On December 5, the National Institute of Standards and Technology (NIST) issued an update regarding its Framework for Improving Critical Infrastructure Cybersecurity (Framework).  Since its release in February 2014, the Framework has become an important benchmark for corporate cybersecurity programs.  NIST’s update addresses industry input received from an October workshop and an August Request for Information.  It also describes NIST’s plans to support future use of the Framework.

Democratic politicians are proposing a novel approach to cybersecurity: fine technology companies $100,000 a day unless they comply with directives imposed by the U.S. Department of Homeland Security.

Legislation introduced this week would allow DHS Secretary Janet Napolitano to levy those and other civil penalties on noncompliant companies that the government deems "critical," a broad term that could sweep in Web firms, broadband providers, and even software companies and search engines.

There's another Chinese spy hacker group on the scene targeting governments and research firms, according to a new report by a cybersecurity firm.

This week Google addressed the concerns about issues raised by information commissioners in ten different countries over privacy and Buzz, while data protection in federal agencies is also a concern.

As Abraham Lincoln once famously asked: “Do I not destroy my enemies when I make them my friends?”.