NTSC Technology Security Roundup

Weekly News Roundup: February 12, 2018

Federal Cybersecurity News Roundup

Here’s a roundup of some important federal cybersecurity news from last week:

  • State Department May Consolidate Two Cyber Offices: According to The Hill, “A State Department spokesperson [said] that the two offices, the Office of the Cybersecurity Coordinator and the Bureau of Economic Affairs’ Office of International Communications and Information Policy, would be unified in order to form the proposed Bureau for Cyberspace and the Digital Economy.”
  • Brig. Gen. Jennifer Buckner Becomes Army’s Director of Cyber: The Department of Defense announced the promotion of “Brigadier General Jennifer G. Buckner, deputy commander, Joint Task Force-ARES, United States Cyber Command, Fort Meade, Maryland, to director of Cyber, G-3/5/7, United States Army, Washington, District of Columbia.”
  • White House Nominates Christopher Krebs as Under Secretary for National Protection and Programs, Department of Homeland Security: According to the White House, “Mr. Krebs is the senior official performing the duties of the Under Secretary for the National Protection and Programs Directorate (NPPD) in the Department of Homeland Security, where he oversees the cyber and physical infrastructure security mission for the Department.”
  • DHS S&T Awards $5.6M to Improve Cybersecurity Research: According to a press release, “The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) awarded a total of $5,643,466 across seven organizations to develop new tools to arm researchers with the latest insight and an increased collection of cybersecurity incident data to understand and counter cyberattacks.”

The Center for Internet and Society Releases New Paper on the Risks of “Responsible Encryption”

Riana Pfefferkorn of the Center for Internet and Society released a paper titled “The Risks of ‘Responsible Encryption’” that addresses concerns about vendors leaving open encryption backdoors for law enforcement. According to the paper’s abstract, “Federal law enforcement officials in the United States have recently renewed their periodic demands for legislation to regulate encryption. While they offer few technical specifics, their general proposal—that vendors must retain the ability to decrypt for law enforcement the devices they manufacture or communications their services transmit—presents intractable problems that would-be regulators must not ignore.”

Federal Agencies Want to Regulate Cryptocurrency Markets

After recent volatility in the cryptocurrency market, some federal agencies want to regulate these markets to reduce economic uncertainty. According to The Hill, “The two top U.S. federal agencies for regulating cryptocurrencies both say they want tighter oversight of the currencies, which have exploded in popularity and are increasingly used as an investment vehicle. The heads of both the Securities and Exchange Commission (SEC) and Commodity Futures Trade Commission (CFTC) testified this week that they would like to work with each other, the Federal Reserve and state regulators on a ‘coordinated’ strategy for bringing stability to the lightly regulated cryptocurrency market.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

  • Zscaler Releases February 2018 SSL Threat Report: According to Zscaler, threats in SSL have increased by 30%, phishing site activity has jumped by 300%, and the report notes “diverse and evolving malware payloads.”
  • 2018 Hiscox Cyber Readiness Report: According to the report, “Seven out of ten organizations fail the cyber readiness test” and “US organizations emerge as the most cyber-ready” compared to other countries and regions.
  • eWeek rounds up cybersecurity insights from six reports: eWeek recaps reports from Javelin Strategy and Research, Bromium, Menlo Security, Infoblox, ThreatMetrix, and PagerDuty that came out last week.

Proofpoint to Acquire Wombat Security Technologies for $225 Million

According to a press release, Proofpoint “has entered into a definitive agreement to acquire Wombat Security Technologies, Inc. Founded based on pioneering research into phishing attacks, Wombat is recognized by Gartner in the Leaders Quadrant of the Magic Quadrant for Security Awareness Computer-Based Training.” Proofpoint says that the acquisition will help its customers “use data from the most current phishing campaigns for simulations, and cyber security education for end users, an industry-first integration between market-leading protection and awareness solutions.”