Travelers’ cybersecurity experts have developed common cyber claims scenarios across five industries, as shown in the following pages. The costs add up quickly, often reaching more than $1 million.
Saturday, October 17, 2015
These seminars are always worth attending.
The Privacy Foundation at the University of Denver Sturm College of Law presents: Privacy Breaches
Friday, November 6, 2015 10AM – 1PM followed by lunch. Ricketson Law Building, Room 290, 2255 E Evans Avenue Denver, Colorado 80208
Register online at http://alumni.du.edu/privacybreaches or contact Privacy Foundation Administrator Anne Beblavi at email@example.com Seminar, CLE (3 hrs. pending) & Lunch $30
Interesting. Clearly Dow Jones would be an attractive target, but would anyone investigate a breach of their systems without contacting them?
Russian Hackers of Dow Jones Said to Have Sought Trading Tips
A group of Russian hackers infiltrated the servers of Dow Jones & Co., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter.
The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation of the infiltration, according to the people. The probe began at least a year ago, one of them said.
Dow Jones, in a statement, said: “Since Bloomberg published its article, we have worked hard to establish whether the allegations it contains are correct. To date, we have been unable to find evidence of any such investigation.”
… Kelly Langmesser, a spokeswoman for the FBI New York office, confirmed the office is investigating a breach at Dow Jones but declined to comment further. Jim Margolin, a spokesman for the Manhattan U.S. Attorney’s Office, declined to comment. Peter Carr, a spokesman for the Justice Department’s criminal division, also declined to comment, as did spokesmen for the Secret Service and the SEC.
The White House was briefed on the investigation and the FBI and SEC have spent months trying to determine exactly how the hackers could profit from what they took, [I assume that means used in very subtle ways. The not-so-subtle ways are obvious. Bob] consulting financial and market experts among other specialists, the people said.
For my Intro to Computer Security students.
Rosalie F. Donlon reports:
For each of the scenarios/industries, Donlon reports estimates based on the NetDiligence® Data Breach Cost Calculator and then factors in estimates from Ponemon’s Ponemon’s 2015 Cost of Data Breach Study. You can see the figures/estimates on PropertyCasualty360.com.
(Ditto) Because what Congress doesn't know can hurt you!
CRS – The Internet of Things: Frequently Asked Questions
by Sabrina I. Pacifici on Oct 16, 2015
CRS – The Internet of Things: Frequently Asked Questions – Eric A. Fischer, Senior Specialist in Science and Technology. October 13, 2015.
“Internet of Things” (IoT) refers to networks of objects that communicate with other objects and with computers through the Internet. “Things” may include virtually any object for which remote communication, data collection, or control might be useful, such as vehicles, appliances, medical devices, electric grids, transportation infrastructure, manufacturing equipment, or building systems. In other words, the IoT potentially includes huge numbers and kinds of interconnected objects. It is often considered the next major stage in the evolution of cyberspace. Some observers believe it might even lead to a world where cyberspace and human space would seem to effectively merge, with unpredictable but potentially momentous societal and cultural impacts. Two features makes objects part of the IoT —a unique identifier and Internet connectivity. Such “smart” objects each have a unique Internet Protocol (IP) address to identify the object sending and receiving information. Smart objects can form systems that communicate among themselves, usually in concert with computers, allowing automated and remote control of many independent processes and potentially transforming them into integrated systems.
… Although the full extent and nature of the IoT’s impacts remain uncertain, economic analyses predict that it will contribute trillions of dollars to economic growth over the next decade.
… Security and privacy are often cited as major issues for the IoT, given the perceived difficulties of providing adequate cybersecurity for it, the increasing role of smart objects in controlling components of infrastructure, and the enormous increase in potential points of attack posed by the proliferation of such objects. The IoT may also pose increased risks to privacy, with cyberattacks potentially resulting in exfiltration of identifying or other sensitive information about an individual. With an increasing number of IoT objects in use, privacy concerns also include questions about the ownership, processing, and use of the data they generate.”
This is something to follow, I think.
The U.S. Defense Advanced Research Projects Agency (DARPA) this week named University of Massachusetts Amherst professor of computer science Gerome Miklau to lead a 4.5-year, $2.8 million grant to develop tools and techniques that enable the agency to build data management systems in which “private data may be used only for its intended purpose and no other.”
Miklau’s project is part of a national program dubbed by DARPA “Brandeis” in recognition of the U.S. Supreme Court Justice who in an 1890 essay expounded on the right to privacy.
… He estimates that UMass Amherst will receive about $1.2 million, while collaborators Ashwin Machanavajjhala at Duke University will get about $1.1 million and Michael Hay at Colgate University approximately $470,000. At UMass Amherst, the project will support two doctoral students.
… Our team designs systems that operate between a trusted data collector, for example, a hospital or the Census Bureau, and a data analyst, so social and medical scientists and government agencies can use aggregate data without knowing all about each individual.”
… Methods for protecting private information fall into two broad categories: filtering data at the source or trusting the data user to diligently protect it. Both have serious challenges
… Miklau and colleagues plan to follow a guideline established by cryptographers nearly a decade ago known as differential privacy, which seeks to offer data analysts maximum accuracy in database queries at the same time providing minimal chance of identifying individual records. It offers more reliable protection than data anonymization, he notes.
… To accomplish this, he and colleagues will add statistical “noise” to query outputs such that the data in tables and spreadsheets are slightly distorted each time a user queries them.
Miklau explains, “We are going to deliver answers to analysts that are statistically close to what would be delivered if one person has opted out of the database. It’s a random perturbation, like flipping a coin every time you ask a question. The answer then is statistically close, but there is a randomness that helps protect the individual.”
Interesting. “Quantity has a quality of its own.”
Appeals Court Validates Google's Mammoth Books Project
Google won an important legal victory on Friday, when the Second United States Court of Appeals in New York upheld a lower court's judgment in its years-long battle with the Authors Guild over Google Books.
The case "tests the boundaries of fair use," Judge Pierre Leval wrote in the appeals court's ruling.
Google's unauthorized digitizing of copyright-protected works, creation of search functionality, and displaying of snippets from those works do not constitute infringement, according to the decision.
That is because the purpose of the copying "is highly transformative," the public display of text is limited, and the snippets "do not provide a significant market substitute for the protected aspects of the originals," the appeals court ruled.
… "There is a difference between transforming the text and copying the text for a transformative purpose," said Matthew Sag, a professor at the Loyola University Chicago School of Law.
Are drones a fad similar to the hula-hoop? Will drones become old hat in six months? Apparently the government doesn't think so. This will require the FAA to learn new technologies. And perhaps provide some opportunities for businesses that identify/track drones or establish geo-fencing.
People will soon have to register their drones with the federal government
The federal government will soon require owners of drones to register their devices with the US Department of Transportation, NBC News reports.
The forthcoming rules stem from concerns about the airspace that drones share with larger aircraft.
… The Federal Aviation Administration announced earlier this month that it was also brainstorming technologies to keep drones out of restricted airspace. One such method is known as geo-fencing. If a drone has geo-fencing technology installed, it will automatically shut down the drone if the craft wanders into an area that's off-limits.
Perspective. The government is buying airwaves to auction off?
A major New York TV station could win $900 million — if it goes off the air. Here’s why.
… WCBS-TV in New York City could win as much as $900 million for going off the air, a result of its position in one of the country's busiest markets. Smaller stations such as KAWE in Minneapolis might receive around $20 million.
The figures represent the maximum amount each broadcaster could receive for participating in a never-before-tried auction of wireless airwaves, one that's designed to transfer control of that invisible real estate to wireless carriers such as AT&T and T-Mobile. Cellular providers say they need access to more of the radio spectrum to build out next-generation mobile data networks. (All wireless data, from TV signals to 4G LTE, ride atop spectrum, a finite resource.)
Perspective. Easily doable.
Chattanooga Slays Comcast, Wins Right To Offer 10Gbps Internet For $299/Month
When Google released its Fiber Internet service five years ago, it was quite something to behold. While most of us were dealing with modest broadband speeds (or worse), the big G was offering Internet speeds that could max out our home routers. At 1Gbps, Google was allowing people to both download and upload up to a theoretical 125MB/s, which is what most hard drives will peak at. It's still impressive.
Not long after Google began hitting some cities with gigabit Internet, we began to see a number of other companies follow suit. Unfortunately, almost all of these are ISPs that focus on a certain area, so a wider rollout is in most cases unlikely. One such ISP is Chattanooga's EPB Fiber Optics, which also unveiled 1Gbit service in 2009 despite stiff opposition from Comcast.
While ISPs were still in the process of rolling out 1Gbps services, Comcast thought it'd be a good guy for once and introduce 2Gbps service. For those who are serious about their Internet and have the cash to spare, that service would be hard to avoid, even if it's akin to making a deal with the devil.
Well, that is unless you happen to live in an area that EPB covers, as it's now one-upped - ahem, five-upped - Comcast by offering a 10 gigabit service.
Funny the things we think are educational.
Hack Education Weekly News
… “Every few weeks, it seems, a new investigation is launched into one of the larger for-profit colleges in the country,” Inside Higher Ed reports. And yet… And yet: the US Department of Education just announced it will allow federal financial aid to be used for “alternative education providers,” including MOOCs and coding bootcamps. Although the Obama Administration has cracked down on for-profit universities, it seems more than happy to fund a new revenue stream for for-profits: the outsourcing of instruction to tech startups. Ted Mitchell, Under Secretary of Education and former venture capitalist at New School Venture Fund, announced the pilot program. More via Edsurge. Meanwhile, as The New York Times observes, “For-Profit Colleges Accused of Fraud Still Receive U.S. Funds.”
… California governor Jerry Brown signed a bill that abolishes the state’s high school exit exam and will award diplomas to thousands who failed the exam as far back as 2004 but had completed all their high school classes. [Because showing up is enough? Bob]
… Barbara Byrd-Bennett, the former head of Chicago Public Schools pled guilty for “her role in a scheme to steer $23 million in no-bid contracts to education firms for $2.3 million in bribes and kickbacks.” She will serve 7.5 years in jail. More of the contracts she approved during her tenure are now under scrutiny.
I don't have any “nutritionally challenged” students in my spreadsheet class. I don't think I do anyway.
How to Build Perfect Meals with The IIFYM Calculator and Excel
Tracking the nutrition in your food has been pretty easy for some time now. But being able to design meals that meet your nutrition intake targets has always been a little tougher.
In this article you’ll quickly learn exactly how you can do this using a pre-made Excel spreadsheet and a free online calculator.
Tools for Math teachers, tutors and students.
5 Online Calculators to Improve Your Basic Math Skills
Humor, with a grain of truth. Ask a narcissist? (Infographic)
Take a Better Selfie With the Help of Famous Politicians