Thursday, October 29, 2020

Subscribers Only

Free

DDOS Attacks Raise Questions from Lawmakers

Lawmakers are looking for information from federal regulators after a massive distributed denial-of-service attack choked internet traffic and knocked a number of websites offline. Senator Mark Warner (D-VA) has asked the Federal Communications Commission, Federal Trade Commission, and Department of Homeland Security about the resources needed to prevent hackers from hijacking consumer products, including practices […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

States Strengthen Data Breach Laws & Regulations

Since 2015, many state governments have amended data breach laws that can affect all businesses that store information about their residents, even companies from out of state. However, many firms focus only on data in their main business application, while ignoring other sources of information—such as emails, reports, scanned images, or other loose documents—that contain […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

What is the Full Impact of a Healthcare Cybersecurity Attack?

A new report from Deloitte Cyber Risk Services suggests the full impact of a healthcare cybersecurity attack goes far beyond the immediate effects. Organizations often have a better grasp of above the surface costs—such as the loss of information, customer notification, and credit protection—but less understanding of the costs of operational disruption, loss of reputation, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Internet of Things Is Totally Unregulated, and That Might Have to Change

The massive internet that struck the internet last Friday highlights the lack of security of many devices connected to the internet of things. During the denial of service attack, IoT-connected devices were hijacked and used to send a flood of inquiries to internet-naming service provided Dyn, which slowed internet traffic and knocked some sites offline […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CYBERCOM Reaches Initial Operating Capability

U.S. Cyber Command had announced that its 133 Cyber Mission Force team have reached initial operating capability, two years before the command is scheduled to reach full operating capability. According to the Department of Defense, reaching IOC means the teams have achieved a threshold level of operational capacity and are able to executive their fundamental […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Mark Warner: Industry Needs to Educate Congress on Cybersecurity

Senator Mark Warner (D-VA) says Congress needs industry’s help to better understand cybersecurity and craft stronger policy. One challenge for Congress is the proliferation of committees with oversight of various aspects of cybersecurity. Last year, nine separate congressional panels held more than 20 cyber-related hearings. Industry leaders could help educate those committees and inform debates […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Required Insider Threat Program for Federal Contractors: Will It Help?

In this commentary, Steven Grossman, vice president of strategy and enablement at Bay Dynamics, says the Department of Defense’s new requirement for contractors to have insider threat mitigation programs is a step in the right direction, but more work needs to be done for this to be truly effective. According to Grossman, the requirement addresses […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Muddy Waters, MedSec Respond to St. Jude Lawsuit

In response to a lawsuit by St. Jude Medical regarding allegations made about its products, investment research firm Muddy Waters and security company MedSec hired consulting firm Bishop Fox to provide its expert opinion of the security of St. Jude’s products. According to the firms, Bishop Fox’s findings substantiate their allegations, noting that St. Jude […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

U.S. and Japan Commit to Improve and Advance Cross-Border Privacy

The International Trade Administration has reaffirmed the commitment of the Department of Commerce and Japan’s Personal Information Protection Commission to continue implementing the APEC Cross-Border Privacy Rules, a regional, multilateral, cross-border data transfer mechanism and privacy code of conduct for business. Currently, the U.S. Mexico, Canada, and Japan are participants in the CBPR framework. More […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NIST Alters Guidance Wording to Appeal to Non-Federal Audience

The next version of the National Institute of Standards and Technology’s Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, will be updated to become more inclusive of state and local governments, industry, and academic institutions. NIST plans to drop the work “federal” from the title, to promote the idea that […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.