Cyber Criminals Caught! Ah No, More Like Just Identified. Sigh!

Cyber Criminals Caught! Ah No, More Like Just Identified. Sigh!

Cyber Criminals Caught It’s that time when we look back on the past year. In 2018, Atlanta was a victim of a cyber attack. It fought back rather than pay ransom and spent millions. The FBI has identified the malevolent actors but they are outside
Your Blockchain Use Case Probably Isn't A Blockchain Use Case

Your Blockchain Use Case Probably Isn’t A Blockchain Use Case

BLOCKCHAIN USE CASE Blockchain is the underlying distributed ledger technology for cryptocurrencies such as Bitcoin; it has been at the forefront of business news in the last two years. Fortunes have been built and lost buying and selling cryptocurrencies. In one case, a gentleman threw
cyber-warfare

What Did Cyber Week Achieve?

What Did Cyber Week Achieve?

Last week’s “Cyber Week” was all about cybersecurity and the ongoing threat of cyber attacks against the federal government, non-profits and private companies in the US. But what did it achieve?

Ultimately, two new bills were passed by the House both aiming to enable both companies and government to withstand cyber attack and increase the country’s cybersecurity.

One aims primarily to strengthen government’s ability to deal with the ongoing cyber war in an attempt to effectively fight hackers more effectively. The other strives to enable companies to legitimately share cyber-threat and -attack information without the fear of being held liable.

Recent cyber attacks include the Home Depot hack last year that involved credit cards and effectively exposed 56 million card numbers. In January this year hackers accessed insurance provider Anthem’s database and accessed information relating to 80 million people, reportedly targeting social security numbers. In 2014 there were in excess of 1,500 data breaches reported worldwide – an increase in 50 percent from 2013.

cyber-security

While both pieces of legislation have been widely welcomed, there is some concern that they overlap and possibly undermine one another. For instance, during the floor debate, Colorado’s Democratic Representative, Jared Polis drew attention to this fact, stating that there seemed to be “some kind of turf war” going on between the government’s Homeland Security and Intelligence Committees.

While both bills have privacy protection that has been designed to restrict companies from sharing personal information, and in that way safeguard personal data, there are differences. Perhaps the most obvious difference is where cybersecurity issues must be reported.

The Protecting Cyber Networks Act (also referred to as the Intelligence Committee’s information sharing bill) is aimed at US companies, and encourages them to report any high-profile data breach to any federal agencies except the Department of Defense. Information will be shared with civilian agencies and not the Department of Homeland Security.

The National Cybersecurity Protection Advancement Act focuses on liability protection for companies sharing information on cyber attacks and cybersecurity breaches. Introduced by the Homeland Security Committee, the Act specifies that information must be reported to the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. It may then be shared with other companies to increase “network awareness.

It has been reported that the legislation will be “merged” before it goes to the Senate.

In spite of the focus on US cybersecurity during Cyber Week, some have warned that the new legislation will not be enough to stop the ongoing threat. Even the White House has conceded that the liability protection offered is too broad, and could protect “grossly negligent and even reckless” entities.

In a statement of administration policy  issued on the eve of Cyber Week, the White House said that appropriate liability protections should not “grant immunity to a private company for failing to act on information it receives about the security of its networks.” Instead, it was important that liability protection was in place to ”incentivize good cybersecurity practices.

Further, since the first major cybersecurity breach was reported in 2005, more than 40 bills have been introduced to Congress, and yet the threat appears to continue to increase.

It has been reported that President Barrack Obama has earmarked an amount of $14 billion to fight cyber attacks. He has also announced that a new government agency will be created. The Cyber Threat Intelligence Integration Center will be the pivotal body, presumably relying partly on the new legislation voted on during Cyber Week. In addition, the Senate is expected to consider the Cybersecurity Information Sharing Act and additional data-security very soon.

At the end of the day (or week), it is not clear how much was achieved during Cyber Week 2015, if anything.

By Penny Swift

Penny Swift

Penny has been a professional writer since 1984 - Penny has written more than 30 general trade books and eight college books. She has also written countless newspaper and magazine articles for: Skills on Site, Popular Mechanics (SA) and SA Conference, Exhibitions and Events Guide.

Penny has a BA in Social Sciences and currently resides in Cape Town, South Africa.

TOP ARCHIVES

The Top 7 Latest DevOps Trends to Follow in 2019

The Top 7 Latest DevOps Trends to Follow in 2019

DevOps Trends to Follow Awareness of the latest DevOps trends is important for companies which consider the integration of DevOps ...
Infosec thought leaders

Beyond VDI: How the hybrid cloud is forcing us to rethink an industry

Beyond VDI (Virtual Desktop Infrastructure) Before I start this blog, I want to get something off my chest. Here it ...
Predict ► Prescribe ► Prevent Analytics Value Cycle

Predict ► Prescribe ► Prevent Analytics Value Cycle

Predict ► Prescribe ► Prevent Organizations looking for justification to move beyond legacy reporting, should review this little ditty from ...
Technology Cloud Contributor

The Competitive Cloud Data Center

The Competitive Cloud The corporate data center was long the defacto vehicle for all application deployment across an enterprise. Whether ...
Using Machine Learning To Find Employees Who Can Scale With Your Business

Using Machine Learning To Find Employees Who Can Scale With Your Business

Machine Learning To Find Employees Hiring managers in search of qualified job candidates who can scale with and contribute to ...