Monday, December 26, 2016
An interesting future awaits!
Regulating Software When Everything Has Software
by Sabrina I. Pacifici on Dec 25, 2016
Ohm, Paul and Reid, Blake Ellis, Regulating Software When Everything Has Software (November 16, 2016). George Washington Law Review, Vol. 84, No. 6, 2016. Available for download at SSRN: https://ssrn.com/abstract=2873751
“This Article identifies a profound, ongoing shift in the modern administrative state: from the regulation of things to the regulation of code. This shift has and will continue to place previously isolated agencies in an increasing state of overlap, raising the likelihood of inconsistent regulations and putting seemingly disparate policy goals, like privacy, safety, environmental protection, and copyright enforcement, in tension. This Article explores this problem through a series of case studies and articulates a taxonomy of code regulations to help place hardware-turned-code rules in context. The Article considers the likely turf wars, regulatory thickets, and related dynamics that are likely to arise, and closes by considering the benefits of creating a new agency with some degree of centralized authority over software regulation issues.”
For my Computer Security students.
Free security tools to support cyber security efforts
There are more free information security tools out there than you can highlight with a fist full of whiteboard pointers.
… A few important categories include threat intelligence tools, tools to build security in during the development stage, penetration testers, and forensics tools.
Threat intelligence tools
Penetration / PEN testers
Perhaps I have a future as a Director?
Corporate boards aren't prepared for cyberattacks
Despite the scale and potential harm from such attacks, there's wide recognition that corporate leaders, especially boards of directors, aren't taking the necessary actions to defend their companies against such attacks. It's not just a problem of finding the right cyber-defense tools and services, but also one of management awareness and security acumen at the highest level, namely corporate boards.
… "Some organizations do a better job than others, but those efforts are almost always led by CIOs, CISOs or business line managers and not by corporate boards, CEOs and executive management throughout government and the private sector," Litan added.
… The National Association of Corporate Directors (NACD) recently released a survey of more than 600 corporate board directors and professionals that found only 19% believe their boards have a high level of understanding of cybersecurity risks. That's an improvement from 11% in a similar poll conducted a year earlier.
The survey also found that 59% of respondents find it challenging to oversee cyber risk.
Another of those (somewhat) useful or interesting things that come at year-end.
17 incredibly useful Google products and services you didn't know existed