CA Technologies Addresses U.S. Congress on Cybersecurity Act of 2015
15 Giugno 2016 - 4:00PM
Business Wire
Mordecai Rosen, senior vice president and general manager for
the cybersecurity business at CA Technologies (NASDAQ: CA), joined
industry representatives to testify before the U.S. House Homeland
Security Subcommittee on Cybersecurity, Infrastructure Protection,
and Security Technologies. Rosen assessed implementation of the
Cybersecurity Act of 2015, offered recommendations to help bolster
participation in cyber threat information sharing programs, and
highlighted new cybersecurity challenges facing the government and
commercial sectors.
“Identity has become the attack vector of choice for cyber
criminals. It is the single unifying control point in the
application economy, critical to accessing all apps, devices, data
and users,” said Rosen. “The Cybersecurity Act of 2015 includes
guidance that addresses the need for identity protection,
multi-factor authentication, and least-privilege access controls to
better protect the critical systems and infrastructure of our
nation and our industries.”
Three core questions around the Act’s information sharing
authorization relate to the timeliness and security of the
information, and the liability protections afforded to
participating organizations.
“To effectively thwart attacks, organizations will need to know
that the information they receive through this program will be
timely, accessible and actionable,” Rosen said. “Just as important
as the timeliness, they will need to know that the shared
information is secure. Trust is vital to the success of this
program, and industry needs to know that the participants in the
program are authenticated and that the data they share and receive
is legitimate.
“Finally, further clarification is desired around the liability
protections for sharing information with other private sector
organizations and the automated removal of personally identifiable
information,” Rosen added.
Rosen also outlined three recommendations related to specific
provisions within the Cybersecurity Act of 2015:
- Liability protection.
“Cybersecurity information sharing is based on trust, and this
trust needs to be underpinned by a strong understanding and
certainty for participating companies that they have targeted
liability protection for the data they share or receive. We
encourage the DHS to actively engage with industry and legal groups
to help them better understand the information sharing program, the
responsibilities of participating organizations, and the liability
protections that will be afforded participants.”
- Preserving privacy. “The
Cybersecurity Act of 2015 requires organizations and government to
remove personally identifiable information (PII) of individuals not
related to the threat from any threat information shared. The
global IT industry is sensitive to issues of protecting privacy and
enhancing trust in the solutions we deliver. Therefore, we believe
the DHS and the Administration should remind constituents that the
purpose of cyber threat indicator information sharing is to protect
networks and not to collect information about individuals.
Additionally, it’s important to help organizations understand there
are tools to help them remove PII automatically, helping to lessen
concerns about liability and enhance confidence in these programs.
Finally, the DHS can work with sector-specific agencies to promote
best-practice workshops on privacy protection, and encourage
participation in the information sharing standards development
process."
- Automated indicator sharing.
“Any successful information sharing program must depend heavily on
the authentication of the individuals and organizations that
participate, and on the validity and integrity of the shared
information. CA Technologies has been working with the DHS and
other industry partners to help enable a secure, automated exchange
of information across a wide range of different organizations. In
support of this, we recommend that the DHS continue to leverage key
outreach and partnership programs to help organizations understand
the technical and procedural steps they need to take in order to
participate. Finally, we recommend that the DHS and the federal
government continue to promote the STIX/TAXII protocols with global
standards development organizations. Cybersecurity is a global
challenge; sharing threat information across borders is critical to
combatting global cybercrime.”
CA Technologies is available to speak further about this topic.
Please call or email the press contact below.
About CA Technologies
CA Technologies (NASDAQ:CA) creates software that fuels
transformation for companies and enables them to seize the
opportunities of the application economy. Software is at the heart
of every business in every industry. From planning, to development,
to management and security, CA is working with companies worldwide
to change the way we live, transact, and communicate – across
mobile, private and public cloud, distributed and mainframe
environments. Learn more at www.ca.com.
Follow CA Technologies
- Twitter
- Social Media Page
- Press Releases
- Blogs
Legal Notices
Copyright © 2016 CA, Inc. All Rights Reserved. All trademarks,
trade names, service marks, and logos referenced herein belong to
their respective companies.
View source
version on businesswire.com: http://www.businesswire.com/news/home/20160615005122/en/
Press:CA TechnologiesLeanne Agurkis, +1
407-620-2136Leanne.Agurkis@ca.com
Grafico Azioni Xtrackers California Mun... (NASDAQ:CA)
Storico
Da Set 2024 a Ott 2024
Grafico Azioni Xtrackers California Mun... (NASDAQ:CA)
Storico
Da Ott 2023 a Ott 2024