Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

government shutdown is impacting agencies integral to the nation's cybersecurity readiness, and experts fear its long-term impact on the country's cyberattack response capabilities, as well as the risk that it will drive away desperately needed new cybersecurity talent from entering public service Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S.

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST?

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. The roughly 800,000 federal workers currently on furlough include: 45% of staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency , which is tasked with defending critical infrastructure from cyber and physical threats. The Department of Homeland Security’s 2019 Cybersecurity and Innovation Showcase, initially scheduled to begin January 8, was also cancelled.

Government Spending on Cybersecurity: An Analysis

Data Breach Today

Around the world, many CIOs at various levels of governments expect an increase in cybersecurity spending in 2019, according to new research from Gartner. Alia Mendonsa, co-author of the report, analyzes the results of a global survey

Calls Grow to Restore White House Cybersecurity Leader Role

Data Breach Today

Lack of Cybersecurity Leadership, Direction Cited by Government Watchdog The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish the White House cybersecurity coordinator role, to coordinate the government's response to online attacks and other cybersecurity challenges facing the nation

Local, State Governments Face Cybersecurity Crisis

Dark Reading

Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle

The Cybersecurity Follies: Zoom Edition

Data Breach Today

British Government and Other 'Work-From-Homers' Grapple With Remote Communications The stuck-at-home chronicles have fast become surreal, as remote workers face down a killer virus on the one hand and the flattening of their work and personal lives on the other.

7 Cybersecurity Priorities for Government Agencies & Political Campaigns

Dark Reading

As election season ramps up, organizations engaged in the process must strengthen security to prevent chaos and disorder from carrying the day. Here's how

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

The Last Watchdog

Related: What we’ve learned from the massive breach of Capitol At RSA 2020 , I learned about how one of the routine daily chores all large organizations perform — data governance — has started to emerge as something of a cybersecurity multiplier. And by doing this housekeeping – i.e. by improving their data governance practices — companies can reap higher efficiencies, while also tightening data security.

Coronavirus: UK Government Promises App for Contact Tracing

Data Breach Today

But Cybersecurity Adviser Dismisses Plans as Misplaced 'Do-Something-Itis' The U.K. government says it's prepping a contact-tracing app in an attempt to help contain COVID-19.

Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S. Department of Health and Human Services Healthcare Industry Cybersecurity Task Force

Cybersecurity Resources for Texas Local Governments

The Texas Record

On Friday, August 16, over twenty local government entities in Texas were targeted by a coordinated ransomware attack. This incident is the most recent in a year marked by cyberattacks on state and local governments across the country. August 20, 2019 – Update on August 2019 Texas Cyber Incident August 17, 2019 – Update on August 2019 Texas Cyber Incident August 16, 2019 – Ransomware Attack Hits Texas Government Entities. Cybersecurity Best Practices.

Data Governance: How to Tackle Three Key Issues

Data Breach Today

The Importance of Accountability, Data Inventory and Automation As organizations plot their 2020 cybersecurity strategies, especially in light of privacy regulations, key data governance challenges are emerging. What are the critical issues, and how are they being addressed

Australia to Update National Cybersecurity Strategy

Data Breach Today

Government Invites Feedback on Addressing Cyber Challenges The Australian government is looking to update its national cybersecurity strategy by 2020. In preparation, it's released a discussion paper that seeks input from citizens, the business community, academics and other stakeholders

GAO: Census Bureau Comes Up Short on Cybersecurity

Data Breach Today

Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin April, according to a new report from the Government Accountability Office With 2020 Census Slate to Start April 1, Bureau Still Has Work to Do The U.S.

Cybersecurity Pioneers: Discovering Government's Threat Hunters

Data Breach Today

Japanese government’s cybersecurity strategy chief has never used a computer

Security Affairs

The Japanese government’s cybersecurity strategy chief Yoshitaka Sakurada is in the middle of a heated debate due to his admission about his cyber capability. Yoshitaka Sakurada admitting he has never used a computer in his professional life, despite the Japanese Government, assigned to the politician the responsibility for cybersecurity of the 2020 Tokyo Olympics. “It’s a matter that should be dealt with by the government as a whole.

Bill Would Create State Cybersecurity Leader Positions

Data Breach Today

senators has introduced legislation that would require the Department of Homeland Security to appoint cybersecurity leaders in each state to help combat growing cyberthreats against units of local government DHS Would Fund Coordinators for Every State A bipartisan group of U.S.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. Cyber insurance appears to be a weak form of governance at present. The private governance role of cyber insurance is limited by market dynamics. academicpapers cybersecurity insurance riskassessment risksFrom the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security.

Cybersecurity or Information Governance Failure???

Getting Information Done

This past weekend the world was overwhelmed by the cyberattack that spread around the globe hitting businesses, hospitals, and government agencies in over 150 countries. Was it a failure of Cybersecurity professionals? Surely, Cybersecurity professionals jumped into action and started patching all the machines on their networks to prevent an infection by WannaCry! I point to the lack of effective information governance as a root cause.

Congress Considers IoT Cybersecurity Legislation - Again

Data Breach Today

Third Attempt at Setting Minimum Standards for Devices Government Uses The U.S. Congress is hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects

IoT 169

The Bleak State of Federal Government Cybersecurity

WIRED Threat Level

Nearly three out of four federal agencies is unprepared for a cyberattack, and there's no system in place to fix it. Security

Teaching Cybersecurity Policy

Schneier on Security

Peter Swire proposes a a pedagogic framework for teaching cybersecurity policy. Specifically, he makes real the old joke about adding levels to the OSI networking stack: an organizational layer, a government layer, and an international layer. cybersecurity networksecurity

Cybersecurity Governance Lessons from Nuclear Power

IG Guru

By Cindy Satterfield In the nuclear power industry, a cybersecurity incident or error could be a life or death issue on a mass scale. Because of this reality, cyber risk in nuclear power plants is governed more rigorously than it is in sectors free of industrial control systems (ICS) and other types of high-risk operational technology […]. The post Cybersecurity Governance Lessons from Nuclear Power appeared first on IG GURU.

GAO Blasts Cybersecurity Efforts of Federal Agencies

Data Breach Today

Watchdog Points to Numerous Risk Management Shortcomings Some 23 federal agencies come up short in their cybersecurity efforts even as attacks on their IT infrastructures continue to grow and concerns about foreign interference in the upcoming 2020 elections persist, according to a Government Accountability Office report

Wanted: Cybersecurity Imagery

Schneier on Security

Eli Sugarman of the Hewlettt Foundation laments about the sorry state of cybersecurity imagery: The state of cybersecurity imagery is, in a word, abysmal. Each of these images fails to convey anything about either the importance or the complexity of the topic­ -- or the huge stakes for governments, industry and ordinary people alike inherent in topics like encryption, surveillance and cyber conflict. You can help: participate in the Cybersecurity Visuals Challenge.

Vietnam's 'Cybersecurity' Law Says Little on Security

Data Breach Today

Law Focuses More on Fighting Anti-Government Speech On Wednesday, just days after a new "cybersecurity" law took effect, Vietnam alleged that Facebook has violated the law by allowing users to post anti-government comments on the platform. The so-called cybersecurity law actually speaks little about IT security measures

Microsoft President: Governments Must Cooperate on Cybersecurity

Dark Reading

Microsoft's Brad Smith calls on nations and businesses to work toward "digital peace" and acknowledge the effects of cybercrime

What the Government Shutdown Teaches Us about Cybersecurity

Dark Reading

As lawmakers face a Friday deadline to prevent the federal government from closing a second time, we examine the cost to the digital domain, both public and private

Government Perspective on Supply Chain Security

Schneier on Security

cybersecurity infrastructure internetofthings nationalsecuritypolicy nsaThis is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now.

NSA Launches New Cybersecurity Directorate

Security Affairs

NSA is redefining its cybersecurity mission and with the Cybersecurity Directorate it will enhance its partnerships with unclassified collaboration and information sharing. Under the new Cybersecurity Directorate — a major organization that unifies NSA’s foreign intelligence and cyberdefense missions. The NSA announced the new Cybersecurity Directorate — which will help defend domestic organizations from foreign cyberattacks. ” The State of Cybersecurity.

US Conflict With Iran Sparks Cybersecurity Concerns

Data Breach Today

drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Under a new directive effective 7/17, the Kazakhstan government is requiring every internet service provider in the country to install a security certificate onto every internet-enabled device and browser. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. .

NSA Announces New Cybersecurity Directorate

Adam Levin

National Security Agency announced the formation of a new Cybersecurity Directorate earlier this week. The establishment of the directorate is part of a wider move on the part of the Federal Government to bolster the effectiveness of its cybersecurity, both defensively and offensively. . Over the past couple years, as we did a number of different reorganizations, one of the things I think we lost was that emphasis on cybersecurity,” said NSA chief Paul Nakasone.

Nine 2019 Cybersecurity Predictions

Security Affairs

Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives and livelihoods. It’s not a surprise that 2019 is estimated to see more than $124 billion spent on cybersecurity — 8.7 2019 will probably see a kind of democratization of cybersecurity. Security Affairs – 2019 Cybersecurity predictions, cyberattacks).

5 Reasons Why Information Governance and Cybersecurity Go Hand in Hand

InfoGoTo

Those who know and manage the data working closely with those who strive to protect it – information governance and IT functioning in tandem. However, it’s vital to foster the partnership between IG and cybersecurity. This enables prioritization, which cybersecurity needs in order to put the highest protections on the most crucial assets. Cybersecurity covers so many capabilities (data loss prevention, vulnerability management, network security and much more).

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. local governments have increasingly been targeted by ransomware campaigns, including Baltimore, Atlanta and several Florida cities.

2020 Cybersecurity Threat Trends Outlook via Booz | Allen | Hamilton

IG Guru

The post 2020 Cybersecurity Threat Trends Outlook via Booz | Allen | Hamilton appeared first on IG GURU. Breach Business Compliance Dark Web Education IG News Information Governance information privacy information security Records Management Risk News Security Bad Actors criminal hackers Cybersecurity Data Governance malware Privacy risks ThreatsCheck out their report that includes “Nine ways threat actors will make waves in 2020” here.

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

” Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors.

The Importance of Protecting Cybersecurity Whistleblowers

Schneier on Security

Interesting essay arguing that we need better legislation to protect cybersecurity whistleblowers. Congress should act to protect cybersecurity whistleblowers because information security has never been so important, or so challenging. Whistleblowers strengthen regulatory regimes, and cybersecurity regulation would be no exception. breaches courts cybersecurity disclosure laws whistleblowers