FISMA News

From: ComputerWeekly.com

A minority of UK small and medium enterprises (SMEs) are giving high priority to cyber threats, research has revealed.

Although cyber threats are gaining recognition among SMEs, there is a clear need to raise awareness and protection, according to the Institution of Engineering and Technology (IET).

Threats to systems are increasing and new vulnerabilities are emerging daily, said Hugh Boyes, the IET’s cyber security expert.

“We are working to raise awareness among the UK engineering and technology community of the need to improve the cyber security of both our critical national infrastructure and all the technology we use,” he said.

From: TunisAlive

Roua Khlifi

The National Union of Tunisian Lawyers discussed the creation of a legal framework to address cyber-crimes such as defamation and online terrorism during a forum held Friday.

Chawki Tabib, head of the union, emphasized the pivotal role the Internet played during the revolution and stressed that online freedom will not be affected. Yet, he insisted, there must be regulation.

“We want the role of the internet in resisting corruption to continue after January 14,” he said. “Yet over the previous months, violations have grown and we have noticed many cases of defamation as well as economic and terrorist crimes.”

From: The Diplomat

By J. Michael Cole

Hackers from the Chinese military appear to have shifted the focus of their attacks against Taiwan from government institutions to the civilian sector, including think tanks, telecommunications, Internet nodes, and traffic signal control systems, the island’s top civilian spy agency said in a new report.

The report, submitted by the National Security Bureau (NSB) to the Legislative Yuan prior to a briefing on countermeasures on April 29, did not venture reasons why the PLA’s General Staff Department was now turning its sights on civilian infrastructure, nor did it indicate whether this alleged shift was part of a larger trend or was specific to Taiwan.

From:  Moscow Times

From: Bloomberg

By Alexei Alexis

Following House passage of the Cyber Intelligence Sharing and Protection Act (CISPA) bill focused on information sharing, the attention now shifts to the Senate, where key Democrats are calling for a more comprehensive approach that is favored by the White House.

The House passed its bill (H.R. 624) April 18 on a 288-127 vote, leaving out key provisions urged by the White House, such as language to promote cybersecurity standards for critical parts of the private sector (12 PVLR 671, 4/22/13).

From: TechHive

John P. Mello Jr.

The cyber attack Friday on the Internet deal site LivingSocial that forced it to reset the passwords of some 50 million users has elements of what’s becoming an all too familiar storyline.

Along with the names, birth dates, and email addresses of some of the site’s users, the intruders also accessed those users’ passwords.

The passwords could have been used to access user accounts on LivingSocial, but the online deals firm says it doesn’t believe any accounts have been compromised.

From: Lancaster Guardian

Heart and diabetes patients could be at risk of “cyber assassination” following attacks from internet hackers, a Galgate computer security expert has warned.

From: Bloomberg

By Chris Strohm

Efforts by Google Inc. (GOOG), Microsoft Corp. and Amazon.com Inc. (AMZN) to be excluded from U.S. cybersecurity rules may become moot under a European Commission proposal that could force them to report attacks and make their products more secure.

E-mail providers, search engines, social networking websites and companies specializing in electronic commerce would have to comply with cybersecurity requirements to sell products and services within the 27 countries of the European Union under a directive proposed Feb. 7.

From: SC Magazine

Asavin Wattanajantra

At Infosecurity 2013, external auditors were described as a threat to information security, ignorant of business strategies and only after the money.

Read Complete Article

From: CFO

Many small businesses are perfect targets for cyber attacks because they lack the sophisticated security practices larger companies use to protect trade secrets and customer data.

Taylor Provost

Telecommunications giant Verizon on Tuesday released its annual investigative report of data breaches, which found that small businesses are the number-one target of cyber-espionage attackers.

Almost half of the 621 confirmed data-breach incidents Verizon recorded in 2012 occurred at companies with fewer than 1,000 employees, including 193 incidents at those with fewer than 100 workers. Similarly, security company Symantec reported last week that cyber attacks on businesses with fewer than 250 employees leaped 31 percent in 2012, following an 18 percent climb in 2011. Both reports cited small businesses’ inadequate security infrastructure for protecting financial information, customer data and intellectual property.