Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/30/2010
11:13 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Chem Industry Commends Senate On Critical Cyberspace Security Action

Homeland Security Committee approves legislation designed to protect nation's cyberinfrastructure

ARLINGTON, VA (June 29, 2010) – The U.S. Senate Homeland Security Committee approved “Protecting Cyberspace as a National Asset Act of 2010,” legislation designed to protect the nation’s critical cyber infrastructure. If enacted, the bill would create an Office of Cyber Policy in the White House, which would lead all federal cyberspace efforts and devise a national cyberspace strategy. It would also create a National Center for Cyber-security and Communications (NCCC) within the Department of Homeland Security, which would enforce cyber-security policies throughout the government and the private sector. Additionally, the bill would establish a public/private partnership to set national cyber-security priorities and improve national cyber-security defenses. The following statement may be attributed to ACC’s senior director of security, Bill Erny:

“We commend Chairman Lieberman, Ranking Member Collins and Senator Carper for their leadership in developing this comprehensive approach to protecting our critical cyber-infrastructure. The bill approved by the Senate Homeland Security Committee will go a long way toward building upon the rigorous security regulations already in place for our industry, while providing a much needed focus on cyber-security.

“We are glad to see that Congress is continuing its commitment to cyber-security, taking it as seriously as our members do. This legislation will complement our members’ ongoing effort to improve cyber-security, from sharing best practices through ACC’s ChemITC forum to implementation of the Responsible Care Security Code'. This bill will also help ensure that similar efforts are being undertaken across the nation’s critical infrastructure, while giving DHS the ability and resources to provide a truly comprehensive approach to securing our cyber- and information systems.

“ACC and our members appreciate the efforts of Sens. Lieberman, Collins and Carper, and the other members of the Senate Homeland Security Committee on this essential cyber-security legislation, which will help us protect our facilities, our employees, the communities where we operate, and the vital products we supply to the nation every day.”

Since 2001, ACC members have led the way in chemical security. Long before there was any government direction, ACC member companies invested more than $8 billion on enhancing facility security under ACC’s Responsible Care Security Code, which has since become the gold standard for the industry and a model for regulatory programs.

# # # www.americanchemistry.com/newsroom

The American Chemistry Council (ACC) represents the leading companies engaged in the business of chemistry. ACC members apply the science of chemistry to make innovative products and services that make people's lives better, healthier and safer. ACC is committed to improved environmental, health and safety performance through Responsible Care', common sense advocacy designed to address major public policy issues, and health and environmental research and product testing. The business of chemistry is a $674 billion enterprise and a key element of the nation's economy. It is one of the nation’s largest exporters, accounting for ten cents out of every dollar in U.S. exports. Chemistry companies are among the largest investors in research and development. Safety and security have always been primary concerns of ACC members, and they have intensified their efforts, working closely with government agencies to improve security and to defend against any threat to the nation’s critical infrastructure.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: What Virtual Reality phishing attacks will look like in 2030.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21652
PUBLISHED: 2021-05-11
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2021-21653
PUBLISHED: 2021-05-11
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2021-21654
PUBLISHED: 2021-05-11
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.
CVE-2021-21655
PUBLISHED: 2021-05-11
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.
CVE-2021-21656
PUBLISHED: 2021-05-11
Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.