Federal Cybersecurity Problems “Decades in the Making”

Yesterday, the House Oversight Committee received testimony from federal officials regarding the April 2015 cyberattack on the Office of Personnel Management (OPM), which compromised the personal information of approximately 4 million government employees and retirees, including social security numbers.  The executive branch delayed reporting the incident until June 4, much to the dismay of the House Committee. OPM head Catherine Archuleta was under fire for what Committee Chairman Jason Chaffetz, R-Utah, called the “most devastating” cyberattack in United States’ history.  Ms. Archuleta attempted to avoid…
Continue reading...

DOJ Issues Best Practices for Cyber Incident Response

The US Department of Justice, Criminal Division, Cybersecurity Unit has issued a 15-page best practices document “to assist organizations in preparing a cyber incident response plan and…in preparing to respond to a cyber incident.”  The document explains in detail steps necessary before, during and after a cyber attack or intrusion, summarized in a “Cyber Incident Preparedness Checklist” (see below).  “Any Internet-connected organization” is advised to review and adopt these best practices in order to provide a prompt, effective response to incidents, minimize resulting harm, expedite…
Continue reading...

Senator Seeks Answers from President on White House Cyber Attack

Chairman of the Senate Committee on Commerce, Science and Transportation, John Thune, has sent an open letter to President Obama to address the cyber attack on the White House’s unclassified computer system in late-2014. The breach, allegedly by Russian hackers, was according to Senator Thune “more extensive than previously known,” and accessed “a great deal of sensitive information, such as schedules, policy discussions, and e-mails sent and received by” Mr. Obama, “including exchanges with ambassadors.” Following increased attacks across Executive Branch departments and agencies, Mr.…
Continue reading...

NYDFS to Conduct Annual Cyber Assessments on NY Regulated Banks

Governor Andrew Cuomo of New York announced on May 6, 2014 that the New York State Department of Financial Services (NYDFS) would begin conducting “new, regular, targeted cyber security preparedness assessments of the banks [NYDFS] regulates.”  Governor Cuomo noted, Targeted cyber security assessments for banks will better safeguard financial institutions from attacks and secure personal bank records from being breached. When consumers sign up for online banking they expect their personal information to be secure and we are working to make sure financial institutions take…
Continue reading...

More Credit Card Security On the Way

There has been a spike in the number of reported credit card breaches in recent days, including the most well-known of them all, Target, which led to the eventual resignation of its Chief Information Officer. Now, the California Department of Motor Vehicles has reportedly experienced a possible breach of its online payment system. It has become clear that the current security measures are insufficient to protect consumers and the corporate entities catering to the credit card consumer. In this regard, both Visa and MasterCard have…
Continue reading...