Open Meeting of the Information Security and Privacy Advisory Board: 12/19/13-12/20/13

From: NIST

SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet Thursday, December 19, 2013, from 8:00 a.m. until 5:00 p.m. Eastern Time, and Friday, December 20, 2013, from 8:00 a.m. until 5:00 p.m. Eastern Time. All sessions will be open to the public.

DATES: The meeting will be held on Thursday, December 19, 2013, from 8:00 a.m. until 5:00 p.m. Eastern Time, and Friday, December 20, 2013, from 8:00 a.m. until 5:00 p.m. Eastern Time.



•Executive Order 13636, Improving Critical Infrastructure Cybersecurity (78 FR 11737, February 19, 2013);

NATO launches ‘largest ever’ cyber-security exercises

From: RT

NATO has kicked off Cyber Coalition 2013, the largest ever exercise of its kind intended to thwart massive, simultaneous attacks on member states and their allies.

The three-day exercise, based at the 27 member alliance’s cyber defense center in Estonia, will include participants from over 30 European states. Some 400 IT, government and legal experts from across the alliance will take part in the operation.

“With around 100 participants in Tartu [Estonia] and over 300 in national capitals from 32 nations, Cyber Coalition 2013 is the largest exercise of its kind in terms of participating countries,” NATO said in a statement.

Restoring Trust in EU-US data flows – Frequently Asked Questions

Editor’s Note: For more about the importance of harmonizing cybersecurity regulations to facilitate transatlantic trade, see here.

From: European Commission Press Release

What is the Commission presenting today?

Today the European Commission has set out actions to be taken in order to restore trust in data flows between the EU and the U.S., following deep concerns about revelations of large-scale U.S. intelligence collection programmes, which have had a negative impact on the transatlantic relationship.

The Commission’s response today takes the form of:

ISPs Uniquely Positioned to Improve National Cybersecurity: PCAST Report


by Nicole Henderson

Internet Service Providers are in a unique position to improve national cybersecurity, and a new report recommends they play a critical role in strengthening the cybersecurity landscape in the US.

According to a report released Friday by the President’s Council of Advisors on Science and Technology (PCAST) called Immediate Opportunities for Strengthening the Nation’s Cybersecurity, the federal government should create “policies that describe the desired behavior by ISPs as best practices” including working with the National Institute of Standards and Technology to establish standards for voluntary measures for ISPs to alert users about security issues.

Cybersecurity Framework: Tests Needed?


Debating the Merits of Beta Testing NIST’s ‘Final’ Guide

he creators of the cybersecurity framework will soon begin writing the final version of the guide to information security best practices aimed at helping the operators of the nation’s critical infrastructure secure their information assets (see: Obama, CEOs Meet on Cybersecurity Framework).

But calling it a “final version” is misleading. True, the IT security experts at the National Institute of Standards and Technology, who are shepherding the drafting of the cybersecurity framework, expect to make the Feb. 13 deadline imposed by President Obama. But Adam Sedgewick, the NIST official overseeing the cybersecurity framework, characterizes it as a living document that will be revised over the years as new cyberthreats appear and new ways to mitigate those threats emerge.