future of Cybersecurity Education - Part 1

Data Breach Today

ISACA and (ISC)2 on Meeting Changing Demands of Industry, Students What is the role of professional certification companies in the cybersecurity education ecosystem?

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. 80% of the National Protection and Programs Directorate , which oversees the Office of Cyber and Infrastructure Analysis and the Office of Cybersecurity and Communications. The ongoing shutdown of the U.S.

Yet Another IoT Cybersecurity Document

Schneier on Security

This one is from NIST: " Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks." cybersecurity internetofthings nistIt's still in draft. Remember, there are many others.

IoT 112

Proactive Mitigation: A Cybersecurity Imperative

Data Breach Today

Akamai's Jay Coley on Blunting Hackers by Blocking Emerging Types of Attacks A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley

AT&T Cybersecurity Sets Sights on Threat Intelligence

Data Breach Today

Javvad Malik on New Entity's Role in Cybersecurity Market AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and how it will impact delivery of threat intelligence

Medical Device Cybersecurity: A Team Approach

Data Breach Today

All healthcare industry stakeholders must take critical steps to address the cybersecurity of connected medical devices, says Jennifer Covich Bordenick, CEO of of the eHealth Initiative and Foundation, an advocacy group that has issued a new report on the subject

Nine 2019 Cybersecurity Predictions

Security Affairs

Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives and livelihoods.

Healthcare Cybersecurity Info Sharing Resource Unveiled

Data Breach Today

A new resource designed to help healthcare organizations of all sizes engage in cybersecurity information sharing is now available. Errol Weiss, who helped create the "cybersecurity matrix," describes how to use it

Most Americans Fail Cybersecurity Quiz

Threatpost

Facebook Mobile Security Privacy Vulnerabilities Web Security 2FA americans cybersecurity awareness HTTPS Instagram Pew Research Center Phishing WhatsAppStudy participants fail to correctly identify core security concepts and tools to help them stay safe online.

NSA Announces New Cybersecurity Directorate

Adam Levin

National Security Agency announced the formation of a new Cybersecurity Directorate earlier this week. The establishment of the directorate is part of a wider move on the part of the Federal Government to bolster the effectiveness of its cybersecurity, both defensively and offensively. .

President's Proposed 2020 Budget: Impact on Cybersecurity

Data Breach Today

Some Agencies Would See Steep Cuts; Others Would Get Funding for Cyber Efforts The Trump administration's proposed fiscal 2020 budget calls for substantial cuts at many non-defense agencies, but it would provide extra funding for certain cybersecurity-related efforts

Congress Considers IoT Cybersecurity Legislation - Again

Data Breach Today

Congress is hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects

IoT 222

Analysis: The Cybersecurity Risks Major Corporations Face

Data Breach Today

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face.

Risk 196

Bridging the Cybersecurity Skills Gap

Data Breach Today

The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks

Trump Order Aims to Boost Federal Cybersecurity Workforce

Data Breach Today

Executive Order Creates a 'Cybersecurity Competition' to Offer Rewards President Donald Trump on Thursday signed an executive order that offers a mix of incentives and new guidelines aimed at hiring and retaining more security pros to work within the federal government.

Gamification Can Transform Company Cybersecurity Culture

Threatpost

Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.

Open Cybersecurity Alliance: In Pursuit of Interoperability

Data Breach Today

With 18 Vendors on Board, Experts Assess New Group's Chances for Success Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications.