Reuters – The latest problems on Chase.com came as intelligence officials said for the first time on Tuesday that cyber attacks and cyber espionage have surpassed terrorism as the top security threat facing the United States.
JPMorgan and other major U.S. banks, including Bank of America Corp and Citigroup Inc, have recently warned their investors that their sites have been attacked and that the assaults could continue. more> http://tinyurl.com/ajf9swm
By Steve Largent and Rick Boucher – The debate on cybersecurity has produced a sideshow centered around the belief that added security means a reduction in privacy.
Such views are nonsense. Quite simply, digital privacy cannot exist without cybersecurity. Weak security equals weak privacy. Want better privacy? Raise your security game to prevent hackers from stealing private data. Let the experts from the private sector and government communicate with each other so when they see threats, they can alert others and work together to create a solution. more> http://tinyurl.com/atuw8j7
By David Taber – The promise of cloud computing is that you, the customer, don’t ever have to buy another server, back up another disk drive or worry about another software upgrade. All those promises are true-and now there are multimillion-dollar companies without a single server closet. Cool.
Let’s look at three lessons too many companies have learned the hard way by making themselves vulnerable in the cloud.
- Lesson #1: The Cloud Never Forgets
- Lesson #2: Data in the Cloud Needs a Steward
- Lesson #3: Since the Cloud Replaces Internal IT, It Must Be Managed Like IT
By J. Nicholas Hoover – The National Institute of Standards and Technology (NIST) on Wednesday released the final public draft of the 455-page final public draft of NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, and announced that it was seeking comments on the document.
Special Publication 800-53 is the definitive catalog of security controls necessary to meet the federal government’s internal cybersecurity requirements such as the Federal Information Security Management Act (FISMA), and has begun to be adopted even by state and local governments and some private companies. more> http://tinyurl.com/am7kpg7