Should Bond Rating Agencies Also Rate Corporate Cyber Security?

From: The Edge Markets

Surin Murugiah

Cyber-attacks against financial institutions are an increasingly significant risk, according to Fitch Ratings.

In a report titled “Cybersecurity an Increasing Focus for Financial Institutions” released yesterday, the rating agency said cyber risk is a growing threat that can adversely affect credit ratings as attacks can compromise customer data and disrupt websites, with detrimental financial or operational consequences for individual issuers and financial systems.

Read Complete Article


Shodan—Search Engine for Internet-Connected Devices

From: Department of Justice/Bureau of Justice Assistance

The Shodan search engine enables users to discover Internet-connected devices, also known as the Internet of Things (IoT), where they are located, and who is using them.  Users can also keep track of all the computers on their network that are directly accessible from the Internet to understand their digital footprint.  The tool also includes power plants, Smart TVs, refrigerators, and more devices.

Additional information is available at

Additional cyber-related resources are available on the Law Enforcement Cyber Center Web site.


Should banks be criminally liable for not reporting fishy emails?

From: American Banker

By Matthew L. Schwartz, Jaime Sneider


Since Congress passed the Bank Secrecy Act in 1970, banks and other financial institutions have had a legal obligation to report suspicious customer activity to the government or risk regulatory penalties and even criminal prosecution. The purpose is to enlist banks in the fight against narcotics trafficking, tax evasion, terrorist financing and other criminal activity. Federal authorities have imposed billions of dollars in penalties against banks and other institutions that allowed crimes to be carried out on their watch.

Energy Department exercise reveals ‘gaps’ in major cyber incident response

From: The Hill

A Department of Energy exercise last year found shortcomings in the way that federal, state and local governments would work with industry to respond to a major cyber incident affecting energy infrastructure on the East Coast.

The results of the “Liberty Eclipse” energy assurance exercise in December are catalogued in a report released by the department on Tuesday, which offers a series of recommendations for the federal government to improve its work to protect the electric grid and other energy infrastructure.

Read Complete Article


Industry Groups Seek Trump’s Ear on Cybersecurity, IoT Policy

From: MeriTalk



(ISC)² , a nonprofit that specializes in information security education and certifications, presented its ideas Wednesday to White House Chief of Staff Reince Priebus and others on Trump’s team.

(ISC)² emphasized the importance of strengthening the government’s IT workforce by teaching cyber literacy to every Federal employee, incentivizing hiring and retention, prioritizing investment in acquisition and human resources personnel, and employing people who can communicate technical needs to agency leaders, and establishing a standardized way to code open cybersecurity jobs.

Read Complete Article