America's critical infrastructure security response system is broken

	Security roundup for week ending Dec. 2: Carrier IQ stink, SCADA troubles | From Anonymous to Hackerazzi: The year in security mischief-making
	Network World Security				Forward this to a Friend >>>
	America's critical infrastructure security response system is broken The flap over the reported water utility hack in Illinois begs the question: Is the reporting system that the U.S. has set up to identify cyberattacks on critical infrastructure broken and in need of re-thinking? Read More WHITE PAPER: i365 Trusted Data Assurance in the Cloud Cloud-based services are here to stay. Cloud services are even more attractive for companies who are being hit with the high cost of meeting compliance requirements - especially for small and mid-size companies that have shrinking or no information security budget. Read now! In this Issue Security roundup for week ending Dec. 2: Carrier IQ stink, SCADA troubles From Anonymous to Hackerazzi: The year in security mischief-making IDC on 2012: Prep for cloud wars, mobile explosion, higher IT spending US intelligence group seeks Machine Learning breakthroughs Carrier IQ again asserts no user data is logged or sent European distrust of US data security creates market for local cloud service Skype flaw reveals users' location, file-downloading habits FAQ: An update on the Illinois water district non-hack Data Protection Convention undergoes a rewrite Cornell Prof: Carrier IQ affair 'my worst nightmare' Committee approves cybersharing bill despite privacy concerns RESOURCE COMPLIMENTS OF: Palo Alto Networks 10 Things Your Next Firewall Must Do Choosing a next-generation firewall is more than a simple comparison of technical features. It's about balancing the needs of the business with the risks associated with modern applications. Gain access to valuable information in one location- read articles and watch videos that will empower you to make the right decision. Learn More! Security roundup for week ending Dec. 2: Carrier IQ stink, SCADA troubles If a cyberattack from a hostile foreign source ever hit a public electric or water utility, affecting its industrial control systems, causing America's critical infrastructures to fail, would we understand that had even happened? We have more doubts than ever, after every twist and turn in the saga that began with the Nov. 10th "Public Water District Cyber Intrusion" report from the Illinois Statewide Terrorism & Intelligence Center (STIC) that set off a media firestorm after the report was leaked to the media. The Illinois STIC report said a cyberattack from Russia had hit an Illinois water facility, causing a water pump to fail. The Dept. of Homeland Security (DHS) and the FBI, in tandem with the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), has since concluded that Illinois STIC report was in error http://www.networkworld.com/news/2011/120111-scada-faq-253663.html?hpg1=bn. It may have been—it would not be surprising if reasonable doubts remain--but this episode of intelligence failures and slow response times has laid bare how poorly prepared America is, as Network World Editor in Chief John Dix summarizes in his editorial, "The Water Pump Alarm" http://www.networkworld.com/columnists/2011/120111-editorial.html. This fiasco related to the Curran-Gardner Townships Public Water District in Springfield, Illinois , which offers a rare glimpse into how the secretive intelligence-gathering "Fusion Centers" promoted by DHS really operate—raises the question whether America's critical-infrastructure response system even works at all—or is need of critical re-thinking http://www.networkworld.com/news/2011/120111-scada-253659.html?hpg1=bn. Read More From Anonymous to Hackerazzi: The year in security mischief-making It wasn't a good security year from RSA break-in to hacks on Sony, Google and Facebook. Read More IDC on 2012: Prep for cloud wars, mobile explosion, higher IT spending Researchers at International Data Corp. say some big battles will be brewing in 2012 in the cloud, mobile and Big Data arenas, so much so that "companies like Microsoft, HP, SAP, RIM, and others -- including Apple -- will face 'crossroads moments' in 2012. By the end of the year, we should have a good idea which vendors will -- and won't -- be among the industry's leaders at the end of the decade," said Frank Gens, senior vice president and chief analyst at IDC in a statement. Read More WEBCAST: ForeScout Technologies CISO in the Know - Mitigating Modern Attacks This webcast examines sophisticated and targeted threats, security gaps, techniques and new technologies with regards to understanding and defending against zero-day threats, propagating worms, low-and-slow attacks and advanced persistent threats (APT). Learn more. US intelligence group seeks Machine Learning breakthroughs Machine Learning technology is found in everything from spam detection programs to intelligent thermostats, but can the technology make a huge leap to handle the exponentially larger amounts of information and advanced applications of the future? Read More Carrier IQ again asserts no user data is logged or sent A new statement from Carrier IQ reiterates the company's insistence that it doesn't log or send personal data or information to carriers. Read More European distrust of US data security creates market for local cloud service Concern over the laxity of United States data protection laws has created a new market for Europe-based cloud computing services. Read More WHITE PAPER: Raritan What to Look for in Smart Card Readers Deploy servers with PKI authentication without sacrificing convenience or security. Learn how modern KVM switches with smart card capabilities go beyond simply integrating card readers as an additional peripheral at the KVM workstation, but rather make necessary KVM feature adjustments to enable seamless use of the reader. Learn More Skype flaw reveals users' location, file-downloading habits Researchers have found a flaw in Skype, the popular Voice-over-Internet-Protocol service which allows users to make video phone calls and internet chat with their computers. The vulnerability can expose your location, identity and the content you're downloading. Microsoft, which owns Skype, says they are working on the problem. Read More FAQ: An update on the Illinois water district non-hack As it turns out, reports that Russian hackers broke into the Curran-Gardner Water District network in Illinois with usernames and passwords stolen from a consultant to the district and then accessed its control system to burn out a pump, are not true. Read More Data Protection Convention undergoes a rewrite A 30-year old international treaty covering data protection is undergoing a partial rewrite to reflect new concerns in the age of the Internet. Read More Cornell Prof: Carrier IQ affair 'my worst nightmare' A Cornell University professor is calling the controversial Carrier IQ smartphone software revelations a privacy disaster. Read More Committee approves cybersharing bill despite privacy concerns The U.S. House of Representatives Intelligence Committee has approved a recently introduced bill that would allow greater cyberthreat information sharing between U.S. intelligence agencies and private companies even though privacy advocates say it would allow those agencies to spy on U.S. residents. Read More
	SLIDESHOWS 25 free open source projects IT pros will love We asked SourceForge's new community manager and longtime open source coder, Rich Bowen, to sniff out a few of the cool, lesser-known projects he thinks IT folks will love. What follows are his picks, along with a few of our own. GOODIES FROM MICROSOFT SUBNET Everyone who enters will win free training from Webucator. Grand prize: a SharePoint training class worth $2,375. All who enter will be awarded a self-paced class of their choosing. Enter here: http://www.networkworld.com/community/contests. Enter here. MOST-READ STORIES 2011's biggest security snafus Cisco to introduce larger Cius tablet next year Don't expect Woz to bid on 'The contract that founded Apple' Chrome takes No. 2 browser spot from Firefox How to turn off Carrier IQ on your iPhone 25 free open source projects IT pros will love Cracking ND5 ... with Google?! Real life HAL 9000 meets Skynet New year, new job? Ten companies that are hiring Everything I need to know about Linux I learned from my pets
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **