Why NSA Critics Are Wrong About Internet Vulnerabilities Like ‘Heartbleed’

From: Business Insider

Dave Aitel, CEO of Immunity Inc., a leading offensive security firm that serves major financial institutions, industrials, Fortune/Global 500s and US government/military agencies. He is a former NSA computer scientist and DARPA contractor.

In a recent article “Obama Policy on Zero Days Craps Out”, Stanford’s director of civil liberties Jennifer Granick made the case that the White House should be more forthcoming with its disclosures of “zero day” threats and other web/software vulnerabilities.

Mikulski: Roundtable aims to keep, grow Maryland’s cyber security workforce

From: Baltimore Business Journal

U.S. Sen. Barbara Mikulski says a new state roundtable on cyber security will focus on keeping the fast-growing industry’s jobs in Maryland, rather than going to Northern Virginia.

The Maryland Cybersecurity Roundtable will hold its first meeting on Thursday. The group includes Mikulski, Gov. Martin O’Malley, KEYW Corp. CEO Len Moodispaw and Jeffrey Wells, who oversees cyber for the Maryland Department of Business and Economic Development.

Maryland is a hot bed for cyber security but Mikulski noted that the neighboring Virginia has the potential to lure away talent and entrepreneurs due to its high concentration of government contractors.

EPA Lays Out Public-Private Partnership Plan to Secure Water Supply and Treatment Sector

From: Infosecurity-Magazine

EPA opts out of further regulation to protect critical infrastructure.

As the recent e. Coli scare in Portland, Ore., indicates, access to clean drinking water is a basic necessity for avoiding disease and allowing society to function unhindered by the need to, say, boil one’s bathwater for at least one minute every evening. The US Environmental Protection Agency (EPA) is now striving to implement the Cybersecurity Framework as part of a public-private effort to lock down the systems in the water and wastewater systems sector.

Health Care Lags Financial Sector in Security Effectiveness

From: eWeek

By Nathan Eddy

A BitSight report reveals security effectiveness in the health care industry lags far behind other sectors such as utilities or finance.

The health care and pharmaceuticals sector has many of the same characteristics as the retail sector, including a high volume of security incidents and slow response times, according to a report from BitSight Technologies. The average rating in the health care industry was 660. Like the retail sector, the spread in performance across the industry is large, indicating that there are many companies that are seriously underperforming. 

FTC on Data Brokers: ‘They Know Where You Live’

From: NBC News

WASHINGTON (Reuters) – Companies known as data brokers collect and sell information about “nearly all” U.S. consumers, drawing potentially harmful conclusions about them largely without their knowledge, U.S. regulators said on Tuesday.

The Federal Trade Commission called on Congress to pass legislation that would enable consumers to learn more easily how data brokers collect, use and sell their data, to correct it or to opt out of the process, especially when it comes to sensitive information such as about their health status.