How California Is Improving Cyber Threat Information Sharing

The California Cybersecurity Integration Center alerted its partners to the Thomas Fire along Interstate 5, before the largest wildfire in the state’s modern history was phoned in last December.

Someone had taken to Twitter to first report the blaze, and Cal-CSIC’s media scrapers—which plug into its automated threat feed—noticed.

Cal-CSIC, pronounced “cal-sick,” was created by Gov. Jerry Brown’s executive order in August 2015 to prioritize cyber threats to public sector agencies and expand into the private sector.

U.S. Seeks More Cooperation with Private Sector to Fight Cyber Attacks

The U.S. Department of Homeland Security on Tuesday said it will bolster collaboration with the private sector to defend the nation against cyber attacks by working more closely with industry to combat emerging threats.

Homeland Security Secretary Kirstjen Nielsen unveiled plans to set up a national risk management center where the government will initially work with financial firms, energy companies and telecommunications providers to help identify industry security weaknesses, develop response plans and run cyber drills.

The Two Biggest Disruptions To Cybersecurity Since The Invention Of The Firewall

One might consider the firewall the most significant invention in cybersecurity in the last 30 years. The firewall has certainly evolved since its inception in 1988 as simple packet filters, launching with stateful filters, then upgrading to its third-generation application layer firewall and more recently upgrading again to the next-generation firewall (NGFW).

While NGFW is certainly part of the cybersecurity stack, NGFW is no longer revolutionizing the way we protect our critical business assets.

Today’s cybersecurity strategies have been disrupted by two new models: the Zero Trust model and DevSecOps.

What Cyber Exposures and Coverage Gaps Keep Risk Managers Up at Night

Risk managers are very concerned about the cyber risks facing their companies and are heavily investing in protection against cyber attacks with the blessings of their boards and CEOs, a major shift from even just 10 years ago when convincing a company to worry about cyber was a big challenge for risk managers.

However, the new challenges for them include getting the right coverage from the insurance market and ensuring their companies have enough coverage in the event of a major breach, three risk managers on a recent panel at Advisen’s Cyber Risk Conference in San Francisco said.

Developing a Cyberattack Response Plan

Right now, somewhere in the United States, a cyberattack is happening. In fact, many cyberattacks are likely happening—which is why cybercrime damage costs are estimated to hit $6 trillion annually by 2021. Risk management professionals and executives are not only challenged by the volume of cyberthreats, but by their growing complexity as well.

Ransomware attacks, for example, were predicted to exceed $5 billion in 2017—up more than fifteen-fold from 2015—as organizations grapple with how to not only prevent these attacks but mitigate the financial losses and downtime they cause. Yet despite the trends, more than half (52%) of organizations that suffered successful cyberattacks in 2016 indicated in a Cybersecurity Ventures report that they would not make any changes to their security in 2017. And even for those that do update their cybersecurity plans, cyberattacks have become an inevitability for most organizations. As a result, developing a complete response plan for cyberattacks is essential to protecting your business and customers.

Cyber hacks cost up to $109 billion in 2016, U.S. estimates

(Bloomberg) --Malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016, the White House said Friday.

The estimate comes in a Council of Economic Advisers (CEA) report on the impact of cyber attacks on U.S. government and industry. The report details the range of threats that U.S. entities face from actors, including corporations and countries such as Russia, China, Iran and North Korea.

Subscribe to RSS - Cyber Security