From: Inside Cybersecurity
Waterfall Security is urging the National Institute of Standards and Technology to revise its framework of cybersecurity standards to emphasize the differences in cyber and physical threats to critical infrastructure, an issue that has become more pronounced with the emerging Internet of Things, according to the firm.
“The framework is confusing when applied to cybersecurity for critical physical infrastructure,” the firm argues in written comments to NIST. . . .
From: CivSource
Members of the National Association of State Chief Information Officers (NASCIO) are asking the federal government to strengthen its partnership with state-level technology officials when it comes to critical issues like cybersecurity. The advocacy session was part of NASCIO’s midyear conference currently underway in Washington D.C.
From: Bloomberg/BNA
By Tripp Baltz
Financial advisers and broker-dealers in Colorado may soon face the most far-reaching state cybersecurity requirements in the U.S. if a proposed rule is approved by the state Division of Securities.
The proposal, set for a May 2 hearing, would establish a more comprehensive cybersecurity regime than New York’s recent financial services security rule. The Colorado rule would reach financial advisers and broker-dealers untouched by the New York rule. Other states are expected to follow follow suit in adopting financial services cybersecurity rules.
From: Inside Cybersecurity
The Federal Communications Commission is poised to release today a regulatory proposal to reverse Obama-era rules for the internet that is intended to re-establish the Federal Trade Commission as the pre-eminent regulatory agency for consumer data security and privacy.
Read Complete Article [paywall]
From: Harvard Business Review
***
The problem is that many IoT devices are not designed or maintained with security as a priority. According to a recent study by IBM Security and the Ponemon Institute, 80% of organizations do not routinely test their IoT apps for security vulnerabilities. That makes it a lot easier for criminals to use IoT devices to spy, steal, and even cause physical harm.
