Monday, October 20, 2014

State CIOs urge coordination on 'patchwork' of cybersecurity regulations

State officials responsible for managing government data and networks are calling on federal agencies to coordinate efforts on an emerging array of cybersecurity requirements, and are citing the National Institute of Standards and Technology's framework of standards as a useful tool for accomplishing that.


Telcos report familiarity with NIST framework, stress voluntary steps

The communications industry is well aware of the framework of cybersecurity standards and embraces it as a risk management tool with enterprise-wide applications, according to industry comments submitted last week to the National Institute of Standards and Technology.

All Sectors >>


Message from Germany: Governments must articulate their role in cyber defense

Arne Schonbohm, who leads an industry cybersecurity group in Germany, wraps up a tour of the United States this week and he has a message for governments on both continents: Articulate how you will help the private sector defend its networks in the face of highly advanced attacks from nation-states.

Weekly Analysis
Industry details efforts to promote cyber framework, areas for further development

Business groups and companies commenting on the government's framework of cybersecurity standards offered extensive details on their efforts to promote the framework, assurances that they are meeting the goals of bolstering cybersecurity in various ways, and questions on broader issues such as the need for incentives and more discussion on the economics of the issue.

Industry remains concerned about NIST privacy initiatives

Industry stakeholders are urging the National Institute of Standards and Technology to tread lightly when considering next steps on privacy policy for cybersecurity and beyond, according to comments solicited by the agency.

The week ahead: Packed agenda of government, industry cybersecurity events

The third week of National Cybersecurity Awareness Month is crowded with events from government, private sector, and industry groups, expanding beyond the designated topic of the week — cybersecurity for small businesses — and examining issues such as Estonian cybersecurity initiatives, Army information technology, and business cybersecurity.

Obama issues new cybersecurity executive order and plans summit

President Obama on Friday signed a new executive order directing the government to better secure transactions and sensitive data and will convene a summit on cybersecurity and consumer protection later this year.

Recent News

NIST releases final agenda for cyber framework workshop in Tampa

New breach notification requirement advances at Nuclear Regulatory Commission

DOD delays network-breach notification rules amid key questions

FireEye urges emphasis on 'dynamic' threats in next version of framework

Financial sector finds NIST framework fits in well with cybersecurity initiatives

Sign Up Now

Get one month of free access

Form for a free trial

Daily Briefs

Healthcare group warns patient-data law falls short on security

The Healthcare Information and Management Systems Society is cautioning against a reliance on patient data and privacy requirements to sufficiently thwart cyber attacks.

FireEye identifies Germany, UK as top targets for advanced attacks

The latest regional threats report by FireEye shows a dramatic increase in "advanced targeted attacks" and lists Germany and the United Kingdom as the most targeted countries.

Chemical industry tests info-sharing, with ISAC launch slated for mid-2015

The chemical industry is pilot testing a cyber threat information system with the Department of Homeland Security, with the launch of a chemical-sector Information Sharing and Analysis Center slated for mid-2015.

Featured Document

Financial sector comments on NIST cyber framework

The Financial Services Sector Coordinating Council on Oct. 10, 2014, submitted comments on the National Institute of Standards and Technology's framework of cybersecurity standards, lauding it for providing a "common lexicon" for discussion of cyber issues and development of the third-party risk management programs.

Trial Access to InsideCybersecurity

If you haven't already tried InsideCybersecurity, you can sign up for a free, one-month, no-obligation trial subscription right now. You'll have full access to everything InsideCybersecurity has to offer.

Form for a free trial

Already a subscriber? Click here to log in.