Former MOD cyber chief: management too complacent about cyber threat


Author: Miranda Alexander-Webber

Source: Operational Risk & Regulation | 23 May 2013

MoD’s former head of cybersecurity says tone needs to be set from the top

Senior executives need to set the correct tone from the top to tackle the cyber threat to their organisations, a conference was told today.

Jonathan Shaw, a cyber adviser at Digital Barriers and former head of the defence cybersecurity programme at the UK Ministry of Defence (MoD), today told the Digital Threats 2013 conference in Brighton that leadership was key.


Government seeks evidence on network and information security in light of EU proposals


Businesses are being asked to share details of the cyber security incidents they have experienced with the Government to help it assess the impact of proposed new EU cyber security laws.

The Department of Business, Innovation and Skills (BIS) has said that it will use the information it gathers to inform its assessment of the potential impact that proposed new EU cyber security and breach notification laws would have in the UK. BIS’ ‘call for evidence’ (21-page / 176KB PDF) has been issued in relation to the draft Network and Information Security (NIS) Directive which the European Commission first published in February.


Press exposure of Federal data security hole leads to legal threats

From: The Register

Hacks accused of hacking, are researchers next?

By Iain Thomson in San Francisco

An investigation into a security slip that left the identity information for over 170,000 users of a US federal government program publicly available online has led to accusations of hacking and legal threats.

The Scripps News investigative team spent the last month studying companies running Lifeline, a federal program to supply cheap fixed or mobile phone access for low-income households. Lifeline was set up by President Reagan and is paid for by a $2.97 surcharge on telecoms bills.


US revamps IT operations to improve cybersecurity

From: Asia Pacific FutureGov

By Thanya Kunakornpaiboonsiri

Nevada Department of Transportation (NDOT), US improved the performance of its machine data, enhancing its security systems, and improving operational efficiency by recently deploying a new information management software.

Upon deploying the ‘Splunk Enterprise’ software, the NDOT has managed to reduce the number of hourly errors in the network while increase its security posture by capturing and analysing its machine data.

“The very day we deployed a single firewall device into the field, the software alerted our team in real time when someone overseas tried to connect to secure shell (SSH),” said Kimberly Munoz, IT Manager, NDOT.


China wants communication on cybersecurity with US

From: Times of India

BEIJING: China has appealed for communication with the US on cyber security, Xinhua reported.

While stressing that cybersecurity was a global issue, confronting not only America but also China, a foreign ministry spokesperson Hong Lei said: “China proposes stronger cooperation with the United States on cyber security.”

The statement came during a daily press briefing in response to a question claiming the US governmental organisations and businesses have been victims of cyber attacks by the Chinese military.


‘The future of freedom on the internet is at stake’

From: The Local

Internet policy experts gather in Stockholm this week to grapple with online data protection and surveillance issues that everyone who surfs the web should care about, reports technologist Stefan Geens.

Here’s why the Stockholm Internet Forum is the most important conference you’ve never heard of.

This week sees 450 policy-oriented technologists from 90 countries meet at the Stockholm Internet Forum,
a two-day conference hosted by Sweden’s Ministry of Foreign Affairs,
its aid agency Sida, and .SE, the foundation responsible for Sweden’s
internet infrastructure.


New Security Algorithm Allows Industrial Control Systems To Ward Off Cyber Attacks

From: Silicon Angle

Mike Wheatley

The security of industrial control systems is a fairly hot topic of conversation these days, with the assumption being that it leaves a lot to be desired. Acknowledging that the security of critical is a potential weak point in the country’s defenses, researchers have come up with a way of making these sensitive hacker targets a lot less vulnerable. How did they do it? Why, they simply have the control systems police themselves.


Operation Hangover: Unveiling an Indian Cyberattack Infrastructure

Editor’s Note:  The Norman report is attached here

From: Operation Hangover: Unveiling an Indian Cyberattack Infrastructure


On Sunday March 17th 2013 the Norwegian newspaper Aftenposten reported that the telecommunications giant Telenor had filed a case with Norwegian criminal police (“KRIPOS”) over what was perceived as an unlawful intrusion into their computer network. The infection was reported to have been conducted via “spear phishing” emails sent to people in the upper tiers of management.

Initially, we had no information or visibility into this case. However, after some time Norwegian CERT (NorCERT) shared some data from the event, which included md5 hashes of malicious files and information about which Command and Control servers were used.


Commerce CISO: Cybersecurity is about more than technology

From: FierceGovernmentIT

By Molly Bernhart Walker

With the goal of building a cadre of highly-skilled cyber security experts, the Commerce Department tripled role-based training completion in three years and implemented an award-winning personally-identifiable information training program department wide.

“IT security training is a real big, big push for us at the department,” said Commerce Department Chief Information Security Officer Rod Turk during a May 20 panel discussion at ACT-IAC’s Management of Change Conference in Cambridge, Md.

But ensuring cybersecurity at the department depends on more than just technology, he said.


Lockheed Martin attempts to win international, cybersecurity business

From: Baltimore Business Journal

Bethesda-based Lockheed Martin has a strategy in place to win new work internationally and in growing sectors such as cybersecurity, the defense contractor’s new chief of information systems and global solutions told the Washington Post.

In a wide-ranging interview with the Post, Sondra L. Barbour, who took over the challenged unit late last month, told the business editors, “The strategy we have is one of looking at our traditional core customers and ensuring that we are performing, but then we also focus internationally.”

Older posts «

» Newer posts