Cyber Security in the Technology Age
New Law on Cyber Security Said to Help Secure Power Grid, Sensitive Information
- The new [link url=”http://www.natlawreview.com/article/president-obama-signs-cybersecurity-act-2015-to-encourage-cybersecurity-information” title=”Cyber Security Act of 2015“] was signed into law in December 2015 and provides government agencies and private companies legal protection when they share information regarding security risks and gaps that could lead to potential attacks.
- Legislative counsel for the [link url=”http://www.energybiz.com/article/16/01/cybersecurity-law-gives-feds-new-power-protect-grid” title=”ACLU is not happy, citing privacy violation concerns over consumer data being shared“] under the guise of a potential cybersecurity threat.
A Few Highlights of the Cyber Security Act of 2015
Passed by the 114th Congress, the [link url=”https://www.congress.gov/bill/114th-congress/senate-bill/754″ title=”Cybersecurity Information Sharing Act of 2015“]:
- Specifies the need to develop ways for information sharing between and among all private organizations, local, state, tribal, and federal agencies, along with the public, any threats that may impact cybersecurity and charges this task to the Director of National Intelligence, in conjunction with the Department of Homeland Security (DHS), the Department of Defense and the Department of Justice;
- Protects from liability those organizations and agencies listed when providing and receiving threat information voluntarily;
- Limits crimes for prosecution using this shared information to those offenses that include, among others, fraud and identity theft, espionage, and imminent threats of death, bodily, or economic harm, including those from a terrorist act or weapon of mass destruction;
- Charges the National Cybersecurity and Communications Integration Center with creating a process or system to report risks or incidents concerning the networks used by emergency managers for the interoperability coordinators statewide;
- Tasks DHS with developing a plan that should a cybersecurity event occur that impacts critical infrastructure entities, the results will not include “catastrophic regional or national effects on public health or safety, economic security, or national security.”
More on Cyber Security
- Citing a need for U. S. companies to be effective overseas, the Obama Administration is urging the [link url=”http://www.fedtechmagazine.com/article/2016/01/white-house-calls-us-involvement-developing-international-cybersecurity-standards” title=”creation of international cybersecurity standards by private industry and nongovernmental organizations“], while recognizing that federal agencies need to work together and with them to help the process.
- Governor Jay Inslee of Washington State [link url=”http://www.governor.wa.gov/news-media/inslee-announces-measures-strengthen-cyber-security-and-digital-privacy” title=”announced measures to help strengthen cyber and digital security and further protect critical infrastructure and government services“] through a creative partnership with the U. S. Department of Homeland Security. The partnership is meant to help develop defense strategies that will allow for the identification of vulnerabilities and and the prioritization of strategies to help defend against cyber attacks that can then be adopted by states and local governments.
- The [link url=”http://www.net-security.org/secworld.php?id=19288″ title=”Comcast XFINITY home security system could actually help thieves burglarize homes“]. In a system glitch, for which no fix has yet been developed, the [link url=”http://www.scmagazine.com/flaw-found-in-comcasts-xfinity-home-security-system/article/463488/” title=”wireless communications system can be disrupted“] to allow burglars to enter the home without setting off the alarm.
- A recent [link url=”http://arstechnica.com/security/2016/01/first-known-hacker-caused-power-outage-signals-troubling-escalation/” title=”cyber attack left thousands of Ukrainian homes without power“] for several hours.
- Electric industry leaders are urging [link url=”http://www.businessinsurance.com/article/20160107/NEWS06/160109890/-u-s-power-companies-told-to-review-defenses-after-ukraine-cyber?tags=%7C70%7C80%7C83%7C299%7C302%7C313″ title=”U. S. power companies to review cyber security defenses“] and if possible, increase layers of security to protect themselves from potential cyber attacks similar to the attack on the Ukraine.
- One website, [link url=”http://map.norsecorp.com/” title=”Norsecorp.com, claims to monitor cyber attacks in real-time“], with information on what country the attack originated in and what country was targeted.
— Washington State was chosen by the Department of Homeland Security for this [link url=”http://www.govtech.com/security/Washington-State-Announces-Federal-Cybersecurity-Partnership-Office-of-Privacy-and-Data-Protection.html” title=”innovative pilot program“].It
— New [link url=”http://www.washingtontimes.com/news/2016/jan/6/us-officials-look-towards-russia-while-investigati/” title=”evidence is beginning to add credibility to the suggestion that Russia was responsible for hacking“] the system.
— Reports indicate that [link url=”http://www.fox4now.com/news/concerns-over-us-power-grid-potential-risk-for-cyber-attacks” title=”people in the United States are concerned the nation is at risk“] for a [link url=”http://blog.trendmicro.com/us-electrical-grid-at-rising-risk-from-cyber-attacks/” title=”similar threat due to software and interconnectivity“].