Cybergovernance Journal Update – 1/15/2016
Companies and government entities started the year by better defining cybersecurity and how to protect themselves from cyber attack.
Cybergovernance Journal, Jan. 4
Attack surface isn’t an array of servers running software, nor is it limited to the administrators who guarantee the confidentiality, integrity, and availability of those resources. It’s the entire corpus of people who operate around and within that resource environment, and it is made vulnerable by the very nature of their jobs – to have access to resources. The appropriate question is not “how many endpoints” or even “how much data” but “how many people have access to those things?” This is the true attack surface.
NREL, Jan. 4
A new initiative underway at Energy Department’s National Renewable Energy Laboratory (NREL) is intended to prevent hackers from gaining control of parts of the nation’s power grid, potentially damaging electrical equipment and causing localized power outages.
The Kernel, Jan. 3
When it comes to the security of our personal information, 2015 may be the worst year on record. As of Dec. 29, according to a running tally kept by the Identity Theft Resource Center, the past year saw 780 data breaches at American corporations, government agencies, and nonprofits, with over177 million individual personal records were exposed out of a population of 319 million.
Metropolitan Corporate Counsel, Jan. 5
There are essentially three buckets, three segments, of a hack: cyberspies, who want to steal sensitive company information; cybercriminals, who hold this information hostage; and cyberactivists, who just want to embarrass a company for their own agenda. What are the similarities and differences in dealing with each of those components?
Property Casualty 260, Jan. 1
We have continued to see in 2015 once-in-a-lifetime growth in the insurance market, driven almost exclusively by Cyber insurance. And, growth trends are showing no signs of slowing. According to a survey conducted by RIMS, 74 percent of those without Cyber insurance are planning on buying it within the next one to two years. Likewise, total annual premiums for stand-alone Cyber insurance are projected to grow to $20 billion by 2025.
Cybergovernance Digest, Jan. 2
Cybersecurity breaches continue growing in frequency and impact. Responsibility for the effect of breaches has moved from IT managers and CISOs to CEOs and boards. The notion that a company’s protection must move beyond technology alone took firm hold this year. The “attack surface” will be redefined to include the number of individuals and their collective cyber training and awareness. The likelihood of significant cybersecurity compliance initiatives in 2016 from agencies and industry associations approaches 100%.