ISMG Security Report Interview with Ron Ross of NIST
ISMG Security Report recently interviewed Ron Ross, a computer scientist and NIST Fellow, about “revised guidance on how to get C-suite executives to help shape information risk management.” Listen to the full interview.
Three Reports Indicate Ransomware Getting Worse
Dark Reading summarized three recent reports that highlight how ransomware continues to grow in severity. The reports included the following insights:
SEC Announces Cyber Unit to Address Cybersecurity Risks
On Monday, the SEC announced the creation of a Cyber Unit in the wake of admitting a 2016 data breach. According to a press release, “The Cyber Unit will focus the Enforcement Division’s substantial cyber-related expertise on targeting cyber-related misconduct, such as:
In addition, “The unit, which has been in the planning stages for months, complements the Chairman’s initiatives to implement an internal cybersecurity risk profile and create a cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.”
FBI Director Christopher Wray Offers Views on Cybersecurity at Senate Committee Hearing
Installed as FBI Director on Thursday, Christopher Wray spoke about the importance of cybersecurity during a Senate Homeland Security and Government Affairs Committee on Wednesday. Talking about cyber, Wray said “Virtually every national security and criminal threat the FBI faces is cyber-based or technologically facilitated.” He identified foreign intelligence agencies, hackers for hire, organized crime syndicates, and terrorists as major cyberthreats and pointed out that it’s incredibly challenging to investigate cybercrime.
Deputy Secretary of State John Sullivan Says Permanent State Department Cybersecurity Role Will Get Created
On Tuesday, Deputy Secretary of State John Sullivan told the House Foreign Affairs Committee that a new permanent State Department cybersecurity role will get created despite Secretary Rex Tillerson’s elimination of the Cyber Coordinator role. According to NextGov, Sullivan said, “I can commit to you that cybersecurity, our whole cyber effort, will be elevated at the department beyond what it is now…” NextGov goes on to say, “Tillerson hopes to have all reorganization plans finalized and briefed to Congress by the end of 2017, Sullivan said.” Many people in the cybersecurity community have been worried that the State Department is not making cybersecurity a priority.
Senate Passes Schatz-Risch Small Business Cybersecurity Legislation
According to a press release, the U.S. Senate unanimously passed the Making Available Information Now to Strengthen Trust and Resilience and Enhance Enterprise Technology (MAIN STREET) Cybersecurity Act. This legislation was introduced by U.S. Senators Brian Schatz (D-Hawai‘i) and James Risch (R-Idaho), and the bipartisan bill will provide a consistent set of resources for small businesses to best protect their digital assets from cybersecurity threats. In addition, the MAIN STREET Cybersecurity Act will ensure that NIST considers the needs of small businesses as it updates the NIST Cybersecurity Framework.