Archive for January, 2014

Cisco Report Reveals Increased Cyber Security Threats


By Emma Okonji

The Cisco 2014 Annual Security Report reveals that threats designed to take advantage of users’ trust in systems, applications and personal networks have reached startling levels.

According to the report, a worldwide shortage of nearly a million skilled security professionals is impacting organisations’ abilities to monitor and secure networks, while overall vulnerabilities and threats reached their highest levels since 2000.

The report’s findings offer a picture of rapidly evolving security challenges facing businesses, Information Technology (IT) departments and individuals.

Health app makers face privacy and security regulation from many quarters

From: Mobi Health News

By: Jonah Comstock

Even though the FDA guidance on mobile medical apps is now finalized, it only represents a portion of the regulation mobile medical app developers need to concern themselves with, according to Pepper Hamilton lawyers Mark Kadzielski, Sharon Klein, and Dayna Nicholson, who presented a webinar on the topic last week. Particularly in the areas of privacy and security, a number of regulatory bodies are involved.

Breaches Spark Call for Congress to Act


Financial Services Roundtable Outlines Recommendations


In light of recent high-profile retail breaches, including those at Target and Neiman Marcus, The Financial Services Roundtable is asking Congress to take action. For example, it’s calling for passage of a national data breach notification law as well as legislation to expand oversight of the retail and telecommunications sectors.

“The recent breaches of retailer data systems are a grave reminder of the need for robust and proper cyberprotections,” says Tim Pawlenty, president and CEO of The Financial Services Roundtable, in a Jan. 27 letter to Congress. The roundtable is an advocacy organization for the U.S. financial services industry.

Lockheed-Martin to invest in Israeli cybersecurity know-how

From: Times of Israel

By David Shamah

For its first major investment in Israeli technology, Lockheed-Martin is looking for innovative cyber-security ideas and projects – which would seem a bit out of character for a company best known for defense systems, aerospace, and even space systems. “A lot of people do think that, but it happens that we actually do a lot of information technology work, which means we need a lot of cyber-security,” said Chandra McMahon, Senior VP Commercial Markets, Lockheed Martin IS&GS. “We need good cyber technologies to protect our customers, and Israel is a great place for that.”

German federal watchdog knew for weeks of mass password theft

From: EuroNews

German federal security officials have admitted they knew several weeks ago that internet hackers had stolen 16 million email passwords.

The Federal Office for Information Security (BSI) only alerted the public this week.

BSI president Michael Hange defended the time lag in issuing the public alert, saying the office had needed time to set up a website where online users could securely check whether they had fallen victim to the theft.

“Setting up a process that complies with data protection laws and can handle such a large number of requests needs preparation time,” Hange told public broadcaster Bayerischer Rundfunk.

Splunk Revs Its Big Data Security Chops

From: Channelnomics


Splunk security

The Big Data brains at Splunk Inc. continue to fine tune the security chops in their business intelligence platform, this week rolling out an updated app with better threat detection capabilities.

Improving the ability to, as Splunk puts it, “stalk the cyberattackers,” the updated Splunk App for Enterprise Security 3.0 combines with the latest Splunk Enterprise platform to form a real-time, scalable security intelligence platform with advanced security analytics that promises advanced threat detection and a significant reduction in the time to incident discovery and response.

Cybersecurity risks loom for Lebanese banks

From: The Daily Star

By Elise Knutsen

BEIRUT: Clad in black converse emblazoned with the Batman emblem, jeans and a bracelet reading “HACKERS,” Jayson Street approached a Beirut   bank last week. “I’m the IT guy from headquarters,” he told employees, in a thick American accent.Despite his manifest tech savvy, Street is not an IT guy, per se, and he wasn’t sent from headquarters.

“Once I fixed the computer, the manager was letting me behind the teller line,” he told The Daily Star. “I got an employee to give me his user ID, his password, and I got his smart card for his system.”

CIOs Deprioritize Cybersecurity


Cybersecurity is becoming less of a concern for chief information officers, according to Gartner. The technology research company surveyed 2,300 CIOs from
across the world.

Security now ranks eighth on CIOs strategic priority lists. A drop from the number 1 spot a decade ago. Among CIOs in North America alone, security ranks slightly higher, coming in at number five on their priority lists.

Read Complete Article

Auditor Adam Edelen pushing for better cyber security

From: The State Journal

House Bill 5 would require faster reporting of breaches and establish training

By Kevin Wheatley

Kentucky Auditor Adam Edelen has thrown his support behind legislation aimed to improve cyber security within state and local government.

House Bill 5 would require agencies to report security breaches — such as lost or stolen health records, banking information or Social Security numbers — to law enforcement, the state auditor’s office and relevant state departments within 24 hours and notify affected individuals within 35 days. If a breach affects more than 1,000 people, the Finance Cabinet and national consumer reporting agencies would be notified.

Budget Proposal Aims to Audit State Agency Security Compliance


An item in Gov. Brown’s budget proposal on Thursday, if approved, will fund a 2-year pilot project to audit state agencies’ compliance with state and federal security standards.   Consistent with the work already done by the California Office of Information Security, the proposal is for $684 K to add 5 new positions.

Here’s the item below, including a $6.7 million proposal to increase efficiency at the state’s data center:

Department of Technology