How should companies respond to and report data security breaches nationally? What cybersecurity practices and procedures reflect current best practices? Two federal agency actions provide new rules and guidance and show that the cybersecurity landscape is changing. First, the U.S. Securities and Exchange Commission (SEC) adopted new rules earlier this month that will (among other
The Internet of Things (IoT) segment has grown, and with it have come many examples of vulnerable products, from babycams whose feeds could be viewed by strangers online to hackable implantable cardiac devices. There are also infamous examples of botnets (i.e., clusters of hacked devices) featuring millions of IoT devices with one common trait: weak
As cyberattacks from a myriad of sources continue to proliferate and target organizations of all types and sizes, the Cybersecurity and Infrastructure Security Agency (CISA) continues to update its Shield’s Up webpage with specific cybersecurity guidance for organizations, CEOs, business leaders, and individuals. The stated goal is to “reduce the likelihood of a damaging cyber
With millions of Internet of Things (IoT) devices from phones to smart home censors flooding the market every year, effective cybersecurity to help mitigate risks to devices is vital. New guidance from The National Institute of Standards and Technology (NIST), IoT Non-Technical Supporting Capability Core Baseline (NISTIR 8259B), is intended to help manufacturers identify the
On August 31, 2021, the National Institute of Standards and Technology (NIST) released its draft white paper, DRAFT Baseline Security Criteria for Consumer IoT Devices. The draft white paper is in response to Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” which requires NIST, in collaboration with other agencies, to educate the public
On January 10, 2017, the National Institute of Standards and Technology (NIST) released an update to its Cybersecurity Framework, first issued in 2014. The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The new draft provides details on managing cyber supply
New research from security company Kaspersky Labs suggests that the use of ransomware is now so widespread that nearly every moment, a ransomware attack is being launched somewhere in the world on businesses and consumers.
Ransomware, or malicious software that infiltrates computer systems and uses tools like encryption to deny access or hold data “hostage”
In the rush of holidays and storms around the country (and weirdly warm weather here in D.C.), it was easy to miss that Congress finally approved the Cybersecurity Information Sharing Act (CISA). The bill was included in the middle of its omnibus spending package, the Consolidated Appropriations Act, 2016, Pub. L. 114–113 (Dec. 18,
