Former US cyber czar Howard Schmidt tells business not to wait for government


Private business must take the initiative in addressing cyber threats and not wait for government, according to Howard Schmidt, the former White House cyber security co-ordinator for the Obama administration.

“We did not get where we are today by waiting around for government; we have the private sector to thank for driving the evolution of the internet,” Howard Schmidt told Computer Weekly.

For example, business has demanded and deployed multiple technologies to combat phishing so that now relatively few attacks reach corporate email users, said Schmidt.

New York Times ‘hit by hackers from China’

From: BBC

Hackers from China have “persistently” infiltrated the New York Times for the last four months, the US paper says.

It said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune.

The hackers used methods which have been “associated with the Chinese military” to target the emails of the report’s writer, the paper said.

China’s foreign ministry dismissed the accusations as “groundless”.

“To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible,” said spokesman Hong Lei.

MPs call for Government to consider ending use of Cloud amid concerns that US authorities can access information

From: The Independent (UK)

Warning comes during a Whitehall drive for government departments to store their electronic information externally with private companies

Rob Hastings

The Government should consider stopping sharing intelligence services with the US and end the use of Cloud computing due to concerns that sensitive personal information about British citizens can be spied upon by US authorities, MPs said today.

The warning comes during a Whitehall drive for government departments to store their electronic information externally with private companies, meaning taxpayers’ private data could be left vulnerable to large-scale surveillance.

NTIA Requests Comments on Administration of .usTLD

Editor’s Note: An advance copy of National Telecommunications and Information Administration’s Notice of Inquiry on Country Code Top-level Domain (ccTLD) for the United States; Policies and Requirements is attached here.  Below is an excerpt from the Federal Register notice:

In addition, security and stability of the Internet remains a cornerstone of all United States Government (USG) Internet policy concerns. These concerns are reflected in the current contract and SOW through high-level security requirements, including a new requirement for Domain Name System Security Extensions (DNSSEC) deployment within the usTLD.

Evaluation of cyber security risks being undermined by lack of quality information, auditors say


Businesses are concerned about the low quality of information they are being given about cyber security risks, according to a new report by an accountancy firm.

KPMG said that 45% of approximately 1,800 audit committee members they surveyed between August and October last year had said that their firms’ risk management programme required “substantial work”, with only one in four confident that their companies are looking “far enough into the horizon” to identify risk.