• Terrorism insurance should cover cyberterrorism: industry

    The Terrorism Risk Insurance Act(TRIA) is a federal backstop designed to protect insurers in the event an act of terrorism results in losses above $100 million. Industry officials question whether cyber terrorism is covered by the program, which is administered by the Treasury Department. Industry insiders note that terrorism risks have evolved since TRIA was enacted and cyberterrorism is now a real threat. TRIA should thus not simply be reauthorized with a blanket stamp of approval; instead there should be a discussion about whether acts of cyberterrorism should be explicitly included in TRIA.

  • NIST releases Preliminary Cybersecurity Framework

    The National Institute of Standards and Technology (NIST) on Tuesday released its Preliminary Cybersecurity Framework to help critical infrastructure owners and operators reduce cybersecurity risks in industries such as power generation, transportation, and telecommunications. In the coming days, NIST will open a 45-day public comment period on the Preliminary Framework and plans to release the official framework in February 2014.

  • Violin Memory: Winning over the intelligence community

    Violin Memory (NSYE: VMEM) is a recently IPO’d enterprise flash memory provider that has won installations across the most demanding branches of government, particularly in intelligence and homeland security. One advantage the company holds is a partnership with Toshiba, the world’s #2 manufacturer of NAND, which reportedly gives Violin insider-access to the unpublished R&D data, allowing for a product that has steadily performed steps ahead of the competition. The partnership also allows Violin to buy NAND at special “producer-like” prices from Toshiba, which in turn has enabled Violin to price more competitively, up to 50 percent lower than other providers. What is clear is that Violin’s technology adoption is growing exponentially within the security sector and other areas where data performance cannot be compromised and is mission critical.

  • Cybersecurity specialist Bromium raises $40 million Series C funding

    Cupertino, California-based Bromium, Inc. has raised $40 million in an Series C funding round led by new investor Meritech Capital Partners, with participation from existing investors Andreessen Horowitz, Ignition Partners, Highland Capital Partners, and Intel Capital. Bromium offers advanced malware protection and automated forensic intelligence products. Bromium’s vSentry uses Intel CPU and chipset features to hardware-isolate tasks that access the Web, attachments, and files that might contain malware, protecting the desktop by design.

    • view counter

  • Evaluating the IT security posture of business partners

    Evaluating the IT security of businesses is increasingly becoming a necessity when forming new business relationships. A start-up has launched a rating service, similar to a credit rating, to measure the security posture of a company based on a number of factors.

  • States eager to attract cybersecurity companies

    As the threat of cyberattacks grows, Maryland, Washington D.C., and Virginia want to cash in on the growing business of cybersecurity. Analysts say that several states are using tax breaks to get in on the $207 billion cybersecurity industry, which is expected to show “impressive growth” in the next five years.

    • view counter

  • Small, medium businesses suffer record levels of cyber attacks

    More small businesses than ever are facing the threat of losing confidential information through cyberattacks, according to research published today by the Department for Business, Innovation and Skills (BIS).

    The 2013 Information Security Breaches Survey has shown that 87 percent of small businesses across all sectors of the U.K. economy experienced a breach in the last year. This is up more than 10 percent and cost small businesses up to 6 percent of their turnover, when they could protect themselves for far less.

  • Governments, businesses should be “cyber-risk intelligent”

    Cyber-threats must require governments and businesses to be “cyber-risk intelligent.” Three general flows of information determine an organizational frame for cyber-risk intelligence: one that encompasses the awareness of the IT enterprise and its apparent health; a second that brings internal business activities into view; and a third that encompasses broader geopolitical and economic forces.

  • U.S. weighing retaliatory measures against China for hacking campaign

    As incontrovertible evidence emerged for the role of Chinese government in initiating and orchestrating the massive, sustained Chinese hacking campaign against U.S. private companies, government agencies, and critical infrastructure assets, the administration has intensified discussions of retaliatory measures the United States may take against China.

  • SSA 2013 will attract 600 exhibitors and more than 10,000 attendees

    Safety & Security Asia (SSA) 2013 is back for its 24th biennial presentation in Singapore on 7-9 May 2013 at Marina Bay Sands, Singapore. The Safety & Security Asia series is the most established event of Southeast Asia’s security market in the last twenty-four years, making it the a valuable platform for security technology companies to showcase their products and solutions to the region’s market, especially in the cyberspace arena. SSA 2013 will attract 600 exhibitors from thirty countries and more than 10,000 attendeesfrom forty countries.

  • Promoting mistrust: thwarting spear phishing cyber threats

    Information security experts say that the most challenging threat facing corporate networks today is “spear phishing”; generic e-mails asking employees to open malicious attachments, provide confidential information, or follow links to infected Web sites have been around for a long time; what is new today is that the authors of these e-mails are now targeting their attacks using specific knowledge about employees and the organizations they work for; the inside knowledge used in these spear phishing attacks gains the trust of recipients

  • Cybersecurity company using hackers own devices against them

    A California cybersecurity start-up, marketing itself as a private cyber intelligence agency, works to identify foreign attackers who are attempting to steal corporate secrets; it does so by  using the attackers’ own techniques and vulnerabilities against them; the company also collects data on hackers and tricks intruders into stealing false information

  • Cyber criminals target small businesses

    A recent study conducted by the National Cyber Security Alliance and Symantec found that 77 percent of small business owners in the United States think their company is safe from cyber criminals; trouble is, 83 percent of them do not have a cyber security plan

  • Sen. Rockefeller asks Fortune 500 CEOs for cybersecurity best practices

    Last month, Senator Jay Rockefeller (D-West Virginia) sent a letter to the CEOs of fortune 500 companies asking them what cybersecurity practices they have adopted, how these practices were adopted, who developed them, and when they were developed; many saw Rockefeller’s letter as an admission that the Obama administration does not have a basis for trying to impose cybersecurity practices on the private sector through the Cybersecurity Act of 2012, now stalled in Congress

  • More companies adopt cloud disaster recovery solutions

    More and more companies adopt a cloud disaster recovery solution; in a recent 2012 TechTarget Cloud Pulse survey, a majority of the 926 companies that responded have said they are now using a cloud disaster recovery system or plan to in the next six months