Should FedRAMP be the standard for all public sector?

From: FCW

By Troy K. Schneider

he Federal Risk and Authorization Management Program is the law of the land for federal agencies looking to the cloud, but could FedRAMP become a broader standard for other governments as well?

Wade Daley, Canada’s chief technology officer, said on June 26 at the Amazon Web Services Symposium in Washington, D.C., that he’d had “good discussions with the U.S. government on their FedRAMP program,” and was looking at how Canada might adopt that approach.

Read Complete Article

Facebooktwittergoogle_plusredditpinterestlinkedinmail

2015 ICS Cyber Security Conference Call for Papers Now Open

Editor’s Note: The conference should include presentations on the federal, state and municipal regulation of ICS/SCADA cyber-physical security.

From: Security Week News

Longest Running ICS Cyber Security Conference Opens Call for Presentations for 2015 Event

The official Call for Papers for the 2015 Industrial Control Systems (ICS) Cyber Security Conference, to be held October 26 – 29, 2015 at the Georgia Tech Hotel and Conference Center in Atlanta, Ga., is now open.

The conference is the foremost and longest-running cyber security-focused event series for the industrial control systems sectors and caters to the energy, water, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations.

U.S. government steps up cybersecurity efforts with new rules for export controls, economic sanctions

From: Lexology

Adam Berry, Steven Choi | Hogan Lovells

With cybersecurity dominating the headlines, the U.S. government has taken several recent steps to target the national security threat posed by cybercriminals and hackers with new regulations aimed at curbing malicious actors online. With a series of proposed rules and an Executive Order, the U.S. government has begun a concerted effort (i) to rein in malicious cyber actors using export controls and sanctions regulations; and (ii) to better align U.S. export control regulations with the realities of cloud computing and encrypted export-controlled data.
***

Firms at risk of cyber blackmail

From: Lawyers Weekly (Australia)

Stefanie Garber

Law firms are failing to protect their client data adequately, leaving them open to litigation and even ransom demands, a security expert warns.

Dr Suresh Hughenahally, chief information security officer at the Victorian Government’s department of state development, told Lawyers Weekly many firms are vulnerable to major breaches of data privacy.

Read Complete Article

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Famed Security Researcher Mudge Leaves Google for White House Gig

From: re/code

Peiter Zatko, a respected computer security researcher better known by the nickname Mudge, says he’s leaving his job at Google to head up a new government agency for the White House.

***

Zatko didn’t return my messages seeking more details, but the agency he’s setting up would appear to be a government-backed third-party entity that would test any software and systems with a bearing on U.S. National Security. When L0pht first proposed the idea, the sudden popularity of the Internet both among consumers and businesses was putting public safety at risk. Security software isn’t always as good as its creators claim. “The lack of standards and meaningful certification has allowed the sale of products that are either intentionally or unintentionally snake-oil,” the group argued at the time.