Archive for January, 2017

Regulatory compliance as a cyber security strategy tool

From: Control Engineering

A recently published white paper describes some of the most effective industrial security tools pharmaceutical companies have at their disposal in the era of Industry 4.0. Control Engineering Europe reports.

***

Protection through compliance 

Operating in one of the world’s most heavily regulated industries, pharmaceutical companies need to abide by a variety of complex laws, regulations and guidelines. Sometimes, these can become the basis for an effective industrial security strategy.
The Food and Drug Administration (FDA) 21 CFR Part 11 is one of the most established regulations within the industry. It requires organisations to implement controls, electronic audit trails and systems validations and establishes standard expectations for industrial security through the use of reliable electronic documentation of the pharmaceutical manufacturing process.

Read Complete Article

Manager At Russian Cybersecurity Firm Kaspersky Lab Arrested

From: Radio Free Europe/Radio Liberty

Prominent Russian cybersecurity company Kaspersky Lab says a manager who headed its investigation unit has been arrested.

***

Kommersant cited unidentified sources close to the Federal Security Service (FSB) as saying that Stoyanov’s arrest might have been linked to an investigation into a deputy chief of the FSB’s Center for Information Security, Sergei Mikhailov, who they said was also arrested in December.

Read Complete Article

NASCIO Pushes for Cybersecurity Partnerships With Feds

From: 21CenturyState.com

By:

The National Association of State Chief Information Officers (NASCIO) is advocating for increased cybersecurity partnerships with the Federal government, according to its 2017 advocacy agenda.

The Federal advocacy agenda, which was released Jan. 18, outlines the four issues that NASCIO will focus on this year:

  1. State chief information officers’ (CIOs) seek strong intergovernmental partnership on cybersecurity.
  2. Flexibility in Federal funding regulations that encourage legacy system modernization and cloud adoption.
  3. Information sharing and safeguards, meeting citizen expectations.
  4. Successful implementation of First Responder Network Authority (FirstNet) plans in each state.

EU to consider overhaul of network security agency

From: Telecompaper

The European Commission announced a public consultation to review the performance of the EU’s network security agency Enisa and consider a possible overhaul of its mission in the face of growing cybersecurity threats. The 2013 regulation on Ensia requires the Commission to conduct an evaluation of the agency by June 2018 and to assess the possible need to modify its mandate, which will come to an end in 2020. In view of the rapid evolution of the EU cybersecurity and digital privacy landscape, both on the threat and policy side, the Commission said it has brought forward the Enisa evaluation to this year.

Indian Supreme Court seeks response from WhatsApp, govt over non-security of data, conversations

From: ZeeNews

New Delhi: SC has issued notice to Centre and Facebook-owned WhatsApp over non-security of data and conversations on Whatsapp and has sought response in 2 weeks time.

Chief Justice Jagdish Singh Khehar and Justice D.Y. Chandrachud were hearing plea on WhatsApp’s privacy policy, and gave notice on plea seeking government’s regulation of online messaging. The petitioner contended that under the new policy of WhatsApp, the online messaging service could access, read, share and use the contents for commercial purposes.

The court also issued notices to the Telecom Regulatory Authority of India.

Read Complete Article

In new QER, Moniz leaves path for Perry to follow at DOE

From: UtilityDIVE

The new Quadrennial Energy Review lays out over 70 recommendations for a cleaner, more secure energy system.

***

Though it wasn’t billed as his final address, Friday’s release of the Department of Energy’s Quadrennial Energy Review (QER) was one of Moniz’s last significant acts at the agency’s he’s headed since 2013. The speech provided the MIT physicist with a platform to lay out critical electrical system issues for the incoming president and his DOE pick, former Texas governor Rick Perry, to address.

***

Massachusetts Releases Online Reports of Data Breaches

From: Government Technology

The state Office of Consumer Affairs and Business Regulation has made public an online archive of data breach notifications affecting Massachusetts residents from 2007 through 2016.

By Susan Spencer, Telegram & Gazette, Worcester, Mass.

TNS) — It could be through a bank or a hospital, an accounting firm or a higher education institution. It could be in a large government agency. Pretty much anywhere personal information is collected, it could be intentionally or accidentally compromised.

On Tuesday, the state Office of Consumer Affairs and Business Regulation made public an online archive of data breach notifications affecting Massachusetts residents from 2007 through 2016.

Nigerians Declare War on Cryptocurrency Scam

From: CoinTelegraph

Cryptography Development Initiative in Nigeria (CDIN) has created a platform called the “Nigeria Blockchain Alliance” (NBA) which brings together law enforcement agents, legal practitioners, forensic investigators and government agencies among others to collaborate in the fight against cryptocurrency related crimes within the country.

The President of CDIN, Adeolu Fadele, tells Cointelegraph that this development is in support of the government’s efforts in fighting electronic fraud in Nigeria and to prevent fraudsters from giving the country a negative reputation in the new generation of digital innovation.

The government is always late

Read Complete Article

Brandis extends submission deadline on telco data retention for civil proceedings

From: ZDNet

After giving just 15 business days over the holiday period for submissions on whether to allow retained telco data to be used for civil proceedings, Brandis has extended the timeframe by two weeks.

By

Australian Attorney-General George Brandis has extended the deadline for those wanting to make a submission on whether the federal government should prohibit access by parties for civil proceedings to data retained by telecommunications providers under the data retention legislation.

Submissions now close on Friday, January 27 — two weeks after the original January 13 submission due date.

Read Complete Article