FISMA News

From: computing.co.uk

By Andrew Charlesworth

The European Commission has proposed establishing a dedicated Cybercrime Centre as part of Europol, the European Police Office, based in The Hague.

Europe’s cyber crime fighters should be ready for action by January 2013.

The proposal delivers on the promise to establish a co-ordinated cyber force that was made by the Commission back on 22 November 2010.

The centre will focus on illegal online activities carried out by organised crime groups, particularly those generating large criminal profits, such as online fraud involving credit cards and bank credentials.

From: Financial Times

By James Kaplan, Tucker Bailey & Allen Weinberg

“Can it happen to us?” All over the world technology executives have been fielding this question from boards of directors and CEOs in the wake of highly publicised cyber-attacks on large, well-respected companies and public institutions.

In a world where ever more value is migrating online, where business strategies require more open and interconnected technology environments, where attackers have ever-more impressive capabilities and where attacks exploit human vulnerabilities in the form of employee and customer behavior, the only honest answer is: “Yes.”

From: WSJ

By DEVLIN BARRETT

WASHINGTON—The Federal Bureau of Investigation’s top cyber cop offered a grim appraisal of the nation’s efforts to keep computer hackers from plundering corporate data networks: “We’re not winning,” he said.

Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them, he said.

From: NYT

By NICOLE PERLROTH and JOHN MARKOFF

SAN FRANCISCO — Less than four years after Huawei Technologies and Symantec teamed up to develop computer network security products, the joint venture is being dismantled because Symantec feared the alliance with the Chinese company would prevent it from obtaining United States government classified information about cyberthreats.

From: GovInfoSecurity.com

Legislation being drafted by an influential Republican House chairman to reform the Federal Information Security Management Act could, if enacted, reverse Obama administration policy on how IT security is governed in the federal government.

The draft legislation unveiled by Rep. Darrell Issa, the California Republican who chairs the House Oversight and Governmental Reform Committee, employs similar language as the 8-year-old FISMA, in which governance of IT security is vested with the director of the White House Office of Management and Budget.

From: Circle ID

By CircleID Reporter

The Online Trust Alliance (OTA) joined a unanimous vote at the Federal Communications Commission’s (FCC) Communications Security, Reliability and Interoperability Council (CSRIC) meeting today, approving the voluntary U.S. Anti-Bot Code of Conduct for Internet Service Providers (ISPs), also known as the ABCs for ISPs. As a member of the CSRIC appointed by FCC Chairman Julius Genachowski, the OTA has been working with the FCC and leading ISPs to develop this voluntary Code.

From: your-story.org

New Delhi – India, March 21st, 2012 – With hackers from China, Pakistan and now Bangladesh allegedly involved in 9 out of total 10 cross border cyber attacks against India, cyber security experts from India expressed a need to discuss the emerging cyber security threats on an international platform. A global society of cyber security experts having a member base of around 10,000 cyber security professionals in India alone, OWASP (Open Web Application Security Project), today announced its next cyber security conference in New Delhi, India on 24th August 2012. OWASP has already organized two subsequent cyber security conferences in India and received an encouraging response from corporate, government departments, defense and security establishments.

From: Oman Daily Observer

Concern over cyber attacks

By Conrad Prabhu – MUSCAT — Cyber security czars from leading international organisations are among dozens of industry experts expected to descend on Muscat next month for a major summit that, among other things, will hammer out a strategy for the region’s cyber defence. ‘Cyber Defence Summit 2012’ will be held on April 2-3 at Grand Hyatt Muscat. It is being staged against a backdrop of escalating global concerns over the potential implications of cyber attacks against critical national infrastructure systems and even the global economy.

From: The Yomiuri Shimbun

The economy ministry will establish the nation’s first facility to check the cybersecurity of control systems used to manage such things as important infrastructure or production lines at chemical factories.

Scheduled to open by March next year at the earliest, the facility will be located in Miyagi Prefecture and operated by a private sector-led association.

It will be modeled on a cyber-attack test bed set up by the U.S. Homeland Security Department and will conduct cyber-attack simulations for control systems, using computer viruses created by itself to test resistance against such attacks.

From: Bloomberg/Business Week

By Michael A. Riley and Ashlee Vance

Last June, three men squeezed inside a wind turbine in China’s Gobi Desert. They were employees of American Superconductor Corp., a maker of computer systems that serve as the electronic brains of the device. From time to time, AMSC workers are required to head out to a wind farm in some desolate location — that’s where the wind usually is — to check on the equipment, do maintenance, make repairs, and keep the customers happy.