Cybergovernance Journal Update – 2/11/2016

by | Feb 12, 2016

NIST Framework is gaining traction in government circles, but companies are still falling short of comprehensives solutions; instead relying on periodic risk assessments or throwing more experts at the problem.

Former spymaster to help fight cyber crime

Financial Times, Feb. 11
Mr. Weil says companies need to take a wider view of cyber risks. “A lot of cyber, because it is tech-borne risk, is in the hands of IT departments. But a lot of the risk is about people and processes, so it needs thinking about in a much broader way.”

Read Article (subscription required)

100 Ways to Improve Federal Cybersecurity

Ecommerce Times, Feb. 8
The NIST framework has gotten traction in the private sector as a sound baseline reference for dealing with cyberthreats — and it has relevance to government agencies as well.

Read Article

SEC Will Only Target Directors in Egregious Cases

Bloomberg News, Feb. 10
Lara Shalov Mehraban of the SEC said, “Where companies might find themselves in trouble with the SEC enforcement unit is if they “fail to take reasonable steps to protect their customers information from cyber attacks or where their cyber-related disclosures are materially false or misleading.”

Read Article

Cybergovernance: Are More Experts the Answer?

LinkedIn, Feb. 11
Even if adding a cybersecurity expert to each board were the best solution, the dearth of available talent prevents all but the largest companies from pursing this strategy.

Read Article

Why Depending on Cyber Risk Assessments is a Risk

SecurityWeek, Feb. 4
Any cybersecurity process that relies heavily on periodic risk assessments is not only giving the company a false sense of how safe they are, it’s reflecting energy and resources away from discovering, mitigating and/or preparing for real active and immediate cyber threats.

Read Article

Obama Wants More Cybersecurity Funding and a Federal CISO

CIO, Feb. 11
A central piece of that effort is the Digital Service team the administration has formed, a team of IT experts — many drawn from the private sector — who work with the in-house staff at various agencies to improve their technology operations.

Read Article

Be notified of new Journal entries in your email box or Follow us on Twitter.