Feds admit cooperation remains obstacle with corporations, cyber threats

From: TribLive

By Tom Fontaine

A key to reducing cyber crime is getting victims — often major corporations — to cooperate with authorities, two top federal law enforcement officials said on Wednesday during visits to Pittsburgh.

Assistant Attorney General for National Security John P. Carlin said investigators don’t just need to know how cyber criminals breached a system.

***

Pittsburgh figures prominently in the global war on cyber crime. Chinese military hackers are accused of targeting some of its biggest companies, and some of the world’s top cyber sleuths are based here, helping to bring indictments against the military hackers and bring down two Russian-based cyber crime schemes accused of stealing more than $100 million worldwide, officials said

An Emboldened FTC: What Does It Mean for a Company’s Cybersecurity Team?

From: JDSupra Business Advisor

Rachel Teisch 

In April, Edith Ramirez, Chairwoman of the FTC, and Julie Brill, FTC Commissioner, tweeted: “Pleased the court recognized @FTC’s authority to hold biz accountable for safeguarding consumer data & look forward to trying this case.” This tweet was celebratory, but signaled caution to companies regulated by the Federal Trade Commission (FTC).

HHS gets low marks on security card implementation

From: FCW

By FCW Staff

The Department of Health and Human Services’ efforts at implementing secure ID cards were rated “inadequate” by the HHS Office of Inspector General.

A new IG report said HHS’s implementation of the 2004 Homeland Security Presidential Directive 12 is uneven and has some vulnerabilities that could put the agency’s security at risk.

The report said the agency’s HSPD-12 efforts lacked controls to ensure that all credentialing requirements were met, and noted that identification cards weren’t deactivated in a timely manner. It also said controls to access and manage the system were not tight enough.

New Cybersecurity Primer by the Center for a New American Security

From: JustSecurity.org

By

Last week the Center for a New American Security (CNAS) released a new report on cybersecurity authored by Richard Danzig titled “Surviving on a Diet of Poisoned Fruit: Reducing the National Security Risks of America’s Cyber Dependencies.” CNAS hosted a panel discussion featuring the author and fellow cyber luminaries from DARPA, Harvard’s Belfer Center for Science and International Affairs, and others. As Danzig says during the panel, a core issue in cybersecurity is how

“technologists themselves do not understand how their technology is going to be used and is used, and policymakers … do not understand how the technology has fundamentally changed the game.”

Federal Communications Commission Requests Comments On Effectiveness Of Cybersecurity Recommendations

From: Mondaq/Jones Day

Article by Bruce A. Olcott, Mauricio F. Paez, Richard J. Johnson and Preston N. Thomas

The Federal Communications Commission (“FCC”) is seeking industry and public comment on whether it should take further steps to ensure that the U.S. communications industry is sufficiently prepared for cybersecurity threats.

The Commission last raised this question several years ago when it appointed an advisory committee of industry, public safety, and consumer representatives to develop recommendations for best practices in lieu of regulatory requirements. The voluntary recommendations (“Recommendations”), released in 2012 by the FCC’s Communications Security, Reliability, and Interoperability Council, focused on remediating security oversights, gaps, and outdated practices that facilitate malicious use of networks and network services. Among other things, the Recommendations included: