IEEE And National Institute Of Standards And Technology (NIST) Team On Standards Development For Intercloud Interoperability And Federation

From: Press Release

Collaboration between NIST and IEEE P2302™ will help build consensus on creating an Intercloud—an open, transparent infrastructure amongst cloud providers to support evolving technological and business models

PISCATAWAY, N.J.–(BUSINESS WIRE)–IEEE, the world’s largest technical professional organization dedicated to advancing technology for humanity, and the IEEE Standards Association (IEEE-SA), today announced a new collaborative effort has been launched with NIST to meet the growing demand for standards that address Intercloud interoperability. The new cooperative arrangement brings together efforts from the NIST Public Working Group on Federated Cloud (PWGFC) with the IEEE Intercloud Working Group (ICWG) developing IEEE P2302TM—Standard for Intercloud Interoperability and Federation.


Local governments keep using this software — but it might be a back door for Russia

From: The Washington Post

Local and state government agencies from Oregon to Connecticut say they are using a Russian brand of security software despite the federal government’s instructions to its own agencies not to buy the software over concerns about cyberespionage, records and interviews show.

The federal agency in charge of purchasing, the General Services Administration, this month removed Moscow-based Kaspersky Lab from its list of approved vendors. In doing so, the agency’s statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it. Kaspersky has strongly denied coordinating with the Russian government and has offered to cooperate with federal investigators.


Bahamas ‘Falls Too Far’: 129th On Cyber Security

From: Tribune 242


The Deputy Prime Minister yesterday conceded that the Bahamas “continues to fall too far down the scale”, after this nation was ranked 129th out of 164 countries for its commitment and effectiveness in fighting cyber crime.

K P Turnquest acknowledged that the Bahamas’ ranking in the bottom third of the Global Cybersecurity Index (GCI), published by the International Telecommunications Union (ITU), could “undermine” the financial services industry and this nation’s desire to expand its information technology (IT) capabilities.

Read Complete Article


China Drafts Legislative Rules Regarding Cross-border Data Transfers

From: Lexology

Todd Liao and Stella Chen | Morgan Lewis & Bockius LLP

The draft legislation provides further guidance on the regulations provided in the recent cybersecurity law, including definitions and details on the security assessments required for cross-border data transfers.

China’s recently enacted Cybersecurity Law (CL), effective June 1, 2017, requires that personal information and important data collected and produced by critical information infrastructure (CII) operators in China be stored in China. The CL also requires that security assessments be performed before personal information and important data are provided to any entity or individual outside of China (Cross-border Data Transfer).[1] Along with the CL, China has published other draft legislation addressing the requirements for local storage and Cross-border Data Transfer and soliciting public comments. The new draft implementing rules include


Bahrain insists on managing risks in critical telecom infrastructure

From: AMEInfo

Bahrain’s telecommunications watchdog has urged to manage risks in critical telecommunications infrastructure.

The Telecommunications Regulatory Authority (TRA) has issued resolution number 5 of 2017 on its website and published in the Official Gazette the new set of regulations on critical telecommunications infrastructure (CTI) risk management.

Read Complete Article


NATO Cybersecurity: A Roadmap to Resilience

From: The German Marshall Fund of the United States

Bruno Lété, Daiga Dege


Keeping Pace with an Evolving Threat

Today NATO faces ongoing efforts from antagonists, including non-state actors, to intimidate and destabilize member states through cyber-attacks. The notion of cyber warfare is not new, but the scale, speed, and intensity of the challenge demands a new approach toward the preparation, deterence, and defense against these threats. One important innovation that cyber activities provide an adversary is ambiguity, both of intent and attribution. The source of cyber aggression is not easy to identify and requires advanced technological capabilities that only a few member states in NATO possess. Cyber aggression is even more difficult to prove publicly because laws and regulations in cyberspace are still incomplete. For NATO, the ambiguity of cyber campaigns present challenges vis-à-vis action that needs to be collectively addressed across the political, military, civilian, and technological spectrum. The following recommendations are designed to strengthen NATO resilience in cyberspace.


USCG: Cargo Disruption A Reminder That Cyber Risks Are Real

From: Marine Insight

The Coast Guard is actively monitoring and helping to mitigate the consequences of recent ransom ware attacks that have impacted cargo movement through several U.S. port facilities. The Coast Guard is uniquely capable of coordinating preparedness and response to maritime transportation disruptions, especially when partnering with federal, state, and local agencies that share responsibility for mitigating cyber threats and addressing cyber vulnerabilities. Our local operational commanders continue to facilitate recovery efforts at port facilities in order to ensure safe and secure port operations.

Read Complete Article



Nuclear breach opens new chapter in cyber struggle

From: E&E News | Energywire

Blake Sobczak and Peter Behr, E&E News reporters

U.S. authorities are investigating a cyber intrusion affecting multiple nuclear power generation sites this year, E&E News has learned.

There is no evidence that the nuclear energy industry’s highly regulated safety systems were compromised. But any cybersecurity breach — targeted or not — at closely guarded U.S. nuclear reactors marks an escalation of hackers’ probes into U.S. critical infrastructure.

Read Complete Article


CyCon 2018 Call for Papers is Now Open

From: NATO Cooperative Cyber Defence Centre of Excellence

NATO Cooperative Cyber Defence Centre of Excellence is proud to announce the Call for Papers for the anniversary conference on cyber conflict in 2018, CyCon C.  To celebrate the milestone the cyber security community is invited to shape the focus of the 10th CyCon. Instead of setting a predefined core topic for this conference, the research community is welcomed to submit original research papers on their choice of the most topical and current cyber security issues, from technical, legal, policy, strategy or military perspectives.


Securing Nepali cyberspace

From: myRepublica

Narayan Koirala is an Information Security Practitioner/Information Systems Auditor, Cofounder/ Director at Eminence Ways.


In your opinion, what are the areas that Nepal still needs to work on?

First, we need to increase awareness about information security among organizations as well as users. Next, we need to have proper, applicable Information Security Policies to start with, on a national level. Regulatory bodies need to impose and monitor any violation of such policies. Then, we need proper planning for IT security in organizations along with proper human resource to manage it.

Older posts «