Is this all that Congress has learned?
House
Releases Cybersecurity Strategies Report
The
U.S. House of Representatives’ Committee on Energy and Commerce has
released a report identifying strategies for the prevention and
mitigation of cybersecurity incidents.
Designed
to summarize the work of the Subcommittee on Oversight and
Investigations, the report (PDF)
includes conclusions drawn from tens of briefings, hearings, letters,
reports, and roundtables.
For my Computer Security students.
Organizations
Still Slow to Detect Breaches: CrowdStrike
Organizations are getting better at detecting
intrusions on their own, but it still takes them a long time to do
it, according to a new report published on Tuesday by endpoint
security firm CrowdStrike.
… the
average attack dwell time – or the time it takes to detect an
attack – was 85 days, comparable to the 86 days reported by the
company in its 2017 report.
“Clearly,
there is considerable room for improvement. Boards of directors,
executive management, and the public at large are all rightly
concerned that organizations take days, weeks or even months to
detect attacks,” CrowdStrike said in its
latest report.
(Related)
Cybersecurity
of the Person
Kosseff, Jeff, Cybersecurity of the Person
(October 31, 2018). First Amendment Law Review, 2019. Available at
SSRN: https://ssrn.com/abstract=3276218
“U.S. cybersecurity law is largely an outgrowth
of the early-aughts concerns over identity theft and financial fraud.
Cybersecurity laws focus on protecting identifiers such as driver’s
licenses and social security numbers, and financial data such as
credit card numbers. Federal and state laws require companies to
protect this data and notify individuals when it is breached, and
impose civil and criminal liability on hackers who steal or damage
this data. In this paper, I argue that our current cybersecurity
laws are too narrowly focused on financial harms. While such
concerns remain valid, they are only one part of the cybersecurity
challenge that our nation faces. Too often overlooked by the
cybersecurity profession are the harms to individuals, such as
revenge pornography and online harassment. Our legal system
typically addresses these harms through retrospective criminal
prosecution and civil litigation, both of which face significant
limits. Accounting for such harms in our conception of cybersecurity
will help to better align our laws with these threats and reduce the
likelihood of the harms occurring.”
If you place cookies, you need to understand this.
How Big
Companies Should Behave Under Europe’s New Cookie Regulations
… Under the GDPR, implied
consent is not enough and instead customers must actively
affirm that they agree to the use of cookies. That means that
companies can no longer claim that using its website constitutes
consumer consent. Rather, websites must provide
accurate information – in plain language – specifying exactly
what a company’s cookie policy is. The GDPR also grants users the
right to retract their consent and every 12 months corporations must
obtain renewed consent from customers to keep using cookies for the
same purposes.
It’s not important that they don’t know. What
is important is, they don’t bother to find out!
At the
Google hearing, Congress proves they still have no idea how the
internet works
Google CEO Sundar Pichai’s long-awaited
Congressional
hearing took place on Tuesday.
Pichai testified before Congress on Google+
data breaches, the controversial Chinese-censorship
friendly search product, and perceived anti-conservative
bias. But, there was one more pressing concern that took center
stage to those watching the hearing: Several members of Congress, at
least on the House Judiciary Committee, have no idea what they’re
talking about when it comes to technology.
… Rep. Lamar Smith claimed as fact that 96
percent of Google search results come from liberal sources. Besides
being proven
false with a simple search of your own, Google’s search
algorithm bases search rankings on attributes such as backlinks and
domain authority. Partisanship of the news outlet does not come into
play. Smith asserted that
he believe the results are being manipulated, regardless of being
told otherwise.
… When Iowa Rep. Steve King demanded to know
why a nasty image of the Congressman would appear on his
granddaughter’s phone while she was playing a game, Pichai had to
point out that Google doesn’t make the iPhone. King’s response?
It could have been an Android!
For my student researchers. (Remember, the page
is not the article.)
How to Find
Out When a Webpage Was Published
maketecheasier:
“When you’re doing research on a topic, it’s vital to ensure
your sources are up to date. If you’re writing an academic paper,
dates of publication are often required in the citations. The
majority of the time, getting the date is easy: simply look on the
site and find the “published on” date to find out how recent it
was. Things get a little more complicated when there is no date
listed on the webpage. When this happens, how do you know when the
page was published?…”
No comments:
Post a Comment