Cybersecurity

U.S. Concerned over Increasing Russian Submarine Patrols Near Data Cables

Russian submarines and spy are reported to be aggressively operating near vital undersea cables that carry global Internet communications, according to a story in the New York Times. The issue is raising concerns among some American military and intelligence officials regarding the possibility that Russians might be planning to attack those lines in times of tension or conflict. more

‘Not the Best Time’ for Proposed Russia-U.S. Cyber Unit, Says NSA Chief

NSA chief, Mike Rogers during the annual Aspen Security Forum on Saturday, shunned the proposed Russia-U.S. cyber unit, stating "I would argue now is probably not the best time to be doing this." more

The WSIS+10 Outcome Document - Some Initial Thoughts

The final outcome document of the WSIS +10 Review was released late last night. I thought I would give you some initial impressions as we enter the week of the WSIS+10 Review at the United Nations in New York. The text endorses the central tenet of the multistakeholder model of governing ourselves on the Internet and re-commits to the Tunis agreement. It extends the mandate of the IGF for 10 years recognizing the role that this Forum plays in bottom up governance processes. more

On the Way to the G7 ICT Ministers’ Meeting in Japan

This week in Japan I have been invited to address the Multi-Stakeholder Conference that will officially open the G7 ICT Ministerial summit in Takamatsu. The focus of the ICT Ministerial will be on four distinct areas: (1) Innovation and economic growth; (2) Unrestricted flow of information, and ensuring the safety and security in cyberspace;
(3) Contributing to the resolution of global issues, including digital connectivity; (4) International understanding and international cooperation in the future. more

Millennials an Untapped Resource for Cybersecurity Skills but They Lack Awareness, Study Finds

A study was recently conducted by Enterprise Strategy Group (ESG) to find out where the potential answers to the cybersecurity skills shortage amongst technology-savvy millennials and post-millennials in the US. more

U.S. Issues Cyber Incident Coordination Policy

White House has issued new directive spelling out how the Federal government will coordinate its incident response activities in the event of a large-scale cyber incident. more

Trump to Sign Cybersecurity Executive Order on Tuesday

President Donald Trump expected to sign an executive order on cyber security on Tuesday. more

Hackers Earned Over $100K in 20 Days Through Hack the Air Force 2.0

HackerOne has announced the results of the second Hack the Air Force bug bounty challenge which invited trusted hackers from all over the world to participate in its second bug bounty challenge in less than a year. more

Women in Security Organize New Conference in Reaction to RSA’s Lack of Female Speaker Inclusion

RSA, one of the largest cybersecurity conferences, has been criticized for booking only one female keynote speaker this year who is Monica Lewinsky. more

China, Russia Posing More Aligned Cyberattack Threats to the US, Says Chief of National Intelligence

Dan Coats, Director of US National Intelligence warns China and Russia are increasingly using cyber operations to steal information, influence citizens and to disrupt critical infrastructure. more

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

At a speech during the Security and Defense Agenda meeting on 30 January Vice-President of the European Commission, Neelie Kroes, showed how the Commission envisions public-private cooperation on cyber security. more

U.S. Now Leading Source of Attack Traffic, Followed by China and Russia

The U.S. became the top attack traffic source in the second quarter of 2010, accounting for 11% of observed attack traffic in total, reports Akamai in its State of the Internet Report released today. According to the report, China and Russia held the second and third place spots, accounting for just over 20% of observed attack traffic. Attack traffic from known mobile networks has been reported to be significantly more concentrated than overall observed attack traffic, with half of the observed mobile attacks coming from just three countries: Italy (25%), Brazil (18%) and Chile (7.5%). more

IT Security Guide: “Financial Impact of Cyber Risk” Released by ANSI and ISA

The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released today a new action guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack. In 2004, the Congressional Research Service estimated the annual economic impact of cyber attacks on businesses -- which can come from internal networks, the Internet or other private or public systems -- to be more than $226 billion. In 2008, U.S. Department of Homeland Security Secretary Michael Chertoff named cyber risks one of the nation's top four priority security issues. more

U.S. Justice Department Forms Group to Study National Security Threats of IoT

"The U.S. Justice Department has formed a threat analysis team to study potential national security challenges posed by self-driving cars, medical devices and other Internet-connected tools," reports Dustin Volz from Washington in Reuters" more

Bug Bounty Programs: Are You Ready? (Part 3)

The Bug Bounty movement grew out a desire to recognize independent security researcher efforts in finding and disclosing bugs to the vendor. Over time the movement split into those that demanded to be compensated for the bugs they found and third-party organizations that sought to capitalize on intercepting knowledge of bugs before alerting the vulnerable vendor. Today, on a different front, new businesses have sprouted to manage bug bounties on behalf of a growing number of organizations new to the vulnerability disclosure space. more