Category: Uncategorized

Regenerative medicine is an emerging field of health care that has the potential to cure previously untreatable diseases, repair or replace human…
The United States and its global partners are experiencing a massive wave of cybercrimes. Here in the U.S., federal law enforcement have received…
American farmers, ranchers and other agricultural producers are increasingly facing the impacts of climate change. Federal insurance programs can help…
The IRS relies heavily on outdated computer software and hardware to perform its day-to-day operations. This includes things that would impact…
Stay informed as we add new reports & testimonies.

source

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and Girl Scouts of the USA (GSUSA) announced a new memorandum of understanding (MOU) today that formalizes the collaboration between the two organizations in their pursuit to bridge the gender gap in cybersecurity.  
According to a recent report by Women in CyberSecurity (WiCyS) and Cybersecurity Ventures, only about 25% of the global cybersecurity workforce is currently comprised of women. Yet, women make up 51% of the population. Without women pursuing careers in cybersecurity, the industry is missing out on a huge portion of the population’s talent pool. To close this gap, it is critical foster an interest in cybersecurity in young girls – even as early as grade school.  
“Yesterday, the Girl Scouts celebrated their 111th birthday and as we kick off Girl Scouts Week, I can’t think of a better way to recognize their impact on every community in America than to formalize our relationship so we can continue to work together to train the next generation of cybersecurity talent our nation so badly needs,” said CISA Director Jen Easterly. “It will take real collaboration to close the cybersecurity gender gap and I am thrilled to strengthen and solidify an already fantastic collaboration with GSUSA to help us get there. CISA and GSUSA share a common goal to close the gender gap in technology and to inspire the next generation of cybersecurity leaders.” 
CISA and GSUSA already have a history of working together. In 2017, CISA provided thought collaboration and helped steer the creation of GSUSA’s 18 cybersecurity badges. In less than five years, more than 315,00 cybersecurity badges have been earned by Girl Scouts. Additionally, in 2021, the Department of Homeland Security and CISA partnered with CYBER.ORG and GSUSA to launch the 2021 Girl Scout Cyber Awareness Challenge to help develop the next generation of diverse cybersecurity talent and strengthen our nation’s cybersecurity resilience.
Looking ahead, in July 2023, the agency will participate in the 2023 Girl Scout Convention at Phenom by Girl Scouts. CISA will also continue to share tips for girls and their families to stay safe online, not only as they navigate our increasingly digital world, but also as they learn entrepreneurship skills when selling their famous Girl Scout Cookies®.  
This MOU builds on CISA’s work to ensure the field of cybersecurity reflects the diversity of America because such diversity translates into diversity of thought, enabling better problem-solving. Closing the gender gap in cybersecurity can ease the cyber workforce shortage, which in turn will make the nation more ready and prepared to take on the threats of today and those of tomorrow. 
Last week, CISA announced an MOU with WiCyS and is already working to participate in their mentoring program which matches women working in cyber with newer women in the field. 
 
About CISA 
As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram. 

source

In this era of globalization and technology, related crimes have also evolved, resulting in the bubbling up of cybercrime. As the name suggests, the crime committed in a cyber or virtual world is defined as cybercrime. There is a plethora of cybercrimes; for instance, fraud with personal identity, banking or financial theft, selling and stealing corporate data, Cryptojacking and Cyberespionage, Ransomware attacks etc.

After the right to privacy was declared as an integral part of Article 21^[1] of the Constitution of India in the case of Justice K.S. Puttaswamy (Retd.) & Anr. Vs Union of India & Ors,^[2] this issue gained a lot more limelight. Firstly, the importance of privacy must be interpreted separately to understand the meaning of data privacy. Privacy does not have a well-framed definition, so it can be roughly defined as a person’s right to control the usage mechanism of their data. While surfing through the internet, they are not being monitored. Hence, data privacy is a subset of data security that deals with managing data, who is using it, and in what form.
Cybercrime And Data Privacy
“Cybercrime is a criminal offence on the Web, a criminal offence regarding the Internet, a violation of law on the Internet, an illegality committed with regard to the Internet, breach of law on the Internet, computer crime, contravention through the Web, corruption regarding Internet, disrupting operations through malevolent programs on the Internet, electric crime, sale of contraband on the Internet, stalking victims on the Internet and theft of identity on the Internet.”
Cybercrime affects the data privacy of consumers in many ways; distributed denial-of-service (DDoS) attacks are made by the hackers, which bring down the network for a while and in the meantime, the hackers enter into the system for further actions, identity theft is done against the consumer by gaining control over their personal information, it is hazardous as they may perform any criminal act on the name of the consumer, for example, they may hack the password of social media accounts etc., online scams also come under the purview of cybercrime where the promise of rewards and messages of credited amounts are made to the consumer to lure them into it. Phishing is the most common type of cybercrime, where malicious e-mails and attachments are sent to consumers to enter their systems.
The problem in the case of medical genetic data is also quite similar; the information is stored in the DNA banks, also known as genetic databases, which, although they hold several advantages, put up the personal data of individuals at stake. When the data fiduciaries take over this data, it becomes untraceable; hence, individuals do not know the usage and management of their data.
Cybercrime in India is growing continuously. In August 2019, a National Cyber Crime Reporting Portal was initiated by the Ministry of Home Affairs (MHA) to let people report cases of such crimes. The reported instances crossed all the limits, and the count went to more than three lakhs in less than two years. The reports also revealed that people from the cyber hub of the country, especially Maharashtra and Karnataka, were the most victimized.^[3]
In another report put forward by Indian Computer Emergency Response Team (CERT-In), it was revealed that “a total number of 1,59,761; 2,46,514 and 2,90,445 cyber security incidents about digital banking were reported during the years 2018, 2019 and 2020 respectively”.^[4]

Legislation To Tackle Cybercrime In India
There are no specific laws to deal with cybercrime. However, some sections of the IT Act 2000 and judicial interpretations are acknowledged in India. Yahoo! Inc. v. Akash Arora & Anr.^[5] was the first case in India related to cybercrime. The Court, in this case on the plea filed by Yahoo, granted the permanent injunction which refrained the defendant Akash Arora from using the trademark of Yahoo.
In Vinod Kaushik & Anr. v. Madhvika Joshi & Ors., the defendant was accused of accessing the e-mail of her father and father-in-law. The Court held the action unauthorized under Section 43 of the IT Act, 2000 and the defendant was made liable. Information Technology Act, 2000 (ITA- 2000) is India’s primary law dealing with cybercrime. It was amended in 2008 as the previous act lacked the provisions required to protect one’s sensitive personal information provided electronically. Section 43A^[6] was taught in the front, which mandates the corporate body to protect sensitive protection data or information. Without such protection, the body would be liable to compensate the aggrieved party. Furthermore, section 72A^[7] of the act prescribes the penalty for disclosing the personal data of a party by breaching a lawful contract; it says that “the person may be punished with imprisonment for a term not exceeding three years, or with a fine not exceeding up to five lakh rupees, or with both”.
Cybercrime is a real threat to an individual’s data privacy, including any kind of data stored virtually, whether sensitive or insensitive. The only law to tackle this issue in India is the already discussed Information Technology Act 2000, as amended by the Information Technology (Amendment) Act 2008, by which the judiciary had also given several landmark judgments. Cyberspace lacks any sense of privacy. The numerous websites that provide a range of services to their users repeatedly fall short in protecting their personal information. At least three times this year, hackers gained access to the Sony website, which includes the play station and music websites. Numerous pieces of personal information were stolen, and for over a week, consumers were kept in the dark about the breach. As a consumer, I find it difficult to picture other websites being able to defend themselves from assaults if a major corporation like Sony can’t keep its website safe from hackers. A new facet of crime has emerged with the growth of the Internet. The NCRB claims that the IT Act 2000 has given the harmed some relief. Despite this, as the NCRB investigation plainly showed, the IT Act will not totally stop criminals from hacking into websites. The perpetrators of the February 2000 cyberattacks are still at large, and each year there are further attacks on different websites.
Despite advances in passing and putting into practise cyber legislation, cybercrime has not yet been completely eradicated. Governments can only hope that a cybercriminal can be found and punished as there isn’t much they can do to stop it. In order to secure their personal information as much as possible, Internet users should be more cautious about the websites they visit and familiarise themselves with their privacy policies.

The author is a student at National Law University, Mumbai. Views are personal.
[1] India Const. art. 21.
[2] Justice K.S. Puttaswamy (Retd.) & Anr. vs. Union of India & Ors., (2017) 10 SCC 1.
[3] PTI, 3.17 lakh cybercrimes in India in just 18 months, says govt, The Hindu, (last visited Jan1, 2023) https://www.thehindu.com/sci-tech/technology/317-lakhs-cybercrimes-in-india-in-just-18-months-says-govt/article34027225.ece#:~:text=%22As%20per%20the%20data%20maintained,a%20written%20reply%20to%20a.
[4] PTI, Parliament proceedings | Over 2.9 lakh cyber security incidents related to digital banking reported in 2020: Dhotre, The Hindu, (Jan 5, 2023) https://www.thehindu.com/sci-tech/technology/over-29-lakh-cyber-security-incidents-related-to-digital-banking-reported-in-2020/article33757241.ece.
[5] Yahoo! Inc. Vs. Akash Arora & Anr., (1999) 19 PTC 201, Delhi High Court.
[6] The Information Technology (Amendment) Act, 2008, § 43A, The Gazette of India, pt. II sec. 1 (Feb. 5, 2009).
[7] The Information Technology (Amendment) Act, 2008, § 72A, The Gazette of India, pt. II sec. 1 (Feb. 5, 2009).

Subscribe to Live Law now and get unlimited access.
Already have an account? Sign In

source

Cybersecurity is a ‘resilient industry’ in spite of recession fears: CrowdStrike CEO  Yahoo Finance
source

The US government is continuing efforts to strengthen the country’s cybersecurity prowess as well as bolster its overall technology governance strategy.
Earlier this month, President Joe Biden released a new National Cybersecurity Strategy, which outlines steps the government is taking to secure cyberspace and build a resilient digital ecosystem that is easier to defend than attack — and that is open and safe for all.
“When we pick up our smart phones to keep in touch with loved ones, log on to social media to share our ideas with one another, or connect to the internet to run a business or take care of any of our basic needs, we need to be able to trust that the underlying digital ecosystem is safe, reliable and secure,” Biden wrote in the framework’s preface.
The strategy is part of a larger effort by the Biden administration to strengthen cyber and technology governance. This included efforts to increase accountability for tech companies, boost privacy protections and ensure fair competition online.
The world is increasingly complex and cyberthreats are growing more sophisticated, with ransomware attacks running into millions of dollars in economic losses in the US. In 2022, the average cost of a ransomware attack was more than $4.5 million, according to IBM.
The greatest risks we face are interconnected, creating the threat of a “polycrisis”, whereby the overall combined impact of these events is greater than their individual impact.
This is equally true of technological risks, where, for example, attacks on critical information infrastructure could have disastrous consequences for public infrastructure and health, or where growing geopolitical tensions heighten the risk of cyberattacks.
Cybercrime and cyber insecurity were seen by risk experts surveyed for the World Economic Forum’s Global Risks Report as the 8th biggest risk in terms of severity of impact, across both the short term (next two years) and over the coming decade.

In 2022, state-sponsored cyberattacks targeting users in NATO countries increased by 300% compared to 2020, according to Google data.
With cyberattacks on the rise, experts at the World Economic Forum’s Annual Meeting at Davos predicted that 2023 would be a “busy year” for cyberspace with a “gathering cyber storm”.
“This is a global threat, and it calls for a global response and enhanced and coordinated action,” Jürgen Stock, Secretary-General of the International Criminal Police Organization (INTERPOL), said at Davos.
The Forum’s Global Cybersecurity Outlook 2023 also found that 93% of cybersecurity experts and 86% of business leaders believe that global instability will have a negative impact on their ability to ensure cybersecurity over the next two years.

Robust cybersecurity is key to building on the promise of emerging technologies to enable growth and shared prosperity, while minimizing the perils they pose.
As Biden notes, “Cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and democratic institutions, the privacy of our data and communications, and our national defence.
“We must ensure the internet remains open, free, global, interoperable, reliable, and secure – anchored in universal values that respect human rights and fundamental freedoms.”

The COVID-19 pandemic accelerated the world’s digital transformation, which means we rely on connected devices and digital technology to do more than ever before – putting our lives and livelihoods at greater risk from cyberthreats.
The US’ National Security Strategy recognizes the need to rebalance the burden of responsibility for cybersecurity away from small businesses and individuals and onto the public and private organizations best placed to defend cyberspace through “robust collaboration”.
It also seeks to build cyberspace resilience by balancing the need to address immediate threats, with incentivizing investment in the secure, long-term future of the digital ecosystem.
The World Economic Forum’s Centre for Cybersecurity drives global action to address systemic cybersecurity challenges and improve digital trust. It is an independent and impartial platform fostering collaboration on cybersecurity in the public and private sectors.
Contact us for more information on how to get involved.
Each of the five pillars it sets out are broken down into strategic objectives, but here’s a quick overview of what they entail:
1. Defend critical infrastructure
To build confidence in the resilience of US critical infrastructure, regulatory frameworks will establish minimum cybersecurity requirements for critical sectors.
2. Disrupt and dismantle threat actors
Working with the private sector and international partners, the US will seek to address the ransomware threat and disrupt malicious actors.
3. Shape market forces to drive security and resilience
Grant schemes will promote investment in secure infrastructure, while liability for secure software products and services will be shifted away from the most vulnerable and good privacy practices will be promoted.
4. Invest in a resilient future
A diverse cyber-workforce will be developed and cybersecurity R&D for emerging technologies including postquantum encryption will be prioritized.
5. Forge international partnerships to pursue shared goals
The US will work with its allies and partners to counter cyberthreats and create reliable and trustworthy supply chains for information and communications technology.
In response to the need for global public-private collaborative efforts to address the growing cybersecurity challenges, the World Economic Forum launched the Centre for Cybersecurity in 2018.
The Centre’s community, which spans over 150 organizations from the public and private sector, has identified three key priorities: building resilience, strengthening global cooperation to address cyberthreats, and understanding future networks and technology to build trust.
To build resilience and help to protect critical infrastructure from cyberattacks, the Forum has convened stakeholders from across the oil and gas and electricity industries and developed best practices to address shared challenges. These include leadership responsibility for organizational security and resilience across the supply chain, among others.
Moreover, the Forum’s Partnership against Cybercrime initiative released recommendations for public and private organizations that aim to facilitate dialogue and cooperation on confronting cybercrime. Building on these recommendations, at the Annual Meeting 2023, the Forum — with support from Fortinet, Microsoft, PayPal and Santander — launched the Cybercrime Atlas, an initiative to map cybercriminal activities and identify joint public and private sector responses.
To ensure that technologies are more secure and trustworthy, the Forum also launched a Digital Trust Initiative that focuses on better decision-making around cybersecurity, privacy, human rights and ethics. The initiative’s latest report emphasizes the need for a comprehensive view on technology development that protects and supports individual citizens and their rights and values.
The Forum, in partnership with UC Berkeley’s Center for Long-Term Cybersecurity, is also working on the Cybersecurity Futures 2030 programme — a foresight-focused scenario planning exercise to inform cybersecurity strategic plans around the globe.
As the Forum’s Global Cybersecurity Outlook 2023 notes, cybersecurity is increasingly influencing how and where businesses invest, with half re-evaluating the countries they do business with. A lack of skilled cyber-experts is another threat to business and societies, the report found, with key sectors such as energy utilities reporting a 25% gap in critical skills.
The report also provides recommendations on what leaders can do to secure their organizations in the year to come.
About Us
Events
Media
More from the Forum
Partners & Members
Language Editions
Privacy Policy & Terms of Service
© 2023 World Economic Forum

source

Artificial intelligence (AI) and machine learning (ML) are valuable tools with wide-reaching applications. As AI becomes more advanced, it will increasingly become a core part of the security landscape. AI has both offensive and defensive applications, used to develop new types of attacks and create defenses against them.
Early Availability Program Request a Demo
AI is already used in security, and its role will continue to grow over time. Some of the benefits of AI for security include the following:
AI is a useful tool, but it isn’t perfect. Some of the challenges of implementing AI in security include the following:
AI has numerous potential applications in security. Some example use cases include:
AI is a powerful tool, but it can also be a dangerous one if used incorrectly. When designing and implementing AI-based solutions for security, it is important to consider the following best practices.
AI is a promising tool for security. It is ideally suited to solving many of the main challenges that security teams face, including large data volumes, limited resources, and the need to respond rapidly to cyberattacks.
However, AI is not a magic bullet and must be strategically integrated into an organization’s security architecture to be effective. A key part of using AI for security is identifying how AI can be best deployed to address an organization’s security challenges and developing a strategy for integrating AI into an organization’s security architecture and processes.
AI is only as good as the data used to train and operate it. An organization can enhance the effectiveness of an AI system by providing it with more, higher-quality data to provide a more contextual, complete view of an organization’s security posture.
However, AI’s data usage can create concerns. If the data is corrupted or incorrect, then the AI system will make incorrect decisions. Sensitive data provided to the AI system may be at risk of exposure. When developing an AI strategy, an organization should consider how it will ensure data quality and privacy when operating its AI system.
AI is a “black box” that operates using a model whose quality is dependent on the quality of the data used to train it. If that data is biased or unfair, the AI model will be as well.
AI systems can enhance security operations, but it is important to consider and address the ethical implications of their use. For example, if bias in an AI system could negatively affect an organization’s employees, customers, vendors, etc., then the AI system should not be used as the final authority when making those decisions.
The quality of an AI system’s model depends on the data used to train it. If that data is incomplete, biased, or out-of-date, then the AI system may not make the best decisions.
An organization using AI systems should periodically test and update their models to ensure that they are up-to-date and correct. This is especially true when using AI for security since the rapidly-evolving security landscape means that older AI models may be incapable of detecting newer attacks.
There’s no doubt that AI’s role in cyber security will only grow over time. Here are three predictions for how AI’s role in security will evolve:
AI and machine learning have received a great deal of attention in recent years, but the technology is in its infancy. As AI and machine learning technologies improve and advance, their utility and potential security applications will only increase.
AI is emerging and evolving in parallel with other technologies, such as 5G mobile networks and the Internet of Things (IoT). The integration of these emerging technologies has promising implications for security, combining IoT’s data collection and remote management capabilities with AI’s decision-making abilities.
Like many other industries, AI will have an impact on the security industry and job market. As AI is used to perform repetitive tasks and enhance security operations, human operator roles will increasingly focus on partnering with these systems to provide enhanced security at scale.
Check Point solutions already integrate AI to enhance their threat prevention capabilities. One example of how Check Point uses AI is Check Point Horizon XDR/XPR. To learn more about Horizon XDR/XPR and its use of AI for security, sign up for the Early Availability Program.
Endpoint Security 
Horizon XDR/XPR
Prevention Platform Powered by AI
Horizon XDR/XPR Solution Brief 
Advanced Endpoint Protection
Cloud Security
What is Threat Detection and Response (TDR)
Network Security
XDR Security
Cyber Security Threats

source

32% of CISOs or IT Security DMs in the UK and US are considering leaving their current organization, according to a research from BlackFog. Of those considering leaving their current role, a third of those would do so within the next six months.

This research, which explored the frustrations and challenges faced by cybersecurity professionals also highlights the impact that cyber incidents have on turnover and job security. It revealed that of those who had been a CISO or IT security leader at a previous organization, 41% either left, or were let go, due to an attack or data breach.
When asked about the aspect of their role that they disliked most, 30% cited the lack of work-life balance, with 27% stating that too much time was spent on firefighting rather than focusing on strategic issues.
However, their role in keeping their organization safe from cyberthreats was clearly valued, with 44% of respondents stating that the most enjoyable aspect of the job is being the company ‘protector’ and having the ability to keep everyone working securely.
“Cybersecurity expertise has never been more in demand; however, these numbers highlight a serious issue with retention in the field. Board members and the C-Suite must recognize that keeping a strong team of IT security leaders is essential for their company’s safety and security,“ said Dr. Darren Williams, CEO, BlackFog.
“Recruiting is a challenge globally, and with stiff competition to attract the best talent, organizations need to address the well-being and work-life balance issues that have persisted across the industry. Organizations do not want to run the risk of having a lapse in their security posture in the wake of losing their CISO.”
Escalating cybersecurity threats are driving new innovations to help organizations improve their cybersecurity posture, however, findings show:
There were several key positives reflected in this study, especially in the realm of Board’s expectations for the respondents. Findings show that 75% agree that there is a full alignment between the Board’s expectations of what they can achieve in their role and what they are equipped and able to deliver. In fact, 64% of respondents were able to complete their priority tasks within the first six months of their starting date. This may be down to the fact that, on average, 27% of IT spending goes towards the security budget.
“These results show us that while the security leaders’ role comes with huge challenges and enormous pressures, there are encouraging signs that Boards are listening to their needs and there is, broadly, a strong level of alignment in terms of their expectations and leaders’ ability to deliver on these,” said Williams.
“Adapting to a fast-changing landscape is key, however, and organizations need to ensure that their security teams are given the time and resources to devote to keeping pace with the latest thinking, frameworks and innovations designed to lower their cyber risk.”

source

A paper expanding on greater ability to intervene during hacks – especially on private companies – causes alarm among Coalition and Greens

Labor could face Senate difficulties if it tries to dramatically expand the government’s powers to directly intervene in companies’ IT systems during cyber-attacks.
Under existing laws – which were controversial when introduced by the former Coalition government – the Australian Signals Directorate has the ability to “step in” as a “last resort” in some emergency situations, but only for critical infrastructure assets.
A discussion paper released by the government on Monday proposes expanding the definition of critical assets to include customer data and “systems”.
That option would “ensure the powers afforded to government … extend to major data breaches such as those experienced by Medibank and Optus, not just operational disruptions”.
But the Coalition and the Greens – which together hold more than half of the seats in the Senate – have expressed reservations about changes that could dramatically expand the reach of the “step in” powers.
The shadow minister for cybersecurity, James Paterson, said the critical infrastructure laws and emergency step-in powers “were never intended to guard against data breaches but even more catastrophic attacks on our most systemically important businesses like telco companies and energy suppliers”.
“It would be a significant departure from the philosophy of those laws and the government would need to make the case it was justified and that ASD had the resources required for what would be a major task,” he said.
The Greens senator David Shoebridge, who is responsible for the party’s policy on digital rights, said the government had “not made a case to justify the expansion of these extraordinary takeover powers”.
Shoebridge said the existing laws were designed for critical infrastructure “and can’t simply be copy-pasted to solve another problem”. He said the nation could not “keep relying on reactive measures and god-like takeover powers”.
“Any powers must be strictly limited in scope and subject to close scrutiny and review, including full transparency in the way the powers are used to ensure people’s personal data is safe.”
While the Labor government has not yet drafted a bill outlining specific changes, it has opened a public debate by declaring it is “having a big look” at cyber laws.
The minister for home affairs and cybersecurity, Clare O’Neil, said the existing laws envisaged that in “limited circumstances it will sometimes be necessary for government to come in and assist an Australian company or organisation to help manage a cybersecurity incident”.
“The problem today is that those powers are very, very narrowly defined,” O’Neil told reporters in Sydney.
“The question Australians need to ask is when we look to 2030 and understand the growing, relentless, huge nature of the threat that we confront, do we want to equip government to be better able to support businesses and organisations when they are under that really serious cyber risk?”
O’Neil said the government was also considering making it illegal to pay ransoms to hackers in a bid to “reduce the fruits of ransomware for cyber criminals” and signal that “we are not a soft target”.
The discussion paper, written by the government’s expert advisory board, said the Optus and Medibank incidents had exposed “gaps” in Australia’s existing incident response functions.
“It is clear that a package of regulatory reform is necessary,” wrote the former Telstra boss Andrew Penn, the former air force chief Mel Hupfeld and the cybersecurity expert Rachael Falk.
Another option they suggested was a new cybersecurity act “drawing together cyber-specific legislative obligations and standards across industry and government”.
The paper said business owners “often do not feel their cyber security obligations are clear or easy to follow” and clearer standards would “increase our national cyber resilience and keep Australians and their data safe”.
Penn told the ABC’s 7.30 program the definition of critical infrastructure should remain under review because “the amount of things we’re doing online today has increased dramatically and that will only continue to increase in the future”.
“The more we do things online, the more they do potentially become vulnerable to malicious cyber activity,” Penn said.
Earlier, Anthony Albanese told a cybersecurity roundtable event that his government was concerned about increasingly prevalent “state-sponsored attacks” and other criminal acts seeking a profit, such as ransomware.
“Clearly as it stands, government policies and regulations, business sector systems and measures and our general awareness and capacity as a nation are simply not at the level that we need them to be,” the prime minister said.
“This is an ever-evolving threat and it will need adaptation from us and from business and government to make sure that we keep on top of this.”
The government also announced it would appoint a new coordinator for cybersecurity, supported by a national office for cybersecurity within the Department of Home Affairs, “to ensure a centrally coordinated approach”.

source

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search
WASHINGTON – Today, in recognition of International Women’s Day, the Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the signing of a Memorandum of Understanding (MOU) with Women in CyberSecurity (WiCyS) in order to work even closer together to bridge the gender gap in cybersecurity.  
The MOU outlines opportunities for the two organizations to formally partner on bringing awareness to the incredible careers in the industry and building a pipeline for the next generation of women in cybersecurity. WiCyS, a nonprofit organization dedicated to recruiting, retaining and advancing women in cybersecurity, shares a common interest with CISA to close the gender gap in technology and inspire the next generation of cybersecurity leaders.  
“As a senior leader in cyber, one of my top priorities is to inspire more women and girls to see themselves in cyber and join this exciting and impactful field,” said CISA Director Jen Easterly. “I was thrilled last year to join WiCyS at their annual conference where I announced a call to action of achieving 50% women and underrepresented minorities in the cybersecurity field by 2030. Today as we celebrate International Women’s Day, I can’t think of a better way to celebrate than to formalize our partnership and shared mission to bring more women into cybersecurity.”  
“We’re thrilled to be partnering with CISA to strengthen the community of women in cybersecurity and the greater cybersecurity workforce. Our collaboration will ensure that more women and other under-represented groups will have the tools and resources to jumpstart their career in cyber and be supported throughout their journey,” said Lynn Dohm, executive director of WiCyS. “CISA’s goals align perfectly with WiCyS’ mission to develop a stronger, more inclusive workforce, and we look forward to collaborating with CISA to recruit and retain more women in the field.” 
One activity the organizations will first pursue is CISA’s participation in WiCyS’ mentorship program. This program matches professional women in cyber with those women new to the field to help them prepare for advancement at all levels of their cybersecurity career.  
The cybersecurity workforce shortage is not only a concern within the U.S. government, but across the industry and across the nation. Watch Director Easterly’s remarks at the 2022 Women in CyberSecurity Annual Conference.
About CISA 
As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram. 

source

Hackers obtain personal data from 200K+ in southern Nevada casino data breach, class-action lawsuit says  KLAS – 8 News Now
source