For years now, lawmakers and regulators across both public and private sectors have eagerly sought to institute measures aimed at bolstering the cyber security standards of organizations such as government agencies, non-profit groups and large-cap enterprises. While a few efforts such as the Sarbanes-Oxley Act and regulatory advancements by the PCI Security Standards Council have made some progress in this respect, there still remain many gaps in terms of the high-order initiatives required to truly take a stand against the aggressive, expanding cyberthreats of the day.
Recent developments have shown, however, that officials in every corner of the digital environment are finally ramping up their efforts to more adequately defend the nation's networks in private and public channels, with two progressive leaps made this past week. With momentum and awareness building across businesses and public interest groups, the future is looking brighter every day for the U.S. in its efforts to shore up cyber defense and remain ahead of the curve in the global arena.
Senate makes a breakthrough
It was a long time coming, but according to a recent article from Delaware news provider WBOC-16, the Senate has officially given the green light on the National Cybersecurity Protection Act of 2014, as revealed by Senate leaders Tom Carper and Tom Coburn. The legislation reportedly serves to designate central cyber security authority to a unit within the Department of Homeland Security, which now bears the title of the National Cybersecurity and Communications Integration Center. This legitimizes the operation of this command center, which will now hold greater power in federal strategy.
"Cyber security is one of the biggest national security challenges our country faces. Our laws should reflect that reality," Chairman Carper said in a release, according to the source. "By codifying the Department of Homeland Security's existing cybersecurity operations center, the National Cybersecurity Protection Act of 2014 bolsters our nation's cybersecurity while providing the Department with clear authority to more effectively carry out its mission and partner with private and public entities."
WBOC-16 also explained how the new codification will strengthen the links between the federal government, civilian information protection and the security efforts of the private sector. With a centralized authority finally solidified under these mandates, leaders plan to take a more collaborative and interactive approach to security with these distinct stakeholders and create a coalition that takes on digital adversaries as a nation united on all fronts.
Craking down on Wall Street
Aside from the federal government, the financial services sector is perhaps the most heavily threatened group within the digital domain, housing highly valuable and private information that cybercriminals target with great precision and determination. According to The Hill, regulators are looking to fortify the defensive strategies of participants in this sector by instituting a more thorough security assessment process, such as a new examination introduced this week by the New York Department of Financial Services.
"Cyber hacking is a potentially existential threat to our financial markets and can wreak serious havoc on the financial lives of consumers," NYDFS Director Benjamin Lawsky reportedly said in a statement Wednesday. "It is imperative that we move quickly to work together to shore up our lines of defense against these serious risks."
The new assessment is slated to include more in-depth evaluations of firms' tech vendor partnerships, employee security training measures, intrusion detection and reaction plans, as well as the quality of their insurance plans. Ideally, a more stringent examination process will encourage financial services leaders to reflect on their existing and future security strategies and make a change for the better.