The FISMA Focus IPD

From: Charged Affairs

MICHAEL DWORMAN

***

A single agency may help with coordination, but the major focus should be on the regulations and what the government is empowered to enforce. The state of New York is implementing a new set of cybersecurity regulations for major financial entities regulated by the Department of Financial Services. Compliance includes requirements for the appointment of a security officer responsible for data protection and the creation of a cybersecurity program. The problem is that the penalties for violating the law are unclear. The European Union (E.U.) has implemented the General Data Protection Regulation (GDPR), imposing privacy regulations on companies that seek to do business with or cover citizens of the E.U. Most importantly, penalties are strict, with fines of up to four percent of global annual revenue.

From: Bloomberg News via Daily Republic

***

“It’s guys my age that are the problem,” according to Walker, who said he’s in his early 50s. “We’ve been 30-years trained in a world that doesn’t work this way anymore.”

Earlier this month, at least seven pipeline operators from Energy Transfer Partners to TransCanada said their third-party electronic communications systems were shut down, with five confirming the service disruptions were caused by hacking.

Read Complete Article

From: Open Democracy

In the current climate, the impact of the Cybersecurity Tech Accord which, without explicitly saying it, gestures towards a form of self-regulation for the tech industry – needs close monitoring.

Lea Kaspar

Last week, Microsoft and 33 other leading tech companies unveiled their Cybersecurity Tech Accord – an agreement on a broad set of principles committing the signatories to “protecting users and customers everywhere”.

From: Inside Cybersecurity

Mariam Baksh

Financial institutions’ efforts to streamline compliance with various regulatory requirements by customizing the National Institute of Standards and Technology’s cybersecurity framework could be complete as early as this June, and the plan could inform future versions of the widely used framework, according to a NIST official.

Read Complete Article [paywall]

From: GCN

By Susan Miller

Lawrence Livermore National Laboratory is looking for a partner to help further develop and commercialize its method for securely processing protected data in high-performance computing clusters.

With the growing demand for big data analysis and improvements in hardware, researchers have been running large-scale simulations in HPC and cloud environments. The lab saw the need for a way to secure data in high-performance computing centers and in cloud environments so that it could meet regulatory and privacy requirements.

Read Complete Article