Cybergovernance Journal Update – 1/22/2016
While state actors plot further government and corporate breaches, strategies are being further refined to deal with them. Cybersecurity responses are moving from ineffective single-point plans to comprehensive structural risk responses.
The Great Train Robbery: 60 Minutes Exposes Chinese Economic Espionage
CBS News, Jan. 17
If spying is the world’s second oldest profession, the government of China has given it a new, modern-day twist, enlisting an army of spies not to steal military secrets but the trade secrets and intellectual property of American companies. It’s being called “the great brain robbery of America.”
Redefining the Attack Surface: Managing Complexity
Cybergovernance Journal, Jan. 18
The cybersecurity attack surface represents a significant liability for boards of directors. The best protection is assurance that all who operate within the organization are pursuing best practices to manage cyber risk. Boards must strive for policy implementation that is observable and measurable. An integrated approach that blends functional teams and demands support from managers will add depth to cyber capabilities.
SEC, FINRA Continue Cybersecurity Scrutiny in 2016
Financial Advisor, Jan. 19
“The prudence of the industry demands that cybersecurity be made a top priority, if not the No. 1 priority for financial firms in 2016,” says Michelle Jacko, CEO of Core Compliance and Legal Services. “It’s important that firms be mindful of the regulatory and the business risk that cybersecurity concerns entail.”
Cybersecurity Remains a Top Priority in Difficult Times
Oilweek, Jan. 20
With about 40 per cent of all cyber-attacks targeting energy infrastructure, there is increasing evidence oil and gas companies are taking the threat as seriously as they do health and safety… “About 263 days is the average time an attacker is in your network before you know he is there,” Nate Kube, chief technology officer and founder of Wurldtech, a GE company.
Don’t Wait for Congress to Act on Cybersecurity Standards
Business Insurance, Jan. 17
Growing cyber threats to the U.S. infrastructure and business call for action now, and the National Institute of Standards and Technology Cybersecurity Framework that arose from a 2013 executive order is a ready-made way to tackle the issue.
Better Connecting CISOs to Boards
Wall St. Journal, Jan. 15
Better linking of cybersecurity issues to the impacts they have on business activities and outcomes is one of the suggestions security analytics company Bay Dynamics said will help chief information security officers gain traction with boards… “As a security expert, your role is to be a risk leader who is tasked with presenting the most accurate and complete information possible so that the board understands its risk posture, can make decisions and has a yardstick to measure whether it’s getting better over time.”