Cybergovernance Journal Update – 9/2/16
As the cybersecurity market matures and grows, some organizations are refining their policies while far too many are still lacking any policy at all.
LinkedIn Pulse, Aug. 30
While most corporate directors accept that oversight of cybersecurity is included among their fiduciary responsibilities, many are unaware of the exposure they face if they fail to actively engage. The increasing proclivity by shareholders to pursue derivative suits against directors and officers after a breach, together with threatening statements from the SEC and regulatory actions by other agencies, is causing boards significant concern.
Newsweek, Aug. 31
It is critical that those responsible for corporate governance of cybersecurity and those responsible for the day-to-day defense against threats work together to protect the organization from harm. Unfortunately, significant gaps in knowledge, visibility, and trust between the two groups are jeopardizing the ability to quickly, efficiently, and effectively respond to cybersecurity threats, thus leaving the organization more vulnerable to a breach…
Zion Research, Aug. 25
The governments of various countries are increasing their investment in cyber security owing to developments in computer interconnectivity and remarkable growth in the computing power of government networks. The major drivers of this market include stringent government regulation on data privacy, and increasing cyber threats…
govloop, Aug 31
In the aftermath of a massive security breach and the resignation of its director, the Office of Personnel Management (OPM) has taken 2016 as an opportunity to re-evaluate internal processes and strengthen its cybersecurity defenses. OPM is making significant progress and Triplett emphasized how the agency is trying to build on the momentum already underway with these seven areas of focus…
WSJ, Aug. 26
The government’s powerful cyberspace administration is in charge of defining cybersecurity standards. For the first time, the body earlier this year allowed select foreign companies— Microsoft, Intel, Cisco, and IBM—to take an active part in drafting rules, rather than participating simply as observers…
CloudTweaks, Aug. 24
Keeping your live services up and running is difficult: your aggressive scanning and testing is essentially eating those services — to see if they are good or bad — at the same time you are trying to keep them all in one piece. We’ve even heard penetration testing on a live network described as “running fast while shooting at your own feet to see if your boots are really tough enough for the journey…”