Chandani Patel

Pillars of AWS Well-Architected Framework

Well-Architected Framework Cloud computing is proliferating each passing year denoting that there are plenty of opportunities. Creating a cloud solution calls for a strong architecture if the foundation is not solid then the solution faces issues of integrity and system workload. AWS 5 pillars help
Hitoshi Kokumai

History, Current Status and Future Scenarios of Expanded Password System

Future Scenarios of Expanded Password System Passwords are so hard to manage that some people are urging the removal of passwords from digital identity altogether. What would happen, then, if the password is removed from our identity assurance? Where the password was kicked out, security providers

What Did Cyber Week Achieve?

What Did Cyber Week Achieve?

Last week’s “Cyber Week” was all about cybersecurity and the ongoing threat of cyber attacks against the federal government, non-profits and private companies in the US. But what did it achieve?

Ultimately, two new bills were passed by the House both aiming to enable both companies and government to withstand cyber attack and increase the country’s cybersecurity.

One aims primarily to strengthen government’s ability to deal with the ongoing cyber war in an attempt to effectively fight hackers more effectively. The other strives to enable companies to legitimately share cyber-threat and -attack information without the fear of being held liable.

Recent cyber attacks include the Home Depot hack last year that involved credit cards and effectively exposed 56 million card numbers. In January this year hackers accessed insurance provider Anthem’s database and accessed information relating to 80 million people, reportedly targeting social security numbers. In 2014 there were in excess of 1,500 data breaches reported worldwide – an increase in 50 percent from 2013.

While both pieces of legislation have been widely welcomed, there is some concern that they overlap and possibly undermine one another. For instance, during the floor debate, Colorado’s Democratic Representative, Jared Polis drew attention to this fact, stating that there seemed to be “some kind of turf war” going on between the government’s Homeland Security and Intelligence Committees.

While both bills have privacy protection that has been designed to restrict companies from sharing personal information, and in that way safeguard personal data, there are differences. Perhaps the most obvious difference is where cybersecurity issues must be reported.

The Protecting Cyber Networks Act (also referred to as the Intelligence Committee’s information sharing bill) is aimed at US companies, and encourages them to report any high-profile data breach to any federal agencies except the Department of Defense. Information will be shared with civilian agencies and not the Department of Homeland Security.

The National Cybersecurity Protection Advancement Act focuses on liability protection for companies sharing information on cyber attacks and cybersecurity breaches. Introduced by the Homeland Security Committee, the Act specifies that information must be reported to the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. It may then be shared with other companies to increase “network awareness.”

It has been reported that the legislation will be “merged” before it goes to the Senate.

In spite of the focus on US cybersecurity during Cyber Week, some have warned that the new legislation will not be enough to stop the ongoing threat. Even the White House has conceded that the liability protection offered is too broad, and could protect “grossly negligent and even reckless” entities.

In a statement of administration policy  issued on the eve of Cyber Week, the White House said that appropriate liability protections should not “grant immunity to a private company for failing to act on information it receives about the security of its networks.” Instead, it was important that liability protection was in place to ”incentivize good cybersecurity practices.”

Further, since the first major cybersecurity breach was reported in 2005, more than 40 bills have been introduced to Congress, and yet the threat appears to continue to increase.

It has been reported that President Barrack Obama has earmarked an amount of $14 billion to fight cyber attacks. He has also announced that a new government agency will be created. The Cyber Threat Intelligence Integration Center will be the pivotal body, presumably relying partly on the new legislation voted on during Cyber Week. In addition, the Senate is expected to consider the Cybersecurity Information Sharing Act and additional data-security very soon.

At the end of the day (or week), it is not clear how much was achieved during Cyber Week 2015, if anything.

By Penny Swift

Penny Swift Contributor
Penny has been a professional writer since 1984 – Penny has written more than 30 general trade books and eight college books. She has also written countless newspaper and magazine articles for: Skills on Site, Popular Mechanics (SA) and SA Conference, Exhibitions and Events Guide. Penny has a BA in Social Sciences and currently resides in Cape Town, South Africa.
Kris Lahri

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet ...
Brian Wheeler

3 Major Concerns For The Cloud

Concerns For The Cloud With the rise of cloud computing, different concerns about adopting the cloud have arisen over the years. In 2016, the top ...
How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove ...
The Guardian

Google, Facebook, Amazon and Apple asked to turn over internal documents

The US government’s investigations into big tech widened on Friday as lawmakers announced they were seeking internal documents from Google, Facebook, Amazon and Apple. Letters went out to the four ...

Top Trends in Blockchain Technology; inching towards Web 3.0

There’s no shortage of news about mega digital commerce players controlling the algorithms that guide our daily actions and thoughts.  See Amazon Changed Search Algorithms in Ways to Boost its Own ...
BBC Tech

Data on almost every Ecuadorean citizen leaked

Personal data about almost every Ecuadorean citizen has been found exposed online. Names, financial information and civil data about 17 million people, including 6.7 million children, was found by security company ...