“First, the President is correct in his appreciation of the need to view cyber security as not just a technical and security issue, but as an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other.” ~ Congressional Testimony
Larry Clinton, president of the Internet Security Alliance (ISA), will testify tomorrow at a U.S. Senate Judiciary Terrorism and Homeland Security Subcommittee hearing titled, Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace.
The ISA will release a new cybersecurity report, which proposes frameworks for taking key issues in the Obama Administration’s “Cyberspace Policy Review” document to the next level, in an effort to achieve tangible progress. The report will include frameworks for creating a new, practical model for information sharing; addressing the international nature of cybersecurity issues; developing a market for adopting good security standards and practices; building a highly educated digital workforce; and managing the global IT supply chain.
ISA/AIA webinar - Testing In A Real Environment Leads to Faster Cyber Security Innovation; Electronic Self-Help - White Hats, Black Markets, and Grey Laws; Software Assurance Forum; ICSJWG 2009 Fall Conference; ISA/AIA Webinar - Supply Chain Issues in Cyber Security…
Internet Security Alliance (ISA) President Larry Clinton will describe the progress being made in the joint ANSI/ISA project to develop an enterprise wide cybersecurity framework Wednesday afternoon at the 8th Plenary of the Homeland Security Standards Panel in Washington DC.Internet Security Alliance (ISA) President Larry Clinton will describe the progress... more
Internet Security Alliance President Larry Clinton will serve as one of three private sector briefers at a unique senior level pan-government briefing on cyber security Friday, October 16 from 10:00am to noon. Although this meeting is closed to the press, ISA members are invited to attend...Internet Security Alliance President Larry Clinton will serve as one of three private... more
I’m not arguing for an eggshell model of security - crunchy on the outside, squishy on the inside - but it makes things much easier to be able to address an application server’s security requirements without the need to assume that whatever security you implement on an application level is all you will have.I’m not arguing for an eggshell model of security - crunchy on the outside, squishy... more
In Estonia the State Department has arranged for a series of meetings/lectures and discussions for Mr. Clinton. In addition to visiting the NATO Center Mr. Clinton will meet with representatives of the Estonian government, private sector entities, law enforcement, university and primary education professionals.In Estonia the State Department has arranged for a series of meetings/lectures and... more
Infected users are often spreading additional malware by having infected Web sites posted on their Webpage without their knowledge. Friends are then more apt to click on these sites since they appear to be endorsed by their contacts. Tips on avoiding these tactics…Infected users are often spreading additional malware by having infected Web sites... more
ISAlliance President Larry Clinton, in Estonia by request of the US State Department; Critical Infrastructure Protection (CIP) Congress; ISAlliance/CyLab Webinar; CMU Software Engineering Institute one day course: Creating a Computer Security Incident Response Team; ISAlliance/AIA Webinar; NIST 5th Annual IT Security Automation Conference; Illinois Institute of Technology 5th Annual VoIP Conference & Expo…ISAlliance President Larry Clinton, in Estonia by request of the US State Department;... more
I asked one of the sales guys from a major international backbone provider why they didn’t allocating a small portion of these IPs as tarpits? His response: ”Our mission isn’t to save the Internet.” Honestly though, it should be, it’d be in everyone’s interest to minimize capacity used by worms and bots and free bandwidth that could be used productively for other purposes.I asked one of the sales guys from a major international backbone provider why they... more
Ever wondered how much your online identity is worth to a cyber criminal? Cyber crime is now larger than the international drug trade. Nearly 10 million people have reported identity theft in the U.S. over the last 12 months and one in four households have already been victimized.Ever wondered how much your online identity is worth to a cyber criminal? Cyber crime... more
Thursday, September 24 at 2 Eastern: ISAlliance & AIA are pleased to offer an exciting FREE webinar: The Financial Impact of Cyber Risk. Virtually every company has calculated the benefits of electronic business into its business plans. Unfortunately, companies often fail to account for the financial downside that may result from cyber security attacks.Thursday, September 24 at 2 Eastern: ISAlliance & AIA are pleased to offer an exciting... more
ANSI Identity Theft Standards Panel webinar “Lessons from the Data Breach at Heartland” by Bob Carr, CEO of Heartland Payment Systems; Carnegie Mellon University Software Engineering Institute Insider Threat Workshop; U.S. Department of Homeland Security Critical Infrastructure and Key Resources; ISAlliance/NIST/DHS VoIP & Unified Communications Automated Security and Assurance Project; IT Sector Coordinating Council Protective Programs and Research and Development (PPRD)…ANSI Identity Theft Standards Panel webinar “Lessons from the Data Breach at... more
Please respond directly to DHS via the contacts below if you have any relevant information: The Station Fire in northern Los Angeles County, CA is threatening the Mount Wilson Communications Facility. Some other facilities determined to be of significant critical infrastructure and key resources (CIKR) are the NASA Jet Propulsion Lab, Mount Lukens and Mount Disappointment Communications Facilities, 33Kv, 220Kv power lines, and Gould power substation. The National Coordinating Center (NCC) needs input from its NCS partners regarding anticipated impacts to Federal communications systems and assets.Please respond directly to DHS via the contacts below if you have any relevant... more
Seattle man used Limewire for identity theft; CA auto-immune update trashes systems; U.S. appeals court cans CAN-SPAM suit; ‘Zeus Bot’ in Internet postcards; Storage reliability questioned after high profile outages; UC Berkeley School of Journalism server hacked; ActiveX overhaul in Microsoft patch batch; Microsoft Releases August Security Bulletin; WordPress bug resets admin password; Twitter knocked offline once again; UPS forced to encrypt devices after data breach…Seattle man used Limewire for identity theft; CA auto-immune update trashes systems;... more
Cyber security threats have reached a critical juncture. With attacks becoming more sophisticated and damaging, members of Congress and the Administration have taken note. The Obama Administration’s recent cyber security review highlights matters of high importance to many companies. More than ever, firms must stay on top of the rapidly changing world of cyber security, and must consider newly developed White House policies. Some priorities set forth include:Cyber security threats have reached a critical juncture. With attacks becoming more... more
The US Government must get its priorities right. Too often “cybersecurity” is confused with “anti-piracy.” The average Joe or Jane downloading copyrighted content from Youtube is not a cybersecurity issue, whereas organized gangs systematically collecting and exploiting personal data is a cybersecurity issue. One might question if the US government is devoting the proper time and attention to the cybersecurity issues that are truly most in need of national attention.The US Government must get its priorities right. Too often “cybersecurity” is... more
By Mike Spinney, CIPP, Privacy Analyst, Ponemon Institute - Here’s a brazen bit of breachery from the Miami Herald: It’s a neat little proposition: for a flat monthly fee, a data broker (of sorts) acquires medical records from a hospital employee and passes them through to a personal injury lawyer for a fee plus a percentage of his lawsuit earnings...By Mike Spinney, CIPP, Privacy Analyst, Ponemon Institute - Here’s a brazen bit of... more
Review the state of play of cyber security for the government and the private sector, including recommendations on how to create a more productive public-private partnership. Cyber security policies are rapidly expanding, indicating the critical threat faced by any organization using Internet-based technologies. In 2008, the Bush Administration launched the most comprehensive cyber security policy review in the federal government’s history. Soon after taking office, President Obama tasked the National Security Council to review our nation’s cyber security policy. In April, the first major bill calling for broad federal regulations and unprecedented power over private sector cyber systems was introduced in the Senate.Review the state of play of cyber security for the government and the private sector,... more
