Top naval commanders asks Carter to include SCADA on cyber scorecard

From: FCW

By Sean Lyngaas

Two Navy admirals have sent a letter to Defense Secretary Ash Carter asking him to pay greater attention to the cybersecurity of the industrial control systems that underpin U.S. infrastructure.

ICS vulnerabilities “will have serious consequences on our ability to execute assigned missions if [they are] not addressed,” wrote Adm. William Gortney and Adm. Harry Harris, who are, respectively, the commanders of U.S. Northern Command and U.S. Pacific Command.

Read Complete Article


White House Announces Efforts to Accelerate Precision Medicine Initiative

From: GenomeWeb

NEW YORK (GenomeWeb) – The White House unveiled today a series of commitments from dozens of government agencies, academic institutions, and various public and private sector organizations to accelerate President Barack Obama’s Precision Medicine Initiative (PMI) and its goal of establishing a large-scale research cohort of individuals across the US.


The Office of the National Coordinator for Health IT, in collaboration with the National Institute of Standards and Technology (NIST), has also committed to developing a precision medicine-specific guide to the NIST Cybersecurity Framework by the end of the year. The guide will help organizations involved in the PMI maintain a strong security strategy and prioritize participant trust.

Midair Hack Shows the Dangers of In-Flight Wi-Fi

From: Observer

‘This is far more serious than in your home, because there are 200 or 300 people at once’

USA Today reporter Steven Petrow wrote a column this week detailing how his computer was hacked while he was using American Airlines’ in-flight Gogo Wi-Fi. A passenger in the seat behind him hacked into his email and read every message he sent and received during the flight.

CFTC’s New Proposed Rules Mandate Extensive Cybersecurity Testing; Comments Due Feb. 22, 2016

From: JDSupra Business Advisor

Reporter, Mark H. Francis, King & Spalding

On December 16, 2015, the Commodity Futures Trading Commission (“CFTC”) released two Notices of Proposed Rulemaking (“NPRMs” or “Proposed Rules”) that would, if finalized, supplement existing regulations covering the cybersecurity practices of commodity exchanges and clearing organizations. Although the Proposed Rules would not impose direct changes to most aspects of regulated entities’ cybersecurity policies and practices, the Proposed Rules would mandate an extensive cybersecurity testing regime that likely would trigger significant changes in how regulated entities manage cybersecurity risks. These entities would need to shoulder the added costs of extensive testing internally and by independent professionals. It remains to be seen whether regulated entities would need to adjust current policies and practices, and to what extent, to remediate issues identified by those tests.

Get ready: Regulators are looking hard at cybersecurity of third-party vendors

From: HousingWire

What’s voluntary today is going to be required tomorrow

Sarah Wheeler

As mortgage lenders and servicers try to shore up their own systems against data security breaches, a new regulatory focus on the security practices of third-party vendors could be even more daunting.

A panel at the Mortgage Bankers Association’s Mortgage Servicing conference examined the data security threats servicers need to address, and one glaring area of weakness was these vendor relationships. Specifically, the panel pointed to the guidelines from the New York Department of Financial Services on this issue that are voluntary now, but are likely — even highly likely — to be required in the near future.