Cybergovernance Journal Update – 12/18/2015
Cybersecurity breaches hit Apple and Scottrade customers. Recent articles discussed a potential increase in government surveillance via CISA legislation, a projected increase in shareholder lawsuits over cybersecurity lapses, and how the growth of cybergovernance may follow the path of financial reform.
Congress Slips CISA Into Budget Bill That’s Sure to Pass
WIRED, Dec. 16
In a late-night session of Congress, House Speaker Paul Ryan announced a new version of the “omnibus” bill, a massive piece of legislation that now includes a version of CISA as well. Lumping CISA in with the omnibus bill further reduces any chance for debate over its surveillance-friendly provisions.
Shareholder Cybersecurity Lawsuits Expected to Increase in 2016
Law.com, Nov. 18
A survey of 276 board members by NYSE Governance Services and security firm Veracode found 60 percent of respondents expect an increase in shareholder lawsuits against companies due to cybersecurity issues, while 72 percent expect more cyber-related regulation in the near future.
Cybersecurity Governance is Not Just a U.S. Problem
Cybergovernance Journal, Dec. 14
Just as highly publicized fraud cases drove changes in financial reporting over a decade ago, now a rash of highly publicized breaches is instigating the rise of cybergovernance. The loss of public and investor confidence due to financial risk propelled the quest for a legislative solution and the passing of Sarbanes-Oxley; the loss of public and investor confidence resulting from cyberattacks is fueling efforts to mitigate cyber risk.
64% Unlikely to Shop or Do Business Again With a Company After a Breach
Advisen Cyber FPN, Dec. 16
Only a quarter (25%) of all respondents feel that companies take the protection and security of customer data very seriously. More than twice as many respondents feel that the responsibility of protecting and securing customer data falls on the company (69%) versus the customer (31%).
Hack May Have Hit 4.6M Online Brokerage Customers
SecurityWeek, Oct. 2
Scottrade said in a statement it was notified of the incident by US federal officials who “recently informed us that they’ve been investigating cybersecurity crimes involving the theft of information from Scottrade and other financial services companies.” The company said it believes that “the illegal activity involving our network occurred between late 2013 and early 2014, and targeted client names and street addresses.”
Mac Anti-malware App Maker Stored 13M Customer Details in Plain Sight
HITBSecNews, Dec. 16
MAC USERS have been warned to be on the lookout after anti-malware maker MacKeeper exposed details of 13 million of its customers. The leak was revealed by Chris Vickery, a noted security researcher, who posted details to Reddit over the weekend. The data was obtained by Vickery with no exploit or hack.