Thursday, September 22, 2016

Material impact on the sale to Verizon?  Probably not.
Yahoo is expected to confirm massive data breach, impacting hundreds of millions of users
Yahoo is poised to confirm a massive data breach of its service, according to several sources close to the situation, hacking that has exposed several hundred million user accounts.
While sources were unspecific about the extent of the incursion, since there is the likelihood of government investigations and legal action related to the breach, they noted that it is widespread and serious.
Earlier this summer, Yahoo said it was investigating a data breach in which hackers claimed to have access to 200 million user accounts and was selling them online.  “It’s as bad as that,” said one source.  “Worse, really.”
   But there’s nothing smooth about this hack, said sources, which became known in August when an infamous cybercriminal named “Peace” said on a website that he was selling credentials of 200 million Yahoo users from 2012 on the dark web for just over $1,800.  The data allegedly included user names, easily decrypted passwords, personal information like birth dates and other email addresses.
At the time, Yahoo said it was “aware of the claim,” but the company declined to say if it was legitimate and said that it was investigating the information.  But it did not issue a call for a password reset to users.  Now, said sources, Yahoo might have to, although it will be a case of too little, too late.

Is that the same as saying, “before the potential breach was discovered, we hadn’t bothered to secure the system?” 
The day after an FBI investigation descended on the Camden County Courthouse, County Attorney Charles McElyea has acknowledged a “possible security breach” of the courthouse computer systems.
McElyea said once the potential breach was discovered, “the Camden County Commission took immediate steps to secure the system and started an investigation to determine if there was in fact a breach of the system, how it might have occurred and how to prevent such a breach in the future.”
I guess we’ll have to wait to find out what this is about, although it sounds like some insider wrongdoing is suspected.

For my Governance students.
Paper – Examining the costs and causes of cyber incidents
by Sabrina I. Pacifici on Sep 21, 2016
Examining the costs and causes of cyber incidents, Sasha Romanosky, Journal of Cybersecurity, DOI:  First published online: 25 August 2016.
“In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks.   As part of that order, he directed the National Institute for Standards and Technology (NIST) to develop a framework that would become an authoritative source for information security best practices.  Because adoption of the framework is voluntary, it faces the challenge of incentivizing firms to follow along.  Will frameworks such as that proposed by NIST really induce firms to adopt better security controls?  And if not, why?  This research seeks to examine the composition and costs of cyber events, and attempts to address whether or not there exist incentives for firms to improve their security practices and reduce the risk of attack.  
   Specifically, we find that the cost of a typical cyber incident in our sample is less than $200 000 (about the same as the firm’s annual IT security budget), and that this represents only 0.4% of their estimated annual revenues.”

(Related) Another consideration for Governance.
Achieving Trust Through Data Ethics
Success in the digital age requires a new kind of diligence in how companies gather and use data.
   Digital trust — identified as a key trend in the Accenture Technology Vision 2016 report — is very difficult for businesses to build with customers, but very easy to lose.

It’s not just for “International Terrorist Masterminds” and more. 
   there are all sorts of good — non-criminal — reasons why you may want to have a second phone number.  While you may want to get a second physical phone, for most purposes, you can just get an app on your existing phone.
Why Use a Burner App?
  • Online dating is more popular than ever, but it does carry certain risks, particularly for women.  Using a temporary number provides a valuable extra layer of privacy.
  • If you’re buying or selling something on Craigslist, or placing an ad anywhere, a disposable number means you don’t have to deal with calls once your business is done.
  • If you’re job hunting, you may be expecting a lot of calls from unknown numbers. It’s good to know that these are related to your job search before you answer.
  • If you’re moving to a different area, or even a different country, you might want to pick up a local number before you move.
  • If your job requires you to be on call or you’re running your own business, you’ll want a dedicated number that you know to answer professionally and can ignore when you’re off the clock, without having to carry two phones.
  • If someone is monitoring your calls and texts (like an abusive parent or partner), you can reach out for help using a number they don’t have access to.

A growing number of twits or more people/agencies requesting?
US increases requests for account info from Twitter
The U.S. government increased its requests for information from Twitter in the first half of 2016, according to a report released by the social networking site Wednesday.
From Jan. 1 to June 30, the U.S. government made 2,520 requests for information, up from 2,436 in the first half of last year.
The report says that Twitter produced some information in 82 percent of requests.

Nothing like a last minute law to fix years of no planning! 
New legislation seeks to prevent U.S. voting systems from being hacked
A U.S. lawmaker has introduced two bills to protect voting systems from hacking, amid fears that Russian cyber spies may be interfering with this year's presidential election.
Representative Hank Johnson, a Democrat serving Georgia, is proposing a moratorium on state purchases of electronic voting machines that don't produce a paper trail.  His Election Integrity Act, introduced Wednesday, would also prohibit voting systems from being connected to the internet as a way to prevent online tampering.
   Johnson's second bill proposes designating U.S. voting systems as critical infrastructure, meaning that the federal government would take a role in protecting it.  The country's electrical grid and banking sector are among those already designated as critical infrastructure.
Johnson's bill would also require the Department of Homeland Security to submit a plan to Congress to protect the U.S. election process from threats including cyber terrorism.  In addition, it asks that better standards be developed so that citizens can verify their votes.

A new world!  What else would this work for?  Mortgages?  Student loans? 
P2P insurance firm Lemonade launches out of stealth, powered by chatbots, morals, and big bucks
Lemonade, a peer-to-peer (P2P) insurance firm that’s been in stealth for a year, has finally launched to the public in its first market.
   Lemonade announced today that it is now a fully licensed insurance carrier in New York, which means homeowners and tenants across the state can get insured and settle claims on the spot, across multiple devices.
   Lemonade is also setting out to combat existing models through an annual “giveback,” where it donates unclaimed money to good causes.  Through the app, users select a cause that they care about, and this cause-creation process generates virtual groups of like-minded people — or “peers.”  (Why not “giveback” to me?  Bob)
Premiums from each group cover any claims made by individuals, with leftover money going to their common cause.  And Lemonade makes money by taking a 20 percent flat fee from monthly policy payments.

(Related) …and they’re all going to need insurance!
Mobile Networks Are Key to Global Financial Inclusion, Report Finds
The ubiquity of cellphones could allow a rapid expansion of financial services throughout the developing world, with major implications for growth and credit accessibility, a McKinsey & Co. report concludes.
“With the technology that’s available today you could provide billions of people and millions of businesses opportunities that don’t exist to them today,” Susan Lund, co-author of the McKinsey Global Institute report on digital finance, said in an interview.
The report found that with coordinated action by financial firms, telecommunications companies and developing-country governments, some 1.6 billion people could gain access to financial services by 2025, all without major new expenditures on physical infrastructure.

Be as smart as a Congressman.  (A rather low bar, but better than nothing.)
Researching Current Federal Legislation and Regulations: A Guide to Resources for Congressional Staff
by Sabrina I. Pacifici on Sep 21, 2016
Researching Current Federal Legislation and Regulations: A Guide to Resources for Congressional Staff, Jerry W. Mansfield, Lead Information Services Coordinator.  September 19, 2016.
“This report is designed to introduce congressional staff to selected governmental and nongovernmental sources that are useful in tracking and obtaining information on federal legislation and regulations.  It includes governmental sources, such as, the Government Publishing Office’s Federal Digital System (FDsys), and U.S. Senate and House websites.  Nongovernmental or commercial sources include resources such as HeinOnline and the Congressional Quarterly (CQ) websites.  The report also highlights classes offered by the Congressional Research Service (CRS) and the Law Library of Congress.”

This is Apple being innovative?  Are the people who buy iPhones also into motorcycles?
Apple Is Said to Be Talking to Vehicle Technology Companies
   Apple is also in talks with Lit Motors, a San Francisco start-up that has developed an electric self-balancing motorcycle, about a potential acquisition, according to three people who spoke on the condition of anonymity.  Apple has already hired several former Lit Motors engineers.

No comments: