This week's top news and views: NIST issues new guidance on securing public cloud; Senators say no Internet kill switch in their bill; Commission on Cybersecurity for the 44th Presidency sees slow progress; and ex-federal CIO and mom Karen Evans on computer security and kids.
Securing data in the public cloud isn't much different from other types of IT security. "It's the same advice we give for almost any deployment of IT because it is still the right thing to do," NIST Senior Computer Scientist Tim Grance says.
Cyberthreats stem from the malware, but monetary losses stem from money mules. I've decided to coin a new term: eFraud. I cannot think of a better way to describe the wave of fraud incidents the financial industry is facing. It's electronic.
"Once you get over the idea that we don't have permanent world peace, and people may need to attack each other in particular circumstances ... then maybe there's a lot of good things to say about cyberweapons," says Peter Sommer of the London School of Economics' Information Systems and Innovation Group.
NACHA's CEO says ACH-related fraud is often over-hyped, and occurs far less often than check- and payment card-related fraud. But when corporate accounts are breached, fraudulent ACH transactions lead to big financial losses.