Request Demo

News Coverage

Cybersecurity Is Getting Its Own Agency

down-arrow

Without any notable opposition to the Senate’s version of the bill, the House agreed to a reorganization of the Cybersecurity and Infrastructure Security Agency (CISA) Act earlier this week, according to FCW
 
Replacing the National Protection and Programs Directorate, the new agency will oversee the cybersecurity of federal computer systems and will be a government liaison on cybersecurity issues with critical infrastructure providers, such as banks, hospitals and airports.
 
"This is just a new sign and a lick of paint on another DC bureaucracy. CISA is focused on securing federal infrastructure as a part of the Bush-era Frankenstein’s Monster DHS, so they will continue to spend vast amounts of money on systems, while 91% of attacks will succeed via phishing attacks,” said Colin Bastable, CEO, of Lucy Security
 
“From the perspective of protecting government departments, businesses and citizens against phishing attacks by 'upgrading' the security skills of the people, CISA will bring zero benefits," said Bastable. "Effective cybersecurity requires a holistic approach, securing people and systems as part of an integrated plan. The weakest points are the people – it only takes one successful attack.”
 
In addition to businesses needing to defend against cyber-attacks, there is also a need for federal, state and local government departments to protect themselves and a Federal Bureau of Cybersecurity to protect people, businesses and non-federal assets, according to Bastable. 
 
“This is a national issue: Americans treat consumer protection as a national priority, and yet cyber insecurity is treated as a fact of national life that we should somehow tolerate and accommodate," he said. "A dedicated Federal Bureau of Cybersecurity will treat cyber insecurity as the consumer safety issue that it is, and respond with serious intent to protect Americans as voters, social media users, health insurance consumers and taxpayers."
 
In order to effectively defend critical infrastructure, the government must be able to detect, respond to and recover from these types of attacks. George Wrenn, CEO and founder, CyberSaint Security, said, “As the former CSO of a global critical infrastructure organization, I've seen first-hand that adopting the National Institute of Standards and Technology's Cybersecurity Framework is a robust first step in lowering the cybersecurity risk in our government agencies and critical infrastructure organizations. The focus on cybersecurity for organizations such as these is critical to our safety as a nation, and I'm pleased to see this issue enter the spotlight." 

Originally posted on infosecurity-magazine.com

You may also like

CyberSaint Releases Governance ...
on July 9, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, the developer of the industry’s leading platform for automated, intelligent risk and compliance, today announced the general ...

Downgrade Of Equifax By Moody’s ...
on May 28, 2019

In response to this week’s downgrade by Moody’s of Equifax as a result of its 2017 massive breach of consumer data, six cybersecurity and risk experts offer perspective on this ...

Insights from Verizon’s 2019 Data ...
on May 9, 2019

$40 million stolen from the Binance cryptocurrency exchange yesterday by cybercriminals. Hackers infiltrating hundreds of Amazon merchant accounts late last year. The ongoing ...

CyberSaint Introduces First ...
on April 16, 2019

New CyberStrong™ integrated risk management platform capabilities deliver actionable vulnerability intelligence, single sign-on (SSO), various hosting options, and customer-facing ...

Should There Be ‘Safe Harbor’ ...
on February 20, 2019

Sometimes, you do the best you can, but things happen anyway. You follow all the best practices, all your systems are locked down, you spend twice as much as your peers on ...

Data Center Knowledge
CyberStrong Integrated Risk ...
on February 19, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, a cybersecurity software firm that powers automated, intelligent compliance and risk management, today announced that the company ...