The FISMA Focus IPD

From: Forbes

Robert Lenzner

Welcome to the increasingly dangerous world of cyber-warfare. The latest version; a western intelligence agency of unknown origin (according to the Financial Times of London) is infecting the internet service providers and sovereign telecoms operations of Russia, Saudi Arabia, Iran, Mexico and Ireland. To what end is not known, though the cyber security company Symantec calls the malware extremely sophisticated.

Then, there are the criminal elements, who have been hacking into the credit card details of JP Morgan Chase (76 million customers’ names), and retailers like Home Depot, Target and EBay. Or the attempts going on by neer-do-well nations to break down the control of energy plants and factories, at times by criminal elements that act like stalking horses for sovereign nations up to no good.

From: CSO

Abbott said it was high time for a review as the online security

David Braue (CSO Online)

A six-month review of Australia’s cybersecurity defences will be undertaken to identify the strengths and weaknesses of the nation’s cybersecurity strategy, prime minister Tony Abbott has announced.

Speaking at the launch of the Australian Cyber Security Centre (ACSC) in Canberra today, Abbott said it was high time for a review as the online security posture had changed significantly in the six years since the last review of the country’s defences.

Editor’s Note:

You don’t need a weatherman
To know which way the wind blows –B. Dylan

All readers see here, bankers and other members of the regulated community also see here.

From: American Banker

Shamoil Shipchandler, David Ball, and Daniel Meyers

Buckle up, bankers: cybersecurity is about to be regulated. Evidence for this conjecture can be found in recent speeches by New York banking regulator Benjamin Lawsky, who announced in October the possible imposition of new, strict cybersecurity rules for financial institutions. Banks could be required to appoint chief information security officers and to undergo quarterly tests for information system vulnerabilities under the regime.

Editor’s Note: The TTIP negotiations offer the opportunity for US and European authorities to coordinate encryption regulatory policies in keeping with economic and security needs.

From: The Hill

By Cory Bennett

The European Union updated its guidelines for protecting personal information under EU data security laws, which are more stringent than those in the U.S.

In short, EU officials told developers they were doing a bad job encrypting data. While all the basic building blocks of good encryption methods exist, they said, implementation is lacking and testing is ineffective.

Read Complete Article

From: The Dispatch and The Rock Island Argus

Illinois Lt. Gov. Sheila Simon and the Illinois Chamber of Commerce Foundation last week revealed details of a study of the impact on the state of its federal military installations.

***

The report also listed opportunities. They include the capacity to take on large private sector manufacturing projects and work from other military services in conjunction with the digital hub in Chicago. The Arsenal also has the potential to increase its missions, particularly in the area of cyber security and other non-DOD activity through the Department of Homeland Security.