Last week, the U.S. Department of Justice released a report that revealed some weaknesses in Next Gen Cyber, The Federal Bureau of Investigation’s cybersecurity program begun in 2012. Next Gen Cyber originally has a budget of $314 million and a total of 1,333 full-time jobs (including 756 agents), while the DOJ also asked for an $86.6 million increase in funding for 2014 to support this Initiative. The FBI had in total 52 open positions of the 134 computer scientists it was authorized to employee under the Initiative. However, it is getting a lukewarm reception from private companies and individuals who have privacy concerns. Besides, lower salaries as compared to the private sector and stringent rules about past drug use were other main problems faced by the FBI hiring.
The U.S. Food and Drug Administration and pharmaceutical company Hospira announced last week that they were aware of cybersecurity vulnerabilities associated with the company’s Symbiq Infusion System. These devices are usually used in hospitals and nursing homes to allow for continuous delivery of general infusion. Hospira insisted in a statement that there had been no known breaches of their devices. However, the company was still working to provide its Symbiq customers with another layer of security for the devices. The FDA also mentioned that the devices were no longer being manufactured or distributed, recommending that healthcare facilities transition to other infusion systems as soon as possible.
Last Monday, the Department of Homeland Security (DHS) claimed that the controversial new surveillance bill Cybersecurity Information Sharing Act (CISA) could sweep away important privacy protections. CISA encourages private companies to share their sensitive corporate data with the government to prevent future cyber attacks and fortify national cybersecurity. However, this may raise serious privacy issues within private sectors. Privacy concerns have long been significant in the private sector, where the use of personal data at scale is largely unregulated. Data brokers like Experian are anxious about losing the ability to aggregate vast quantities of personal data and have been lobbying against the bill, calling it “the Darth Vader bill.”
J.P. Morgan Chase & Co. expected to increase spending on cybersecurity in the upcoming years, accelerating its initial timeline of the spending growth in information security. According to a quarterly regulatory filing from the bank, its annual cybersecurity budget is expected to double this year, which would bring this year’s spending figure to about $500 million, marking a huge leap from $250 million in 2014. J.P. Morgan also expected its cybersecurity spending to remain at around $500 million in 2016 and will probably also remain the same or see an increase in the next four years. The bank is also working on strengthening its partnerships with government, law enforcement agencies and third-party service providers.
The Chinese government plans to embed cybersecurity police units at major Internet companies and websites to help prevent crimes such as fraud and spreading of rumors. China’s Ministry of Public Security didn’t reveal the name of companies that will have the new police units, but it is likely that the three e-commerce giants, Alibaba Group, Tencent and Baidu, will be on the list. It isn’t clear yet whether the cyberpolice units would apply to international, as well as domestic, tech companies operating in China. These physical police units at Web firms are part of Beijing’s broader efforts to exert greater control over China’s Internet.