Headlines for the week ending 18 December 2015

1. STROZ FRIEDBERG: Latest News & Headlines - Week Ending as of December 18, 2015
Cybersecurity Legislations Finds A Place In U.S. Budget Bill
After years of debate, cybersecurity legislation may pass this week, tucked inside the trillion-dollar
federal spending bill. The House and the Senate both have passed competing versions of cybersecurity
legislation and pressed to negotiate a version they could pass before the end of the year.
NPR
Banks told to get tough on cybersecurity in 2016
2016 New York state cybersecurity requirements for banks, expected to be applied country-wide,
include multi-factor auth, regular audits and pentests, and exacting third-party vendor cybersecurity
scrutiny. New York state regulators are prepping to release new cybersecurity guidelines for banks that
are expected to set a status quo for state-level and federal banking regulators.
ZDNet
U.S. arrests three men over hacking scheme targeting 60 million people
Three men were arrested on Monday for engaging in a wide-ranging hacking and spamming scheme
that targeted personal information of 60 million people including Comcast customers, U.S. prosecutors
announced Tuesday.
Reuters
National Guard expands cyber protection teams
New York and New Jersey lawmakers announced that a combined cyber protection team made up of
National Guard units from both states was approved by the National Guard. The joint NY-NJ team was
one of 13 new cyber units the Guard announced it would activate throughout 23 states by the end of
fiscal year 2019.
GCN
Europe Approves Tough New Data Protection Rules
European officials approved long-awaited data protection regulations on Tuesday, the latest effort in the
region to give people a greater say over how their digital information is collected and managed. The
changes, expected to go into effect by early 2017, would put into law across the 28-member European
Union some policies now enforced after court rulings or in specific countries only.
The New York Times
Hack attacks and data law boost European cyber insurance demand
New European legislation on data privacy is helping push up regional demand for cyber insurance,
industry specialists say, after companies such as TalkTalk and Experian were affected by hackers

2. earlier this year. The European Union agreed this week to change fragmented data protection laws,
forcing companies to report breaches likely to harm individuals to national authorities within 72 hours.
Reuters
Russia's cyber-attack losses may reach US$1 bn
Russian businesses are forecast to lose almost US$ 1 bn (70 billion rubles £662 million) from cyber-
attacks this year and this figure is expected to continue to grow in the near future, Lev Khasis, first
deputy chairman of Sberbank, Russia's largest state-owned bank, and a former vice-president of Wal-
Mart, told SCMagazineUK.com.
SC Magazine UK
Russian hacking group sharpens its skills
A group of Russian-speaking hackers that has targeted politicians, state entities, and companies over
the past eight years is continuing to develop its skills, according to an analysis by security researchers.
"Our recent investigation into the Sofacy operations revealed that the cyber-group is extremely active
and focused on specific regions," said the report from security company Bitdefender.
ZDNet
China calls for Internet front to fight hacking, cyber "arms race"
China's President Xi Jinping laid out his vision for the Internet on Wednesday, calling for a new status
quo where Internet sovereignty rests in the hands of nations controlling the flow of information. "Each
country should join hands and together curb the abuse of information technology, oppose network
surveillance and hacking, and fight against a cyberspace arms race," Xi told China's second World
Internet Conference.
Reuters
China, U.S. sign agreement to expand AML cooperation
The U.S. Treasury Department's Financial Crimes Enforcement Network and its counterpart in China
signed a memorandum of understanding Friday for expanded U.S.- China collaboration to fight money
laundering and terrorism financing.
The FCPA Blog
STROZ FRIEDBERG - IN THE NEWS
2016 Predictions: Boardroom shuffles in the cards as cyber threats rise
"There is a lack of specialist cyber skills in boardrooms worldwide, including Britain's, which is likely to
become increasingly clear as 2016 progresses," said Ed Stroz, executive chairman of Stroz Friedberg,
which specializes in cyber security, investigations, and intelligence.
SourceWire
What security pros want for the new year
Dave Dalva, vice president at Stroz Friedberg, who acts in the role of CISO for several clients."I would
like to see boards of directors and leadership teams better appreciate that information security risk
management should be treated as an enterprise risk equivalent to financial, reputational, and legal risk.
Too often these stakeholders gain an appreciation of security risk only after a breach to themselves or
others. I would like to see them increasingly take the initiative to understand how security risk impacts
the business, and why culture is so important to good security risk management program."
CSO