U.S. Senators Introduce Cybersecurity Bill to Protect Energy Grid
Senators Cory Gardner (R-CO) and Michael Bennet (D-CO) have introduced two pieces of legislation to protect the U.S.’s energy grids from cyber attacks. The bill would allow the Department of Energy to support states in creating a more comprehensive State Energy Security Plan. These plans will help to better equip states to secure their energy infrastructure against cyber threats, put actions in place in the case of energy disruptions, and help ensure each state has a resilient energy setup.
The bill would allow the DOE to use $90 million annually for four years to help states prepare their plans in case of a cyber attack on their energy grid.
Cybersecurity Workforce Gap Puts Organizations at Risk
(ISC)², a leading cybersecurity and IT security organization, released data highlighting a growing workforce gap in the cybersecurity field. According to the organization, there are over 313,000 cybersecurity jobs open across the U.S., with a supply/demand ratio of 2.3. The majority of the openings are in California and Virginia, followed closely by Texas, Maryland, and New York, among others.
This gap means that many organizations don’t have the cybersecurity staff necessary to adequately protect the company’s assets. When surveyed, 59% of cybersecurity professionals say that the workforce gap puts their organization at risk.
Marriot Hack Exposes Customer’s Personal Information
At the beginning of December, Marriott informed customers that they had fallen victim to a hack that impacts up to 500 million of their visitors. While Marriott doesn’t yet know the extent of information stolen, they believe that the majority of people affected may have had their name, address, phone number, email address, date of birth, gender, reservation information, passport number, and account information accessed.
In response to the hack, Marriott is cooperating with law enforcement to find the parties responsible. They also informed all affected customers and offered a one-year subscription to WebWatcher, which monitors the web for personal information.
CEOs Launch Cyber Readiness Program for Small Businesses
The Cyber Readiness Institute (CRI), created by global business leaders, has introduced the Cyber Readiness Program (CRP). The new program is designed to provide small- and medium-sized businesses (SMBs) with tools and resources to enhance their cybersecurity. The program focuses on protecting against four main cybersecurity issues: authentication, phishing, patching, and USB use.
According to a 2018 Data Breach Investigations Report published by Verizon, 58% of data breach victims around the world are small businesses. The CRP hopes to provide “best practices and proven tools for smaller business owners who do not have the same resources to invest in these efforts,” according to the co-chair of the CRI, Ajay Banga.
GDPR Compliance Still Presenting Challenges for Organizations
Even though the EU’s General Data Protection Regulation (GDPR) went into effect six months ago, 59% of enterprises say that their company is not compliant with the regulations. Adhering to the GDPR’s overarching regulations to improve cybersecurity and protect data are costing companies significantly more than originally expected, with the majority of costs going towards educating internal employees.
Despite the challenges, over half of the organizations surveyed believed that the GDPR remains a good standard security practice, and 30% foresee a global shift towards more stringent privacy rules.