Cybersecurity Goals to Guide Federal Software Spending

4 May 2016, by John K Higgins

The US government is on track to greatly increase its spending on cybersecurity. However, the evolving requirements in improving federal protection of information technology resources would shape the spending. One report concludes that federal spending on cyberprotection is inevitable regardless of any political partisan differences on the federal budget. Technavio reports that the US Federal cybersecurity market was valued at $5.9B in 2015 and will grow at a compound annual rate of 8.3%, eventually reaching $8.8B by 2020

http://www.ecommercetimes.com/story/83459.html


A New Narrative on Cybersecurity

4 May 2016, by Dan Perrin

Article states that there is currently no product liability for software, due to the End User License Agreement (EULA), which dramatically effects cybersecurity. Software vendors issue codes with exploitable known vulnerabilities in them i.e. bugs in code that have been publically announced. According to the 2015 Verizon Database Breach Report, 97% of data breaches came from known vulnerabilities. The Royce Bill is one piece of legislation that can effect enforced discipline on the cyber supply chain.

http://thehill.com/blogs/congress-blog/technology/278712-a-new-narrative-on-cyber-security


HR and IT: The Dynamic Duo in Fighting Cybersecurity Risks

4 May 2016, by Andie Burjek

The flexibility of the workspace brought on by mobile technology and cloud sharing has significantly increased the amount of threats in cybersecurity that companies face. IT and HR departments make a compatible team in cybersecurity because most threats come from inside companies. HR departments can contribute in two types of threats. The first type is from well-intentioned employees that make a mistake such as using personal e-mails or sharing confidential information on social media. The second-type of threat that HR can combat are from disaffected employees, being able to target early warning signs of disloyalty while IT departments have the technical skills to put security measures in place.

http://www.workforce.com/articles/22016-hr-and-it-the-dynamic-duo-in-fighting-cybersecurity-risks


Has Market Consolidation Killed VC Investment in Cybersecurity Startups?

27 April 2016, by Alexander Sword

Analysts at 451 Research, propose that the industry is in the middle of the “second great endpoint security consolidation”; with the first starting in 2001 with Checkpoint’s acquisition of Zonealarm and ending in 2009’s McAfee’s acquisition of SolidCore. This symbolizes the change in logic behind pushing unified-platforms being about optimizing costs to one of technical efficiency. Buyers and vendors have realized that security products are not usually successful when they operate in isolation.  The impetus for consolidation comes from consumers who want less vendors, not more.

http://www.cbronline.com/news/verticals/finance/has-market-consolidation-killed-vc-investment-in-cyber-security-startups-4876842


Why one Cyber security firm Thinks China has Soured on Hacking

22nd of April 2016 By Josh Chin

There is a growing decrease in hacking activity coming from Advanced Persistent Threats (ATP, or state-sponsored hacking groups). Industrial espionage on designs and products via cyberspace has become less rewarding for Chinese businesses, whom have turned to M&A or partnering with foreign firms. This comes to light under the threat of US-imposed sanctions against Chinese firms who benefit from cybercrime. Despite the decrease in hacking, what could happen is that ATP groups start targeting information crucial for M&As or financial statements and insurance policies can be stolen.

http://blogs.wsj.com/chinarealtime/2016/04/22/why-one-cybersecurity-firm-thinks-china-has-soured-on-hacking/


Databases Remain Soft Underbelly of CyberSecurity

21st April 2016 by Ericka Chickowski

In a survey put out by Osterman research, of 200 firms, most orgs do not assess their databases continuously and lack the capability to identify breaches in a timely fashion. The survey showed that 47% of respondents don’t have a team or individual to oversee the security of their databases. For 44% of the organizations, it would take a week or longer to identify breaches in their databases. The issue is a serious one for decision makers who cannot identify successful security compromises because they would be unaware that a particular debate took place.

http://www.darkreading.com/application-security/database-security/databases-remain-soft-underbelly-of-cybersecurity/d/d-id/1325216


Cybersecurity investment pays more than monetary dividends
Companies are investing in cybersecurity startups to reap the benefits of working with problem-solving technology.
http://searchsecurity.techtarget.com/feature/Cybersecurity-investment-pays-more-than-monetary-dividends


Following hacks of Sony Pictures and OPM, cybersecurity firms are securing big investments
Despite stock-market turmoil and unease in the venture-capital community, cyber security companies are raising large rounds of financing from investors, whose tremendous appetite for high-tech defenses against cyber attacks is not expected to subside even in a market correction.
http://fortune.com/2015/09/23/cyber-security-investing/