White House ‘Debating Vigorously’ When to Respond to Cyber Attacks

Tuesday, March 5, 2013 | 8:01 AM 4 comments

With cyber threats on U.S. networks continuing to rise, the White House is in talks to determine when a cyber incident warrants a federal response.

Taking retributive action against individual and nation-state-sponsored hackers comes with risk, advised White House Cybersecurity Coordinator Michael Daniel during a speech Thursday at the RSA Conference in San Francisco.

“It’s really a question that we’re still debating and debating vigorously,” said Daniel. “The risk of misattribution, miscalculation and escalation in cyberspace are very real. As a government, any action we take in cyberspace must be considered against possible foreign policy implications and our desire to establish international norms of acceptable behavior in cyberspace.” Read more…

Executive Order Receives Mixed Reviews

Monday, February 18, 2013 | 10:26 PM 15 comments

Right in line with the rumors, President Obama last week issued the much anticipated executive order on cybersecurity just hours before making his State of the Union address.

The executive order, similar to previously leaked drafts, calls for the private sector to work –on a voluntary basis– with the government to protect the nation’s critical infrastructure and information from looming cyber threats.

“The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront,” stated the E.O. “It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”

However, critics of the executive order were quick to claim that it would not provide a clear path forward for maintaining privacy and civil liberties. Read more…

White House Cyber Order and Renewed CISPA Both Expected This Week

Monday, February 11, 2013 | 8:55 AM 8 comments

The White House may move to issue its long-anticipated executive order on cybersecurity this week, according to sources familiar with the plan.

The executive order, which the Obama administration has reportedly been revising for over six months, could be made public following the president’s State of the Union address on Tuesday night, sources told Bloomberg.

If issued, according to a recent leaked draft, the executive order would set voluntary cybersecurity standards for private sector entities controlling U.S. critical infrastructure, including a program for those companies to disclose cyber threat information to the federal government. Read more…

Fortune 500 Companies Back Cyber Reform

Monday, February 4, 2013 | 8:45 AM 4 comments

Many Fortune 500 companies support legislation to reform the nation’s current cybersecurity efforts, according to a new Senate survey.

Just one week after the Senate introduced the Cybersecurity and American Cyber Competitiveness Act, co-sponsor of the legislation, Sen. Jay Rockefeller (D-W.Va.), on Wednesday released findings from the survey, noting that many of the nation’s top companies are open to the idea of a voluntary federal cybersecurity program.

According to the report, many Fortune 500 companies agreed that a voluntary program would enable the private sector to work with the government to protect the country’s critical information and infrastructure from cyber attacks. Read more…

Senate Democrats Propose New Cybersecurity Bill

Monday, January 28, 2013 | 9:05 AM 4 comments

Strengthening the nation’s cybersecurity will be a priority for the Senate in 2013, according to a group of Democratic senators who on Wednesday introduced new legislation around the issue.

The bill, the Cybersecurity and American Cyber Competitiveness Act of 2013, was introduced by Sens. Jay Rockefeller (W.Va.), Tom Carper (Del.) and Dianne Feinstein (Cali.) and aims to take a comprehensive approach at securing U.S. networks to prevent the nation and its critical infrastructure from cyber attacks. Read more…

‘Red October’ Attack Goes Dark After Big Reveal

Tuesday, January 22, 2013 | 8:28 AM 7 comments

A sophisticated cyber-espionage campaign has been successfully penetrating diplomatic, governmental and scientific research organizations across the globe for nearly five years, according to a new report.

Dubbed “Red October,” the malware was first discovered by security giant Kaspersky Lab in October 2012, after the lab’s researchers began investigating a series of cyber attacks against international diplomatic service agencies. Read more…

CEOs Call for Increased Public-Private Cyber Collaboration

Monday, January 14, 2013 | 8:06 AM 5 comments

The key to effective cybersecurity is information sharing, according to a new report from a coalition of some of America’s top CEOs.

The report, which provides nearly 30 pages of strategy on “more intelligent, more effective cybersecurity protection,” was published Wednesday by the Business Roundtable (BRT), an association of chief executive officers of leading U.S. companies, including Boeing, Dow, MasterCard and P&G.

Asserting that a deeper level of public-private sector collaboration is needed to defend against emerging cyber threats, the BRT report offers up a cross-sector approach for increased information sharing and threat-informed risk management.  Read more…