A Federal Cyber Security Success Story: Feds Not Affected by ‘WannaCry’ Attack

From: NewburyPostNews.com

By Andy Metzger State House News Service

Cyber official ‘amazed’ feds not affected by ‘WannaCry’ attack

BOSTON — President Donald Trump’s “cyber czar” said Monday he was surprised that the recent Wanna­Cry global ransomware attack had not compromised federal government computer systems and that he worries about future attacks on power grids and hospitals.

Rob Joyce, who worked for 27 years at the National Security Agency before joining the Trump White House, said financial firms have greater “agility” to invest in cybersecurity than heavily regulated utilities.

Read Complete Article


What’s at Stake When Government’s Data Is Stolen

From: Governing

Cyber breaches can cost the taxpayers a lot of money. But the consequences aren’t just financial.


Cybersecurity is more than just an information-technology issue. It is a public-safety concern and an area of potential exposure to liability. As part of their daily operations, governments collect personal data to use to improve public services. With such large amounts of data housed on their servers, it is not a question of if but of when a government or one of its agencies will experience a data breach.

NIST framework update talks may offer a needed spotlight on vulnerability disclosure

From: Inside Cybersecurity

Joshua Higgins

New discussions around addressing cyber vulnerability disclosure within the federal framework of cybersecurity standards could give the issue much-needed visibility and offer a boost to a Commerce Department-led, public-private effort to promote guidelines for disclosing vulnerabilities in software and devices, even as challenges around liability and patching remain.

Read Complete Article [paywall]


New cyberattack rule looms over federal contractors

From: Dayton Daily News

Nearly 500 area businesses must comply

A looming new federal security directive will require businesses working with the federal government to protect their cyber data, or have a detailed plan for doing so, by year’s end.

The directive is called “NIST 800-171” — or sometimes just “rule 171” — and it will control whether companies from defense engineering firms to janitorial outfits can do business with the federal government.

Read Complete Article


Regulation and cyber attacks – a perfect storm for SaaS

From: Diginomica

A confluence of regulation and cyber attacks make the case for cloud based ERP aka SaaS an inevitable requirement.

Keep an eye on the SaaS or software as a service market. If I am right, it’s about to get hot. SaaS has been with us for all of this century and it has often been an approach that smaller companies or departments of larger ones have used to avail themselves of fantastically functional applications they couldn’t afford to purchase any other way.