Cloud Computing, Cyber Security, IT Security, Security, Technology

FedRAMP to Release Draft Standards for High-Impact Systems

Draft standards, due out next week, will provide a baseline for securing the federal government’s high-impact systems in the cloud.

The move is a huge step forward for agencies — which until now had been focused on securing low- and moderate-impact cloud computing systems — in terms of how disrupted systems may affect organizational operations and assets.

Growing demand from agencies seeking to reap the benefits of cloud computing has shifted the focus to high-impact systems, or those systems that are necessary to support agencies’ continuity of operations. Also included in that category, according to a November 2013 Office of Management and Budget (OMB) memo, are all cyber critical infrastructure and key resources identified in agencies’ Homeland Security Policy Directive 7 plans. “Information systems used by agencies to provide services to other agencies such as under E-Government initiatives and lines of business, could also be high impact, but are at least moderate impact,” the OMB noted in the memo.

Read More

Advertisements
Standard
Cloud Computing, Cyber Security, cyber security legislation, IT Security, Security, Technology

Hacker Or Military? Best Of Both In Cyber Security

Three things happened to me before BlackHat 2014 to bring the entire NSA / Edward Snowden drama back to the forefront. The media reminded us of the one-year anniversary of the original Snowden leaks. At the same time, I saw newly retired General Keith Alexander deliver a keynote at the Gartner Security and Privacy Summit where he provided an in-depth post-NSA speech, benefiting from several months of civilian life under his belt.

In June, I also hiked to the summit of Mount Snowdon in North Wales after speaking at AppSec EU in Cambridge, UK. The spelling is different, but I could not help but loop “Snowden/Snowdon” in my mind a thousand times on the way up and down the mountain. I could only shake my head…

General Keith Alexander at Black Hat 2013

Much has been written about the Snowden affair, including some of my own thoughts about the impact on the security community. I also had some tongue-in-cheek fun at Black Hat 2013, when General Alexander delivered his memorable speech. Black Hat 2013 showed me how differently members of the security community reacted to General Alexander: A third of the way through the General’s speech, the ex-hacker sitting next to me, dressed in jeans and a black t-shirt with a clever security quote, stood up and shouted “Bulls$*#!” He effectively scared the aforementioned expletive out of me and sent all eyes our way.

Read More

Standard
Golden Networking's Cyber Security World Conference 2014 New York City
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance, Government, IT Security, Security, Technology

State Department Computers Hacked, Email Shut Down while Repairing Possible Damage from Suspected Hacker Attack

The State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack.

A senior department official said Sunday that “activity of concern” was detected in the system around the same time as a previously reported incident that targeted the White House computer network.

That incident was made public in late October, but there was no indication then that the State Department had been affected. Since then, a number of agencies, including the U.S. Postal Service and the National Weather Service, have reported attacks.

Read more

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Finance, Government, IT Security, Technology

Banks take on retailers over who foots cyber attacks bill

High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Banks are gearing up for a big fight with retailers over who covers the cost of cyber attacks, after they paid most of the bill for breaches that they blamed on retailers’ own security deficiencies.In a rare show of unity, industry bodies that represent banks are banding together to urge lawmakers to introduce legislation that would force retailers to pay for the clean-up themselves during the new session of Congress next year.

Read More

Standard
Uncategorized

ISE ETF Ventures Launches the ISE Cyber Security™ Index (HXR)

ISE ETF Ventures announced today the launch of the ISE Cyber SecurityTM Index (ticker: HXR), an index that allows investors to quickly take advantage of both event-driven news and long term economic trends in the cyber security and information technology space. The index, which is the first and only one focused specifically on publically-listed companies that develop or provide cyber security technology and related services, is licensed to PureFunds® and will be the basis for an exchange traded fund (ETF).

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Finance, Government, IT Security, Technology

USA Feds hacked: Is cybersecurity a bigger threat than terrorism?

The US Postal Service announced Monday that the personal data of 500,000 postal employees was exposed in cyber attacks this year. This year hundreds of millions of private data have been compromised in attacks on business and government computers.

Read More

Standard