Web Page sponsored by Cassidian
10 Apr 14. The U.S. government on Thursday urged companies to share information with each other about cyber threats and issued guidance making clear that doing so would not violate antitrust laws. The new push comes as many top retailers and other companies have suffered major data breaches. Most recently, the “Heartbleed” bug was found to have exposed personal data to hackers, prompting Facebook Inc., Google and others to take steps to mitigate the impact on their users. “Legitimate cyber threat sharing can help secure the nation’s networks,” James Cole, the No. 2 official at the U.S. Justice Department, told reporters in a briefing on new guidance the agency issued along with the Federal Trade Commission. If companies don’t discuss competitive information such as pricing or output when sharing cybersecurity details, they will not run afoul of antitrust laws, the head of the Justice Department’s antitrust division, Bill Baer, said. Cole said he had heard concerns from some companies that they felt restricted in sharing details of cyber threats with others because of antitrust concerns, but declined to name the companies or discuss specific problems that had arisen. Better sharing of cyber threat information among companies as well as between the private sector and the government have been a top concern in the U.S. government’s effort to bolster the cyber defenses of the nation’s critical industries. As part of the effort, President Barack Obama last year signed an executive order, making it easier for companies to access data about online threats that is held by the government, among other things. The government in February also introduced standards meant to help companies in nationally critical industries better defend against cyber attacks, though it is unclear how widely the voluntary measures are being adopted. Several high-profile breaches this year have put a spotlight on corporate cybersecurity, particularly the massive theft of about 40 million payment card records plus 70 million other records, including addresses and phone numbers, belonging to customers of No. 3 retailer Target Corp. (Source: Reuters)
17 Apr 14. U.S. weapons maker Northrop Grumman Corp on Thursday urged U.S. lawmakers to enact cybersecurity legislation that would limit the liability of U.S. companies and enable them to take more decisive action to protect their computer networks.
“We need to move to a place as a country where the legal framework matches the technology framework, or even gets within a decade of the technology framework,” Northrop Chief Executive Wes Bush told Reuters after a speech to the Economic Club.
“It has lagged so terribly today that it causes companies to be extraordinarily risk averse to doing some of the things that they really need to do to better protect the infrastructure,” said Bush.
He said it was critical to enact legislation that would allow better information sharing between industry and government on threats to computer networks. Northrop, which provides cybersecurity equipment and services to the U.S. Defense Department and other national security agencies, is participating in industry-wide efforts to improve cybersecurity and information-sharing, Bush said. U.S. lawmakers have been contemplating legislation to provide clarity about how private companies should be required to disclose security breaches and cyber threats, but disagreements over liability and other issues have thwarted passage of any cyber security bills thus far. High-profile data breaches at companies like Target Corp and recent revelations of the “Heartbleed” Internet security flaw have fed debate over who should pay to improve cybersecurity and how much information should be disclosed. There are also widespread concerns about possible attacks on industrial control systems that run U.S. nuclear power plants and