On
9/11, terrorists controlled relatively small machines. Imagine the
takeover of a 1200 foot container ship carrying 13,000 containers…
U.S.
Coast Guard Issues Cybersecurity Warnings for Commercial Vessels
The
alert points to a February 2019 incident where a deep draft vessel
bound for the Port of New York and New Jersey had its systems
infected with a piece of malware that “significantly degraded the
functionality of the onboard computer system.”
While
the incident did not impact the ship’s essential control systems,
it did highlight the lack of proper cybersecurity measures.
“It
is unknown whether this vessel is representative of the current state
of cybersecurity aboard deep draft vessels. However, with engines
that are controlled by mouse clicks, and growing reliance on
electronic charting and navigation systems, protecting these systems
with proper cybersecurity measures is as essential as controlling
physical access to the ship or performing routine maintenance on
traditional machinery,” the Coast
Guard said.
Be
careful when buying problems.
The
ICO is on a roll… now they’ve issued a statement about their
intention to fine Marriott, although it appears that their statement
may have been issued because Marriott first notified the SEC that it
was going to be fined.
Here
is the ICO’s statement:
Statement
in response to Marriott International, Inc’s filing
with the US Securities and Exchange Commission that
the Information Commissioner’s Office (ICO) intends to fine it for
breaches of data protection law.
Following
an extensive investigation the ICO has issued a notice of its
intention to fine Marriott International £99,200,396 for
infringements of the General Data Protection Regulation (GDPR).
The
proposed fine relates to a cyber incident which was notified to the
ICO by Marriott in November 2018. A variety of personal data
contained in approximately 339 million guest records globally were
exposed by the incident, of which around 30 million related to
residents of 31 countries in the European Economic Area (EEA). Seven
million related to UK residents.
It
is believed the vulnerability began when the systems of the Starwood
hotels group were compromised in 2014. Marriott subsequently
acquired Starwood in 2016, but the exposure of customer information
was not discovered until 2018. The ICO’s investigation found that
Marriott failed to
undertake sufficient due diligence when it bought Starwood
and should also have done more to secure its systems.
Information
Commissioner Elizabeth Denham said:
“The GDPR makes it clear that organisations must be accountable for the personal data they hold. This can include carrying out proper due diligence when making a corporate acquisition, and putting in place proper accountability measures to assess not only what personal data has been acquired, but also how it is protected.
“Personal data has a real value so organisations have a legal duty to ensure its security, just like they would do with any other asset. If that doesn’t happen, we will not hesitate to take strong action when necessary to protect the rights of the public.”
Marriott
has co-operated with the ICO investigation and has made improvements
to its security arrangements since these events came to light. The
company will now have an opportunity to make representations to the
ICO as to the proposed findings and sanction.
The
ICO has been investigating this case as lead supervisory authority on
behalf of other EU Member State data protection authorities. It has
also liaised with other regulators. Under the GDPR ‘one stop shop’
provisions the data protection authorities in the EU whose residents
have been affected will also have the chance to comment on the ICO’s
findings.
The
ICO will consider carefully the representations made by the company
and the other concerned data protection authorities before it takes
its final decision.
We’re
discussing law in my Security Compliance class.
PA
Court decision siding with plaintiff injured by dog leash purchased
on Amazon
Axios:
“A malfunctioning dog leash could end up creating billions of
dollars of potential liabilities for online marketplaces, with Amazon
front and center. Background:
A
dog leash sold and shipped by The Furry Gang, one of the millions of
small sellers that operate on Amazon’s marketplace, snapped,
permanently blinding the buyer in her left eye.
- Amazon is responsible for the injury, according to a 2-1 decision from Philadelphia’s Third Circuit Court of Appeals.
- Amazon’s involvement in transactions extends beyond a mere editorial function; it plays a large role in the actual sales process,” the opinion states.
- Our thought bubble: This ruling challenges the company’s longtime practice of effectively outsourcing quality control to its customers and their reviews. Amazon could now be held liable for all the random things that get sold on its site.
- What to watch: This isn’t just bad news for Amazon. The whole e-commerce sector — including companies like Walmart, eBay and Shopify — could come under fire.”
I
must have missed this… (136 slides)
State
of AI Report 2019
Adopting
new technology is not without its perils.
IDC:
For 1 in 4 companies, half of all AI projects fail
… A
recent study
conducted
by analysts at International Data Corporation (IDC) found that of the
organizations already using AI, only 25% have developed an
“enterprise-wide” AI strategy, and it found that among those in
the process of deploying AI, a substantial number of projects are
doomed to fail.
IDC’s
Artificial Intelligence Global Adoption Trends & Strategies
report, which was published today, summarizes the results of a May
2019 survey of 2,473 organizations that use AI solutions in their
operations.
AI
as a fortune teller?
… In the last few days, we started rolling out
a new feature powered by AI that notifies people when their comment
may be considered offensive before
it’s posted.
… We’ve
heard from young people in our community that they’re reluctant to
block, unfollow, or report their bully because it could escalate the
situation, especially if they interact with their bully in real life.
Some of these actions also make it difficult for a target to keep
track of their bully’s behavior.
We
wanted to create a feature that allows people to control their
Instagram experience, without notifying someone who may be targeting
them. Soon, we will begin testing a new way to protect your account
from unwanted interactions called Restrict. Once you Restrict
someone, comments on your posts from that person will only be visible
to that person. You can choose to make a restricted person’s
comments visible to others by approving their comments. Restricted
people won’t be able to see when you’re active on Instagram or
when you’ve read their direct messages.
Perspective.
If nothing else, some interesting quotes.
How
Data Analytics Is (Slowly) Transforming Private Equity
Data analytics is one of the hottest areas in
business these days. Companies are increasingly adopting it to
transform human resources, sales and marketing, business development,
operations and other areas, across a wide spectrum of industries.
The approach holds the promise of more objective decision-making and
a stronger bottom line.
But when it comes to the world of private equity
it’s a different story, according to Sajjad Jaffer, co-founder of
the advisory and investment firm Two Six Capital. He said that when
he and Ian Picache started their analytics-based firm in 2013, there
had been “no technological innovation in private equity since the
invention of the Excel spreadsheet.”
… “Using large-scale, cloud-based
engineering we can handle very, very large data sets in very, very
short timeframes. Billions of rows of data,” Picache said. He
noted that their in-depth methods enable them to view “what is
going on in a business in a minute-by-minute, day-to-day basis.”
… Regarding portfolio management, he said that
a management team’s own attitude toward data tells you something
about their company. “Those that actually resist [data analytics]
should actually raise some alarm bells for you…. Is it a point of
pride? Are they trying to get the highest valuation for their
companies by not showing you the full transparency of data?”
No comments:
Post a Comment