The FISMA Focus IPD

From: Caldwalder

On November 24, 2015, the Commodity Futures Trading Commission (“CFTC” or “Commission”) held an open meeting to propose the regulation of automated trading (“Regulation AT”).  According to the CFTC, the purpose of Regulation AT is to minimize the potential for disruption that may arise from the automation of order origination, transmission, or execution.  Proposed Regulation AT includes transparency measures and pre-trade and other risk controls for clearing member futures commission merchants (“FCMs”), designated contract markets (“DCMs”), and market participants using algorithmic trading systems.  Furthermore, the CFTC is proposing a new registration requirement for persons engaged in proprietary algorithmic trading on a DCM through direct electronic access.

From: Lawfare

By Matthew Waxman, Doron Hindin

Recent terrorist attacks and resulting questions about the limits of surveillance have rekindled debate about how governments should deal with the challenges of powerful, commercially available encryption. With active debate in the United States and Western Europe surrounding this issue, it is instructive to note that Israel has been regulating encryption for decades.

From: FierceGovernmentIT

By Stephanie Kanowitz

As the year nears its close, the data breaches that came to light in the past 12 months remain top of mind. To help combat that cyber threat, the National Institute of Standards and Technology is seeking comments on a new project that would help organizations prepare for and recover from data attacks.

NIST’s National Cybersecurity Center of Excellence is asking for comments on a white paper titled “Data Integrity: Reducing the impact of an attack,” (pdf) released Nov. 23, according to a press release.

Read Complete Article

From: NIST

Businesses face a near-constant threat of destructive malware, ransomware and malicious insider activities that can alter or destroy critical data. Even honest mistakes can alter data in ways that cause a significant loss to a company’s reputation, business operations and bottom line. To reduce this risk, organizations need to be able to recover quickly from a data integrity attack and trust the accuracy and precision of the recovered data.

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) is seeking comments on a new project to help organizations prepare for, and recover from, attacks that might compromise their data.

From: The Hill

By Cory Bennett

Policymakers are searching for ways to defend the nation’s power grid from a major cyberattack, amid concerns the industry’s digital defenses are dangerously lagging and underfunded.

Security experts warn that energy companies, while attuned to the threat, are scrambling to play catch-up, leaving the all-important power grid exposed to hackers.

Read Complete Article