Archive for the ‘Cybersecurity’ Category

Closing the Gaps in EU Cybersecurity: Let’s Get It Right

posted by in Cybersecurity March 5, 2015

Bolstering cybersecurity is a challenge facing boardrooms and government officials around the world. While technology is enabling us to be smarter about how we communicate, create, and solve problems, it has also introduced new risks which must be managed.

In Brussels next week, Member States will meet in Coreper as they continue to work toward consensus on a Network and Information Security (NIS) Directive aimed at harmonizing cybersecurity laws across Europe. That is no small feat when negotiating among 28 countries. A report released this week by BSA charts just how big a task they have before them. (more…)

Malware Threats from Unlicensed Software: Real or Imagined?

posted by in Compliance and Enforcement, Cybersecurity February 18, 2015

It has long been assumed that there is a connection between unlicensed software and cyber security threats. In fact, BSA’s most recent Global Software Survey found that computer users cite exposure to cybersecurity threats from malware as the chief reason not to use unlicensed software.

Malware_ThreatsTo test whether this relationship is indeed real or imagined, BSA commissioned a new analysis from global research firm IDC comparing rates of unlicensed software installed on PCs with a measure of malware incidents on PCs across 81 countries. The results show there is a strong positive correlation between unlicensed software and malware encounters – the higher the unlicensed software rate in a country, the more malware (more…)

Using Legal Software to Reduce Cyber Vulnerabilities

Earlier this month, BSA member Microsoft partnered with the FBI and law enforcement authorities in more than 80 countries to break up a huge cybercrime ring that had managed to steal an estimated $500 million from bank accounts in the United States, Europe and Hong Kong. The perpetrators carried out their crimes by infecting millions of PCs with a virus that effectively turned them into zombies and then conscripted them into the service of malicious computer networks known as Citadel botnets. All told, the Microsoft-FBI–led enforcement operation took down 1,400 of these botnets. (more…)

How to Continue Improving CISPA in the Senate

posted by in Cybersecurity May 30, 2013

With last month’s House passage of the Cyber Intelligence Sharing and Protection Act (CISPA), the cybersecurity debate has now moved to the Senate, albeit quietly, as attention in the upper chamber has been intently focused on immigration. This lull in activity presents an opportunity for Senators to take stock of improvements that were made to the bill as it advanced through the House and begin forging agreement on what still needs to be done before the legislative process is over.

They begin in a good place, because there is widespread agreement (more…)

Sharing Cyber Threat Information: How It Would Work, and Why It Would Help Bolster Security

posted by in Cybersecurity April 15, 2013

The Cyber Intelligence Sharing and Protection Act of 2013 (CISPA), which aims to bolster America’s ability to anticipate and defend against cyber-attacks by improving the situational awareness of front-line IT professionals and law enforcement authorities, will be on the House floor this week. So it is worth taking a close look at how the information sharing it aims to encourage between the public and private sectors would work in practice to protect critical systems and safeguard people’s personal information. (more…)

When “Security” Regulations Overreach

posted by in Cybersecurity, Global Markets July 9, 2012

Cybersecurity has justifiably become a front-burner policy concern for governments around the world. But what happens when security regulations are effectively used to bolster the prospects of local firms at the expense of foreign competitors?

We are starting to find out, especially in emerging markets, where many governments have recently begun implementing security-related measures that stray far into the commercial sphere. The development of these overreaching security-related regulations is one of several IT-focused market barriers detailed in BSA’s latest policy report, “Lockout.” They not only create barriers (more…)

More Progress toward Compromise on Information Sharing

posted by in Cybersecurity April 19, 2012

“If your neighbor’s house gets broken into, you’d want to know about it.”

That was how John Landwehr, Vice President for Digital Government Solutions at Adobe Systems, put a fine point on the need for efficient and effective sharing of cyber threat information. He spoke at a packed briefing BSA hosted today on Capitol Hill to help educate House staff on issues involved in cyber legislation now pending in Congress.

Landwehr used the analogy of a home invasion to illustrate what information ought to be shared, with whom, and for what purpose: You would want to know how the break-in occurred so you could take appropriate steps to protect your house from the same type of crime. You would want others in the neighborhood to know, too, so they could (more…)

Time for a Final Push on Cybersecurity Legislation

posted by in Cybersecurity March 22, 2012

In an otherwise divided Congress, there is clear, bipartisan support for upgrading America’s cybersecurity capabilities. BSA believes this is an urgent matter of national and economic security; it cannot wait to be addressed. We also believe lawmakers are making significant progress. A number of House and Senate bills are pointed in the right direction, so it is time to hammer out the remaining details and get legislation passed.

In January, BSA outlined a series of policy priorities for cybersecurity legislation. Since then, Senate Homeland Security Chairman Joe Lieberman (I-Conn.), Ranking Member Susan Collins (R-Maine), and Commerce Committee Chairman Jay Rockefeller (D-W.V.) introduced a robust bill, the Cybersecurity Act of 2012 (S.2105), which covers the most important bases (more…)

Will 2012 Be the Year for Cybersecurity Legislation?

posted by in Cybersecurity December 22, 2011

Could it be that after years of false starts and dashed hopes, the logjam is about to break on cybersecurity legislation? It is too soon to be sure, but one thing is abundantly clear: There is significant movement in both chambers of Congress.

Senate Majority Leader Harry Reid has informed Minority Leader Mitch McConnell that he intends to bring comprehensive cybersecurity legislation to the floor in the first working period of the New Year. The ranking Republican members of four key Senate committees countered with a letter to President Obama urging that cybersecurity legislation focus on four near-term measures for which there would likely be broad support: information sharing, reforming the Federal Information Security Management Act (FISMA) (more…)

Guest Post: Key Steps Forward in Managing Cybersecurity Risks

posted by in Cybersecurity December 6, 2011

To understand the pressing need for effective cybersecurity policies, consider first how much we rely on information technology. In 2010, there were nearly 332 million personal computers in use in the United States — one for every man, woman, and child, with 20 million or so left over. In addition to all those PCs, there were another 148 million enterprise servers, tablet computers, eReaders, and smartphones exchanging both mundane and highly sensitive information across public and private networks. In fact, we rely on information technology for almost everything we do as a society — from personal tasks, such as paying bills and finding our way to new places, to matters central to the public interest, such as operating nuclear power plants and the country’s electricity grid.

(more…)