NTSC Technology Security Roundup

Weekly News Roundup: April 10, 2017

Senate Commerce Committee Passes MAIN STREET Cybersecurity Act

Now up for a Senate vote, the bipartisan MAIN STREET Cybersecurity Act passed through the Senate Commerce Committee on Wednesday after its introduction by Senator Brian Schatz (D-Hawaii) last week. According to The Hill, the bill “would require the National Institute of Standards and Technology (NIST) to give simplified resources to small businesses that choose to use the institute's cybersecurity framework.” The bill also states that the resources will “include elements, such as simple, basic controls, to assist small business concerns in defending against common cybersecurity risks.” Both the United States Chamber of Commerce and the National Small Business Administration support this bill.

House Energy and Commerce Committee Explores Ways of Increasing Healthcare Cybersecurity Information Sharing

Acknowledging low participation by healthcare providers in information sharing and analysis centers (ISACs), the House Energy and Commerce Committee discussed ways at a hearing to reverse that trend. Discussion involved many healthcare stakeholders from the public and private sector and addressed concerns such as lack of incentives to share information, confidentiality issues around information shared, and no clear liaison between the private sector and Washington. According to the Regulatory Affairs Professionals Society, “Subcommittee on Oversight and Investigations chairman Tim Murphy (R-PA) said the healthcare sector has ‘long struggled to coalesce around the public-private partnership model, especially with respect to cybersecurity.’ Improving the public-private partnership around healthcare cybersecurity, Murphy said, is a ‘daunting’ task, owing to the array of different industries, interests and government agencies involved in delivering and regulating healthcare.”

F-Secure Acquires Mac Cybsecurity Company Little Flocker

Helsinki, Finland-based cybersecurity company F-Secure recently acquired Little Flocker, a technology security company that focuses on Macs. F-Secure plans on building Little Flocker’s advanced behavioral analysis and monitoring solution into its XFENCE technology. According to a press release, “F-Secure will further enhance its products' existing cyber security capabilities for the sophisticated detection of zero-day attacks, regardless of the platform customers choose.”

Information Sharing About Energy Cybersecurity Must Happen Both Ways, Private Sector Leaders Argue

During a meeting of the Senate Energy and Natural Resources Committee on Tuesday, energy sector leaders from the private sector said they need appropriate federal security clearances to facilitate information sharing between the public and private sectors. These leaders argue that the private sector hands over information related to cyberattacks and security threats to the federal government but that the information shared in return is limited. An article from MarketWatch states “while the Energy Department is the lead agency in dealing with energy sector cyberattacks, [Dave McCurdy, president and CEO of the American Gas Association] and other industry leaders said there are too many hurdles to getting the security clearances needed to fully share information.”