Home Tags Private sector

Tag: private sector

Maintel continues momentum with revenue growth of 114%

Successful integration of Azzurri expands Maintel’s core business, driving better than expected results in a highly competitive marketLONDON, UK – 20th March 2017 – Maintel, the fast growing provider of managed communications services for public and private sector enterprises today announced revenue growth of 114% to £108.3m underpinned by the successful acquisition of Azzurri in May 2016. The group’s core business, excluding Azzurri, was able to achieve 1% organic growth year on year, in a... Source: RealWire

Biden leads government call at SXSW for more (select) data transparency

Moonshot hopes, medical data sharing, and a “Cyber National Guard.”

NSA snoops told: Get your checkbooks and pens ready for a...

US Cyber Command boss lays out plans for next decade NSA and US Cyber Command boss Mike Rogers has revealed the future direction of his two agencies – and for the private sector, this masterplan can be summarized in one word.…

Here’s why a commercial space group endorsed NASA’s SLS rocket

Space Launch System? Falcon Heavy? New Glenn? Fly, then debate.

Draft Cyber Executive Order calls for immediate 60-day cyber miracle

Cabinet panel to identify “cyber adversaries,” fix government cybers now.

Kaspersky cybercrime investigator cuffed in Russian treason probe

Reports link arrest to receipt of money from foreign companies A top cybercrime investigator at Kaspersky Lab has been arrested by Russian police investigating alleged treason. Ruslan Stoyanov, head of the investigation unit at the Kaspersky Lab, is under investigation for a period predating his employment at the security software firm. "This case is not related to Kaspersky Lab," the company said. "Ruslan Stoyanov is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation.

The work of Kaspersky Lab's Computer Incidents Investigation Team is unaffected by these developments." Russian language reports by Kommersant link Stoyanov's arrest to an investigation into Sergei Mikhailov, deputy head of the information security department of the FSB (the Russian national security service).

Both were arrested in December as part of a probe over the receipt of money from foreign companies. Prior to joining Kaspersky Lab in 2012, Stoyanov worked in the private sector and before that served as a major in the Ministry of Interior's cybercrime unit between 2000 and 2006.
Stoyanov worked as lead investigator into a Russian hacking crew that extorted UK bookmakers through running DDoS attacks and more recently investigating the Lurk cybercrime gang. Forbes, citing unnamed Russian information security sources, said the case against Stoyanov was filled under article 275 of Russia's criminal code, meaning it could be handled by a military tribunal. Article 275 allows the Russian government to prosecute when an individual provides assistance to a foreign state or organisation regarding "hostile activities to the detriment of the external security of the Russian Federation".

This is a broadly defined offence that might be taken to cover the sharing of threat intelligence data with foreign law enforcement or intel agencies. ® Sponsored: Next gen cybersecurity.
Visit The Register's security hub

FCC Chairman Pai vows to close broadband “digital divide”

EnlargeccPixs.com reader comments 37 Share this story On his first full day as Federal Communications Commission Chairman, Republican Ajit Pai yesterday spoke to FCC staff and said one of his top priorities will be bringing broadband to all Americans. "One of the most significant things that I’ve seen during my time here is that there is a digital divide in this country—between those who can use cutting-edge communications services and those who do not," Pai said (transcript). "I believe one of our core priorities going forward should be to close that divide—to do what’s necessary to help the private sector build networks, send signals, and distribute information to American consumers, regardless of race, gender, religion, sexual orientation, or anything else. We must work to bring the benefits of the digital age to all Americans." Pai promised to "hear all points of view—to approach every issue with a literal open door and a figurative open mind," as the FCC "confronts this and many other challenges." Under previous Chairman Tom Wheeler, Pai voted against some items designed to bring broadband to poor people and rural areas.
In March 2016, he voted against an FCC order that updated the 31-year-old Lifeline phone subsidy program so that poor people can use a $9.25 monthly household subsidy from the Universal Service Fund to purchase home Internet or mobile broadband. Pai said he was willing to vote for the plan if its budget was limited to $1.75 billion a year, but the final order set it at $2.25 billion. In July 2014, Pai voted against a plan to devote an extra $5 billion over five years toward expanding Wi-Fi networks in schools and libraries, particularly in rural and urban areas where broadband is lacking. Pai predicted that the move would require increases in universal services charges on Americans' phone bills. In a related move later that year, the FCC voted to add 16¢ a month to individual bill surcharges in order to fund the expansion. Pai voted against the increase. In December 2014, the FCC decided that ISPs who accept government subsidies to build rural broadband networks must provide speeds of least 10Mbps for downloads and 1Mbps for uploads, instead of the previous 4Mbps/1Mbps standard.

The move was opposed by AT&T, Verizon, and cable industry lobbyists.

Commissioner Pai supported the speed increase, but dissented in part because he wanted to give ISPs 10 years to build the networks instead of the six years required in the order. Pai didn't offer any specific initiatives for closing the digital divide yesterday, but in September 2016 he outlined a "digital empowerment agenda." The plan included "remov[ing] regulatory barriers to broadband deployment," changes to pole attachment rules, and "dig once" policies that install broadband conduit when roads are dug up during any road and highway construction project. He also proposed setting aside 10 percent of spectrum auction proceeds for deployment of mobile broadband in rural areas. Pai suggested requiring mobile carriers to build out service to 95 percent of the population in areas where they have spectrum licenses; he noted that some licenses only required service for 66 percent or 75 percent of residents, a problem in sparsely populated rural areas.

At the same time, he proposed extending initial spectrum license terms from 10 years to 15 years to give the carriers more time to complete the construction. Pai also proposed creating "gigabit opportunity zones" in areas where average household income is below 75 percent of the national median.
In these areas, state and local lawmakers would have to "adopt streamlined, broadband deployment-friendly policies," and there would be tax incentives and tax credits for companies building high-speed networks. Also yesterday, Senate Democrats proposed $20 billion in broadband infrastructure funding as part of a $1 trillion infrastructure proposal. While it's not clear whether this specific proposal will get enough bipartisan support, Republicans backed the idea of including broadband in infrastructure spending, according to Morning Consult.

Ajit Pai, staunch opponent of consumer protection rules, is now FCC...

FCC Republican Commissioner (and soon-to-be Chairman) Ajit Pai.FCC reader comments 411 Share this story Update on Monday, January 23: President Trump today made it official, selecting Ajit Pai as chairman of the Federal Communications Commission. "I am deeply grateful to the President of the United States designating me the 34th Chairman of the Federal Communications Commission," Pai said in a statement. "I look forward to working with the new Administration, my colleagues at the Commission, members of Congress, and the American public to bring the benefits of the digital age to all Americans." Fellow Republican Commissioner Michael O'Rielly offered congratulations. [Pai's] "thoughtful approach, deep knowledge base, and sense of humor have been great assets to the Commission, and it makes sense that President Trump hand-picked him to carry out the new Administration’s broad vision for the agency," O'Rielly said.

Democratic Commissioner Mignon Clyburn also congratulated Pai, saying, "Ajit is bright, driven and committed to bringing connectivity to all Americans.
I am hopeful that we can come together to serve the public interest by supporting competition, public safety, and consumer protection.” Original story from Friday, January 20 follows: President Donald Trump will select Republican Ajit Pai to become chairman of the Federal Communications Commission, Politico reported today. "Two industry sources" who are familiar with the decision said an announcement could be made as soon as today, the report said. Pai would become chairman immediately, without needing to be confirmed by the Senate, because he is already a member of the commission. New commissioners must be approved by the Senate, but the president can select the chair from among the commissioners without any additional approvals. Pai was widely expected to be appointed chairman on at least an interim basis, but Politico says Trump is appointing him as a long-term chair.

That would mean Pai could lead the commission throughout Trump's four-year term in the White House. "Pai, who met with Trump in New York on Monday, had been seen by many as a top contender for the job given his reputation as a telecom law expert who’s comfortable in front of the camera," Politico wrote. "But his selection is also somewhat of a departure for the incoming administration, which has tapped people outside of Washington for many top positions." There's been no official confirmation of the decision yet, but we'll provide an update as soon as there is an announcement. We contacted Pai and his staff this afternoon but haven't heard back yet. Pai does need to be reconfirmed by the Senate by the end of 2017 in order to serve another five-year term as commissioner, but that's likely a formality. Pai was associate general counsel for Verizon from 2001 to 2003 and subsequently served as counsel for the US Senate Judiciary Committee, the US Department of Justice's Office of Legal Policy, and the FCC. Pai was nominated to the FCC by President Barack Obama at the recommendation of Senate Republican leadership. He was confirmed by the Senate in 2012. Pai consistently opposed consumer protection regulations during the three-year chairmanship of Democrat Tom Wheeler, who left the FCC today. Pai opposed net neutrality rules and, after Trump's victory, said those rules' "days are numbered." He also opposed lower rate caps for inmate calling, rules designed to give TV consumers cheaper alternatives to rented set-top boxes, rules that protect the privacy of ISP customers, an update to the 31-year-old Lifeline phone subsidy program to help poor people buy Internet service, a speed increase in the FCC's broadband standard, an investigation of AT&T and Verizon charging competitors for data cap exemptions, and preemption of state laws that restrict expansion of municipal broadband. Pai often argued that Wheeler's FCC exceeded its legal authority.
In some cases, he was proven correct.

For example, the municipal broadband decision was overturned in court, and the FCC lost several court decisions on inmate calling rate caps. On the other hand, Pai also argued that Wheeler's majority "us[ed] legal authority the FCC doesn’t have" when it passed net neutrality rules and reclassified broadband as a common carrier service. Wheeler won that battle when a federal appeals court upheld the net neutrality rules and reclassification. In his FCC bio, Pai argues that "consumers benefit most from competition, not preemptive regulation." After Trump's election victory, Pai gave a speech vowing to "fire up the weed whacker and remove those rules that are holding back investment, innovation, and job creation," and said that "during the Trump Administration, we will shift from playing defense at the FCC to going on offense." Consumer advocacy group Free Press was alarmed by the news of Pai's promotion. “Ajit Pai has been on the wrong side of just about every major issue that has come before the FCC during his tenure," Free Press CEO Craig Aaron said in a statement sent to Ars. "He’s never met a mega-merger he didn’t like or a public safeguard he didn’t try to undermine... Pai has been an effective obstructionist who looks out for the corporate interests he used to represent in the private sector.
If the new president really wanted an FCC chairman who'd stand up against the runaway media consolidation that Trump himself decried in the AT&T/Time Warner deal, Pai would have been his last choice." The FCC currently has two Republicans and one Democrat. One more Republican and one more Democrat could be appointed to give the FCC its typical composition of five members, with the president's party having a 3-2 majority.

More, cheaper, bigger, faster: The defense and cyber strategy of Donald...

Enlarge / Where's the defense and cyber-weapon procurement budget going, Mr. President-elect?Getty Images | Joe Raedle reader comments 75 Share this story Since Election Day, President-elect Donald Trump has taken an inordinate interest in some of the minutia of defense policy. His tweets (particularly about the F-35 Joint Strike Fighter and the Air Force One presidential aircraft replacement program) have sent shockwaves through the defense industry. The same is true of the cyber realm—particularly in his treatment of the intelligence community that currently dominates the US' cyber-defense capabilities. The one thing that is certain is that Trump wants more muscle in both departments, urging an increase in the number of troops, ships, planes, and weapons deployed by the Department of Defense; the end of defense budget sequestration; and an expansion of the US nuclear and ballistic missile defense arsenal. And he has also pledged a new focus on offensive "cyber" capabilities, as outlined by his campaign, "to deter attacks by both state and non-state actors and, if necessary, to respond appropriately." That sort of aggressive posture is not a surprise. But the policies that will drive the use of those physical and digital forces are still a bit murky. Considering the position Trump has taken regarding the North Atlantic Treaty Organization (NATO) and his attitudes toward Russia, Trump's statements may hint at a desire for a Fortress America—armed to the teeth and going it alone in every domain of conflict. Saddle up While not quite on a Reagan-esque scale, the Trump surge would (based on his statements) bring forces back above their active size during the wars in Afghanistan and Iraq (though less than during the 2007 "surge" period of the Iraq War). Trump declared that he'll add about 60,000 more active duty soldiers to the Army, increase the Navy's fleet to 350 ships, increase the Marine Corps' strength by over a dozen battalions (roughly 12,000 Marines), and "provide the Air Force with the 12,000 fighters they need." On the strategic front, Trump has tweeted that he wants to expand and improve the US military's nuclear capabilities, modernizing and increasing weapons to improve their deterrent value. The modernization effort had already been queued up by President Barack Obama's administration, including the new Long Range Strike Bomber program awarded to Northrop Grumman. But those investments have been at the expense of other military (particularly Air Force) programs. Trump has also proposed investment in a "serious missile defense system" based on updating the Navy's Ticonderoga-class guided missile cruisers' Aegis systems and building more Arleigh Burke-class guided missile destroyers. The ballistic missile defense version of Aegis and the Standard Missile 3 (RIM-161) missile it controls are currently only capable of intercepting short- and intermediate-range ballistic missiles, not intercontinental ballistic missiles; to have a chance at taking down a US-targeted threat from North Korea, for example, they would have to be very close to the launch site and hit it early in its launch (the boost phase). How will Trump pay for all this hardware? By "conducting a full audit of the Pentagon, eliminating incorrect payments, reducing duplicative bureaucracy, collecting unpaid taxes, and ending unwanted and unauthorized federal programs," whatever those might be. There's certainly some room in the budget to be gained through increased administrative efficiency, as a Defense Business Board report found that the DOD could save as much in $125 billion in overhead (though that number may have been slightly inflated, as it was based on corporate, and not military, business models). Cyber up On the cyber side, it appears Trump wants to put the military on point for cyber defense. The campaign platform pushed for the DOD to place a new emphasis on offensive capabilities, including making enhancements to the US Cyber Command—currently led by NSA Director Admiral Mike Rogers—to increase its offensive punch and turn it into an effective cyber-deterrence force. “As a deterrent against attacks on our critical resources, the United States must possess the unquestioned capacity to launch crippling cyber counter-attacks,” Trump said in a speech in October. Just exactly how that would work isn't clear. Given the difficulty of attribution—a point Trump made repeatedly in his castigation of intelligence findings of Russian interference in the election—the kind of very attributable cyber force that US Cyber Command would wield as part of the Strategic Command would likely not act as much of a deterrent to low-level intrusions, espionage, and information operations. Yet those make up the majority of what has recently been dumped into the "cyberwarfare" shopping cart. Trump's policy outline also calls for the Joint Chiefs of Staff to participate in Trump's vaunted "Cyber Review Team," contributing experts to evaluate "all US cyber defenses"—including critical infrastructure in the private sector—alongside law enforcement and experts from private industry. The Cyber Review Team, which may or may not have anything to do with the group being headed by former New York City Mayor Rudy Giuliani, has a big mandate: The Cyber Review Team will provide specific recommendations for safeguarding different entities with the best defense technologies tailored to the likely threats and will follow up regularly at various federal agencies and departments. The Cyber Review Team will establish detailed protocols and mandatory cyber awareness training for all government employees while remaining current on evolving methods of cyber-attack. On the domestic end, the Trump administration would seek to take the same model that has been applied to terrorism to the cyber side, creating joint task forces that put Department of Justice, FBI, and Department of Homeland Security personnel alongside state and local law enforcement to respond to "cyber threats." Nothing Trump or his proxies have said indicates any policy around shaping what "norms" in the world connecting the digital to the physical should be. If anything, Trump's position seems to be that a cyber-armed world is a polite world—or at least one that will be polite to the United States, the only confirmed state cyberwar actor to hit another nation's infrastructure (aside from squirrels). The eyes have it It will take some time to see how Trump's indifference toward the US' obligations toward allies will affect overall defense and cyber-security policy. But if reports are true regarding US intelligence officials warning allies of Trump's Russia ties and if Trump goes forward with weakening the US involvement in NATO, his views could significantly affect both—especially in the realm of digital intelligence collection. A weakened relationship with the other members of the "Five Eyes" group—the UK, Australia, New Zealand, and Canada—on a military level could impact the National Security Agency's (and the CIA's) ability to collect intelligence from infrastructure that has up until now been widely shared. Only one thing is for certain: the defense industry should be expecting an aircraft carrier full of dollars headed in their direction.

The war for cybersecurity talent hits the Hill

Many analysts and business leaders believe there is a severe need for qualified cybersecurity professionals in the U.S., something that has caught the eye of at least one key congressman. U.S. House Homeland Security Committee Chairman Michael McCaul (R-Texas) on Wednesday said more needs to be done to address the cybersecurity labor shortage. “I agree 110 percent that we need to strengthen the workforce” of cybersecurity professionals, McCaul said during a meeting with reporters at the National Press Club. McCaul was referring not only to cybersecurity workers needed for U.S. government agencies, but also for U.S. businesses that control the nation’s critical infrastructure, including the electric grid and electronic healthcare records. “Eighty percent of the malicious codes are in the private sector,” he said. The need to fill cybersecurity jobs has been top of mind recently because of cyber exploits like the two massive Yahoo breaches announced late last year.

Also, intelligence community revelations that Russia tried to influence the U.S. elections with various cyber-exploits have galvanized some U.S. lawmakers, including McCaul. Several experts have estimated the workforce shortage of cybersecurity workers in the U.S.—across multiple job titles—currently at 300,000 or more.

The most recently available analysis, from the U.S.

Bureau of Labor Statistics, said the shortage of such workers in 2015 reached 209,000.

Globally, the shortfall of cybersecurity professionals is expected to reach 1.5 million by 2020, according to data published by the National Institute of Standards and Technology. Despite such dire projections, there is at least one contrary point of view.

A DHS official said in a blog post in November that the cybersecurity skills shortage is a myth. For his part, McCaul plans to push for a cybersecurity agency within the Department of Homeland Security, partly to provide cyber assistance for national elections that are under state management. “DHS needs focus and resources,” he said. To fill cybersecurity job openings, U.S. companies have developed a number of strategies over recent years. Major corporations such as AT&T have established in-house re-training of IT workers to become cybersecurity professionals.

Also, AT&T has set up a rotational program so that a recent graduate can rotate through various departments at the company to become a well-rounded security expert. “The labor shortage is a huge problem. Nobody can get enough resources,” said Jason Porter, vice president of security solutions at AT&T, in an interview. “We’re excited to see a bunch of colleges have launched new programs around cybersecurity, so we’ll see more cyber talent.

But companies are still way behind. Right now, cybersecurity is paramount. We are actively retraining our own employee base.” Over the entire company, AT&T currently has more than 2,000 cybersecurity professionals, he said.

The company operates eight security operations centers globally and offers cybersecurity services to thousands of companies. While AT&T and other major companies are trying to adjust, the security challenges are greatest for small and mid-sized companies, analysts said. “Small and mid-sized businesses are suffering the most,” said IDC analyst Sean Pike. “They don’t have the money to pay for talent and not even for managed services.

They are sometimes hiring inexperienced talent, like a security generalist, who will move into a specialty in a year or two.
It’s really difficult to attract and retain the specialists.” Pike said he’s heard of security specialists moving into managerial roles in corporations who can make $250,000. One such manager moved into the vice president level and made $750,000, he said. With salaries at such high levels, smaller companies often have to resort to taking out an incident response retainer with a service provider for a year to protect against exploits. Analysts said it isn’t necessarily that there aren’t cybersecurity candidates available to fill positions, but there might be a lack of candidates to fill the positions that are open at the time. Gartner in a recent report said that there is a “war for cyber talent as organizations seek qualified candidates in an environment where demand outweighs supply.” Gartner noted that the Bureau of Labor Statistics expects the demand for cybersecurity professionals to increase by 53 percent through 2018. Gartner also said security budgets in U.S. companies are not increasing enough to keep up with salaries for cybersecurity professionals that have “skyrocketed.” The cybersecurity labor gap is already causing “major vulnerabilities,” said Gartner analyst Avivah Litan, in an email. “Many organizations are turning to outsourced and managed security services to fill their cybersecurity skill gap, but those managed services firms are facing their own recruitment challenges since there just aren’t that many skilled cybersecurity professionals to fill the gaps.” This story, "The war for cybersecurity talent hits the Hill" was originally published by Computerworld.

Donald Trump will take cybersecurity advice from, um, Rudy Giuliani

♪ Stop your messin' around, better think of your future ♪ The transition team for US president-elect Donald Trump has announced that former New York City mayor Rudy Giuliani will advise the incoming administration on how to secure America's digital infrastructure. We're told that the Donald may hold meetings with senior private industry executives with experience in online security. Giuliani will be in charge of organizing those confabs, based on his extensive experience in the infosec industry. "As the use of modern communications and technology has moved forward at unparalleled speed, the necessary defenses have lagged behind," the statement reads. "The president-elect recognizes that this needs immediate attention and input from private sector leaders to help the government plan to make us more secure. Mr Giuliani was asked to initiate this process because of his long and very successful government career in law enforcement and his now sixteen years of work providing security solutions in the private sector." Giuliani does have a long career in law enforcement as a lawyer in district attorney offices. After retiring as New York City mayor, he helped set up Giuliani Partners LLC, a management consulting and security business. While Giuliani was the front man for the operation, it's unclear what specific computer security knowledge he has. Certainly he didn't cover himself with glory on the security front as New York City's mayor. At the time of the September 11 attacks, Giuliani earned praise for walking the streets to reassure people, but there was a reason for this. Mayor Giuliani decided to put the city's emergency response center in the World Trade Center, against the advice of his security officials, who felt it was potentially a top terrorist target and wanted the center in Brooklyn. As a result, the center, in Building 7 at the WTC, was destroyed in the attacks. When you think about all of the top cybersecurity experts Trump could have picked, Giuliani looks like an odd choice. But then again, he has always been loyal to Trump, and the president-elect is a man who rewards his supporters. ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub

Rudy Giuliani to Advise Trump on Cyber Security

Giuliani sees cyber attacks as a major threat to innovation.

Former New York City Mayor Rudy Giuliani will serve as a cyber-security advisor to President-elect Donald Trump once he takes office, the Trump transition team announced Thursday.

Giuliani, who currently runs his own security consulting firm, will serve as a liaison between the Trump administration and private companies who are working to combat against cyber-security threats. Trump's announcement didn't specify a title for Giuliani, saying only that the former mayor will be "sharing his expertise and insight as a trusted friend concerning private sector cyber security problems."

The announcement did, however, hint at some of the threats Trump wants to address, including "hacking, intrusions, disruptions, manipulations, theft of data and identities, and securing information technology infrastructure."

Trump takes office as both private citizens and US companies have fallen victim to threats that were virtually unknown just a few years ago. Throughout 2016, multiple high-profile ransomware attacks targeted hospitals and other institutions, which often paid ransoms of tens of thousands of dollars each instead of pursuing even more costly data recovery methods.

The explosive growth in devices that make up the Internet of Things (IoT) has also contributed to threats, including a distributed denial of service attack using infected baby cameras and other IoT devices last fall that took large portions of the US Internet infrastructure offline.

Even as large corporations hire consulting firms like Giuliani's to fight back, experts have warned that lax security practices—especially among IoT device manufacturers—make them too easy to hack.

Giuliani's ability to affect change in his new position is unclear, especially given Trump's general skepticism about the Internet and computers. Giuliani tends to take the opposite view. He sees cyber attacks as a key roadblock to technological advances that can have a positive societal impact, especially when it comes to healthcare.

"Our lack of securing these things is holding back a tremendously important advance that would be a great way to reduce healthcare costs," he told PCMag in 2012. "There is a tremendous societal cost and it comes about because we haven't developed security for the Internet—the cloud—the way we should."