FISMA News

From: The Times of India

Jayadevan PK & Neha Alawadhi, ET Bureau

NEW DELHI/BENGALURU: India’s cybersecurity budget was more than doubled last year. Yet, it is “woefully inadequate” in the wake of revelations made by US National Security Agency contractor Edward Snowden and increasing
cyberattacks on government infrastructure, according to experts.

In 2014-15, the Department of IT has set aside Rs 116 crore for cybersecurity. The country has proposed to set up a national cybercoordination centre (NCCC) with a separate budget of Rs 1,000 crore. The coordination centre is still awaiting Cabinet clearance. “Allocation is woefully inadequate given Snowden’s revelations we need at least 10 times that amount,” said Sunil Abraham, executive director at Center for Internet and Society.

From: Computer Business Review

by Eleanor Burns

60% believe little guidance has been provided in run up to NIS and GDPR legislation.

Many European organisations are unprepared for and challenged by cost and complexity of compliance with new European Union security legislation.

Only 39% of France, Germany and UK indicated that they have all required measures in place for the NIS directive and less so for GDPR.

The proposed NIS (Network and Information Security) directive is set to be implemented in 2015 and will impose new security and incident reporting requirements on a broader range of private sector companies.

From: PC

By John C. Dvorak

The Sony hack was just a bit of fun compared to what could happen if Facebook gets taken out. 

Every so often, someone complains about a PC meltdown made all the more catastrophic because they had no data backups. At this point, there’s no excuse for that, except laziness. Inexpensive hard disks are available everywhere, while apps and programs will auto-backup your files to the Internet.

But recently the complaints have begun: people are losing data in the cloud. Someone gets kicked off their account, and the data is destroyed. Or someone makes some crazy mistake and the data is over-written, destroyed, or never archived properly.

From: Strategy Page

An American government official, Xiafen Chen, was arrested in October and charged with supplying China with classified data about American dams. This is part of a Chinese effort to collect detailed data on American infrastructure and other economic targets to support preparations for Internet based attacks on these facilities in wartime, or anytime. Xiafen Chen and her husband moved to the U.S. from China in 1992 and later became American citizens. The FBI found emails in which Xiafen Chen discusses the data she took from U.S. government databases and passed to senior Chinese officials.

From: Government Technology

Teams from the schools will sweat it out in a game of cyber Capture the Flag, where each team will try to steal secrets from their opponent’s computer while keeping their foe out of their own system.

by Jordan Graham, Boston Herald

(TNS) The brightest young minds on either side of the Atlantic will wage pretend cyber war in a “Cambridge vs. Cambridge” competition as part of a joint effort announced Jan. 16 by President Obama and British Prime Minister David Cameron to bolster cooperation between the two countries to counter hacking and improve cybersecurity.

From: The Hill

By Cory Bennett

The Chinese government could be behind a cyberattack on Microsoft’s email system in China, according to GreatFire, a nonprofit that monitors censorship in China.

GreatFire believes the email program Outlook was subjected to a so-called man-in-the-middle attack, in which hackers insert themselves into systems to eavesdrop while relaying messages between users. The attack lasted most of Saturday, GreatFire said.

Read Complete Article

From: Express

WITH the latest generation of tracker apps on our mobile phones, there’s no longer anywhere to hide.

By Dominic Midgley

When Apple launched its Find My Friends iPhone app in 2011 it was billed as a way for users to meet up with friends at an outdoor concert, keep track of the family during a day at the zoo or see when an incoming relative had finally made it past baggage reclaim.

This week it was revealed to have another application after it emerged during a murder trial that the app had been used by a jealous husband to track down his wife on an assignation with another man.

From: The Diplomat

China is showing its readiness to make and not just take international rules.

By Sonya Sceats

In 2014, China stepped up its campaign to shape international norms governing the Internet, moving vigorously in its public diplomacy and behind the scenes to subjugate the online world to state power.

If we join the dots of these maneuvers across a number of global policy agendas, an interesting picture emerges. China, it seems, is indicating its readiness to make and not just take international rules on issues of strategic importance to its interests.

Internet Governance

From: The Wall Street Journal | CIO Journal

By Rachael King

MasterCard  Inc. lawsuit against Nike  Inc. underscores the growing difficulty of finding cybersecurity talent – particularly chief information security officers – as companies seek to bolster their defenses in the face of increasing security breaches.

In a complaint, filed Wednesday in federal court, MasterCard alleges that the footwear company conspired with its ex-CISO William Dennings and former head of information security engineering to poach cybersecurity talent. The credit card company claims that both executives, who went to work for Nike in 2013, broke non-solicitation and non-disclosure contracts by subsequently hiring MasterCard employees who worked in information security.

From: Cosmetics design-europe

With the European Parliament and member states logging heads on various issues, analysts reckon imposing the new Data Protection Regulation Act could be delayed, meaning personal data could be exposed.

Read Complete Article