Feb
27

Virginia businesses could be subject to New York cyber regulation

From: Virginia Business

by Collin Hite

Certain financial service businesses have just a few days to gear up for New York’s brand-new cybersecurity regulation.  The new rule applies to all entities overseen by the New York Department of Financial Services (NYDFS) banking, insurance and financial service laws.  The net scoops up commercial banks, foreign banks with New York licensed offices, mortgage brokers and servicers, small-loan lenders and money transmitters doing business in New York.  Obviously, insurance companies, broker, agents (resident and non-resident), and others also fall within the scope.  As Gov. Andrew Cuomo stated, “These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place” to protect businesses and clients “from the serious economic harm caused by these devastating cyber-crimes.”

Feb
23

Quest Baldrige Cybersecurity Pre-Conference Workshop

From: National Institute of Standards and Technology

New this year! Register Now

Sunday, April 2, 2017 • 9:00 am-4:15 pm

Limited seats available. Reserve early. Workshop registration includes refreshment breaks. Attendees are on their own for lunch.

The Baldrige Cybersecurity Workshop is a practical, interactive workshop on how to conduct a self-assessment of an organization’s cybersecurity program, utilizing the Baldrige Cybersecurity Excellence Builder. The workshop will provide you with information about how to use the self-assessment tool to better understand where your cybersecurity efforts are today and what they can look like in the future.

Feb
22

Post-Quantum Crypto: Don’t Do Anything

From: BankInfoSecurity.com

No Need to Panic, Cryptographers Say; Just Wait for NIST Guidance

There’s good news for anyone worried about the rise of quantum computers and the risk that they could be used to crack modern, public-key crypto systems, thus imperiling the security of much of today’s data, both in transit and at rest. Leading cryptographers advise: Don’t panic, and above all, don’t do anything about it right now.

“Do nothing, just wait for the NIST process,” said Dan Boneh, a professor at Stanford University, in an RSA Conference panel last week devoted to post-quantum cryptography and answering this question: “Is time running out?”

Feb
20

Why foreign users are still staying away from Chinese apps

From: South China Morning Post

Concerns over censorship and data privacy overshadow the global ambitions of Chinese tech companies

Viola Zhou

***

“Most US and European consumers believe that the Chinese government has its hands in every software and hardware company and that there are numerous ways in which private information might be compromised in favour of the government and the Communist Party,” Snyder said in an email to the South China Morning Post.

***

Telecom gears made by Huawei and ZTE were labelled national security threats by the US government in 2012, while phonemaker Xiaomi faced data privacy investigations in Taiwan and Singapore.

Feb
17

Why Data Privacy is Losing Its War Against IT Innovation

From: eWeek

By Chris Preimesberger

NEWS ANALYSIS: It is quite possible that there is no such thing as personal data privacy anymore–especially when it comes to video.

SAN FRANCISCO — A growing number of people think Facebook, other social networks, connected device makers–and potentially the entire internet of things market itself–are (or soon will be) too invasive into personal data privacy for their own good. This topic was one of many on everybody’s minds at this week’s RSA Security 2017 conference at Moscone Center.

***

Feb
16

Trump reps skip big cyber security conference, a break with past

From: USA Today

***

In past years, the Obama administration was very engaged at RSA, in keynotes and panels. High- and low-ranking staff put out its views on cybersecurity, called for experts in the field to come work for the government to protect the homeland and were outspoken about the issues raised by encryption and the dangers of terrorists going dark through its use.

While there were 41 government speakers at RSA this year, there are no senior level speakers from the Trump administration.

Read Complete Article

Feb
13

Tallinn Manual 2.0 Paves the Way for State Action in Cyber Space

From: NATO Cooperative Cyber Defence Centre of Excellence

Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations lays out expert analysis, paving the way for states to develop cyber norms, highlight experts. The European launch of the Tallinn Manual 2.0, the most comprehensive guide on how international law applies to events in cyber space, took place in The Hague today.

Feb
08

How 1 Arrest Silenced Russian Contacts for Western Cyber Crime Fighters

From: Reuters

***

Despite acrimonious relations between Russia and the United States in recent years, experts on cyber security in both countries say their law enforcement agencies and private firms had been working together more closely behind the scenes to fight financial fraud and other crimes committed online.

But at least some of that cooperation appears to have come to a sudden halt since Ruslan Stoyanov, head of the computer incidents investigation team at Russian cyber security firm Kaspersky Lab, was arrested in December on suspicion of treason.

Read Complete Article

Feb
07

House Oversight committee places high priority on renewing E-Gov Act provisions

From: FederalNewsRadio.com | 1500AM

By Jason Miller

While the federal IT and acquisition communities still are “patiently” waiting for President Donald Trump to name key players at the Office of Management and Budget, the General Services Administration and the Office of Personnel Management, Republican lawmakers gave us a little bit of insight into their plans for 2017.

***

What may be the committee’s most important work that will receive little attention outside of a small community is the seven provisions of the E-Government Act of 2002 that will or have expired.

Read Complete Article