Archive for December, 2016

LabMD challenges scope of FTC’s cyber authority

Editor’s Note: For more on this story, see here.

From: Benefits Pro

Says FTC doesn’t have authority to regulate cybersecurity practices of medical laboratories

By C. Ryan Barber

Setting the stage for a fresh test of the Federal Trade Commission’s power to police online security or cybersecurity, a now-defunct medical laboratory on Tuesday urged a U.S. appeals court to overturn an agency ruling that blamed lax data-protection practices for the exposure of nearly 10,000 patients’ personal information.

Food and Drug Administration final guidance protects medical devices from hacks

From: Modern Healthcare

By Joseph Conn

The Food and Drug Administration has finalized guidance on keeping medical devices such as pacemakers and insulin pumps safe from hacks.

Device makers should develop “a structured and comprehensive program to manage cybersecurity risks” even after their products are sold, according to Dr. Suzanne Schwartz, associate director for science and strategic partnerships at the FDA’s Center for Devices and Radiological Health.

Read Complete Article

Trump picks Tom Bossert as homeland security adviser

From: Politico



Bossert was a deputy homeland security adviser in the last year of the Bush administration, when he helped draft the federal government’s first cybersecurity strategy.

He also spent two years as the White House director of infrastructure protection policy, a role that involved management of U.S. critical infrastructure security.

Read Complete Article

New York Rewriting Cybersecurity Rules After Banker Pushback

From: American Banker

By Penny Crosman

New York’s Department of Financial Services has decided to rethink its controversial cybersecurity regulation just a couple of weeks before it was to take effect.

The department says it will publish revised rules Dec. 28 that will take effect March 1.


Read Complete Article

Cybersecurity confidence gets a C- . How to improve your grade in 2017

From: CSO

According to this year’s data, global cybersecurity confidence fell six points over 2016 to earn an overall score of 70 percent.

The City of San Diego seems to have all the building blocks in place to make the smart city an exceptionally safe one when it comes to cyber attacks. Deputy director and CISO Gary Hayslip has built out the city’s security operations center, he’s partnering with innovative security vendors and startups, and conferring with law enforcement to keep up with the latest threats. He has the backing of the mayor and city executives, with plenty of funding, and he’s hiring more staff.

Massachusetts Partners with Israel’s CyberSpark on Security R&D


The State of Massachusetts is partnering with Israel’s CyberSpark to work on development, research and training related to cybersecurity.

During a stop on Governor Charlie Baker’s Economic Development Mission to Israel, economic development leaders took part in the signing of a memorandum of understanding (MOU) between the Massachusetts Technology Collaborative and CyberSpark, a non-profit made up of academic, industry and government resources.

“Massachusetts and Israel each maintain highly skilled workforces, eager investors, and innovative economies that make us natural partners ready to lead on the future of cybersecurity,” said Governor Baker. “I want to congratulate MassTech Collaborative and CyberSpark on today’s agreement.”

Hack of Saudi Arabia exposes Middle East cybersecurity flaws

From: The Journal

Mahmoud Habboush, Gwen Ackerman and Michael Riley

Associated Press

More than a year after a drowned Syrian toddler washed up on a beach in Turkey, the tiny refugee’s body, captured in a photograph that shocked the world, reappeared on computer screens across Saudi Arabia — this time as a prelude to a cyber attack.

The strike last month disabled thousands of computers across multiple government ministries in Saudi Arabia, a rare use of offensive cyberweapons aimed at destroying computers and erasing data. The attackers, who haven’t claimed responsibility, used the same malware that was employed in a 2012 assault against Saudi Arabian Oil Co., known as Saudi Aramco, and which destroyed 35,000 computers within hours.

Brexit, technology innovation, and communications regulations

From: ITProPortal


The UK government needs to take some large steps to provide the assurances that the technology sector needs.

Britain’s decision to leave the EU will challenge the ability of UK technology companies to innovate and grow. Companies have previously relied on the benefits of EU membership such as the freedom to manage and transfer data across the EU, and free movement of skilled labour to create huge opportunities for creativity and collaboration across the technology sector.

Central African States adopt cyber-security cross-border law

From: BizCommunity

BRAZZAVILLE, Congo (Republic of the) – An exacting endeavour of the Central African Economic Community (ECCAS) member states – supported by the Economic Commission for Africa (ECA) and the International Telecommunications Union (ITU) – has yielded fruit, with the adoption by countries of the sub-region, of model laws on telecommunications, cyber security and the regulatory framework to govern cross-border interconnection. 


NIST Announces CyberSeek, An Interactive Resource for Cybersecurity Career Information

From: NIST

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) today introduced CyberSeek (link is external), an interactive online tool designed to make it easier for cybersecurity job seekers to find openings and for employers to identify the skilled workers they need.

CyberSeek was announced at the 2016 NICE Conference in Kansas City, Missouri, by Rodney Petersen, director of the National Initiative for Cybersecurity Education (NICE), which funded development of the tool. The NIST-led NICE focuses on cybersecurity education, training and workforce development.