Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
Mapping the Mal Web – The worlds riskiest domains, by Barbara Kay, CISSP, Secure by Design Group and Paula Greve, Director of Research, McAfee Labs “McAfee has found overall web risk is up from last year. We saw increasing risk in some already risky portions of the web, such as .INFO; some significant reductions in …
News release: “The FCC is launching the Small Biz Cyber Planner, an online resource to help small businesses create customized cybersecurity plans. This is the result of an unprecedented public-private partnership between government experts and private IT and security companies, including DHS, NCSA, NIST, The U.S. Chamber of Commerce, The Chertoff Group, Symantec, Sophos, Visa, …
News release: “McAfee today released the McAfee Threats Report: Third Quarter 2011, which showed that the Android mobile operating system solidified its lead as the primary target for new mobile malware. The amount of malware targeted at Android devices jumped nearly 37 percent since last quarter, and puts 2011 on track to be the busiest …
Evaluation Report – The Federal Energy Regulatory Commission’s Unclassified Cyber Security Program – 2011. OAS-M-12-01 November 2011. “The Commission had taken actions to improve its cyber security posture and mitigate risks associated with certain issues identified during our FY 2010 evaluation. While these measures are noteworthy, our current evaluation disclosed that additional action is needed …
“Building, operating and securing the Global Information Grid (GIG) for the Department of Defense is a complex and ongoing challenge. The Deputy Assistant Secretary of Defense (DASD) for Cyber Identity and Information Assurance has developed a strategy for meeting this challenge, which is available here: Build and Operate a Trusted GIG – Identity & Information …
“The NICE Cybersecurity Workforce Framework offers a working taxonomy and common lexicon that can be overlaid onto any organization’s existing occupational structure. Although much work has gone into this framework, we need to ensure that it can be adopted and used across the nation. We are actively seeking to refine this framework with input from …
The Socialbot Network: When Bots Socialize for Fame and Money – Yazan Boshmaf, Ildar Muslukhov, Konstantin Beznosov, Matei Ripeanu – University of British Columbia Vancouver, Canada “Online Social Networks (OSNs) have become an integral part of today’s Web. Politicians, celebrities, revolutionists, and others use OSNs as a podium to deliver their message to millions of …
Information Security Continuous Monitoring (ISCM) for Information Systems and Organizations (NIST Special Publication [SP] 800-137) “Information security continuous monitoring (ISCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. This publication specifically addresses assessment and analysis of security control effectiveness and of organizational security status in …
DOE IG Evaluation Report – The Department’s Unclassified Cyber Security Program 2011, DOE/IG-0856 October 2011 “The Department had taken steps over the past year to address previously identified cyber security weaknesses and enhance its unclassified cyber security program. While these were positive steps, additional action is needed to further strengthen the Department’s unclassified cyber …
All Your Clouds are Belong to us Security Analysis of Cloud Management Interfaces – Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono. In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. “Cloud Computing resources are handled through control interfaces. It is through these interfaces that the new …
This guidance provides the Division of Corporation Finance’s views regarding disclosure obligations relating to cybersecurity risks and cyber incidents, October 13, 2011 “For a number of years, registrants have migrated toward increasing dependence on digital technologies to conduct their operations. As this dependence has increased, the risks to registrants associated with cybersecurity1 have also increased, …
Executive Order — Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information, October 07, 2011 “This order directs structural reforms to ensure responsible sharing and safeguarding of classified information on computer networks that shall be consistent with appropriate protections for privacy and civil liberties. Agencies bear …
