Still paying for the breach.
Target to
Settle Claims Over Data Breach
Target
Corp. agreed to reimburse
thousands of financial institutions as much as $67 million for costs
incurred from a
massive 2013 data breach that damaged the retailer’s reputation
with shoppers and cut into sales.
… Target also said it is working with
MasterCard Inc.
on a similar deal for its card issuers.
The size of the two settlements could rival a 2010
agreement in which Heartland
Payment Systems Inc. agreed
to pay more than $100 million to Visa and MasterCard for a large 2008
breach.
Target’s data breach exposed 40 million credit
and debit cards to fraud during the 2013 holiday season.
… The exact amount of fraud that resulted from
the Target breach still isn’t known. Trade groups representing
community banks and credit unions estimate that they spent more than
$350 million to reissue credit and debit cards and deal with other
issues tied to the Target breach and the
subsequent Home Depot hack.
(Related) Apparently, the breach didn't turn
customers away.
Target’s
Earnings Beat Estimates After CEO Reins In Expenses
I doubt this embarrasses them at all...
People
searching for the Ashley Madison data on Pirate Bay will also find
... an ad for Ashley Madison
Hackers who stole personal data from the Ashley
Madison website leaked
the personal details of millions of users of the extramarital affairs
dating website on Tuesday.
… And, in a further embarrassment for Ashley
Madison, people looking to get their hands on the data by searching
the popular bittorrent indexer The Pirate Bay have also been served
banner ads for Ashley Madison.
Interesting argument?
The Madison Record reports:
Yahoo answers a class action complaint of privacy invasion by pleading that no one can call its scanning practices surreptitious.
“Yahoo’s scanning of emails has been the subject of media reports for years,” Peter Herzog of St. Louis wrote on Aug. 17.
He moved to dismiss a suit that Kaylynn Rehberger of Highland filed at U.S. district court in June, alleging violation of the Illinois Eavesdropping Statute.
Read more on Madison
Record.
We knew that, right?
Henry Farrell reports:
Facebook’s privacy practices have always been controversial. It doesn’t charge its users–because its users are the product. The company sells information on its users, their social networks, services they like, and a multitude of other forms of information to advertisers and marketers. This gives Facebook a strong incentive to push privacy boundaries constantly, since the more personal information Facebook gathers on its users, the more money Facebook will be able to make by selling this information on to marketers.
This has meant, for example, that Facebook has frequently changed its privacy policies, often in confusing ways. Jennifer Shore and Jill Steinman, two undergraduate students at Harvard have just published a new research article in Technology Science showing that, over time, these changes have led to Facebook’s privacy policy becoming much, much worse.
Read more on Washington
Post.
A tool for anyone who does not want people reading
over their shoulders?
Confide
brings ephemeral messaging to desktop, with Mac and Windows clients
When off-the-record messenger Confide launched
more than a year ago, its main goal was to secure business
communications. It started by making a mobile app for ephemeral text
messaging and then expanded to include document
and photo sharing. Now the company is rolling out a desktop
version for both Windows
and Mac to help employees share sensitive documents without
having to reach for their phone.
… To make its app more widely available,
Confide will be launching a
paid business version later this year.
The service will allow businesses to deploy
Confide broadly, rather than relying on individuals to download the
app. Confide in its current incarnation is free, but Co-founder Jon
Brod says the enterprise level Confide will charge companies a
monthly fee per-user when it does launch.
For my Computer Security students. The Coasties
are unusually effective, I think because of a very low BS factor.
Let's follow this.
Maritime
Experts Gather to Define Cybersecurity Research Challenges
In June, the Maritime Cyber Research Summit (MCRS)
was held at the Cal
Maritime Safety and Security Center. This summit was an
intensive focus session on maritime cybersecurity risks and
vulnerabilities.
… In a fortuitous combination of events, the
USCG released its Cyber
Strategy (PDF) one day prior to the event, which was
made available to all MCRS participants.
… The purpose of the summit was to address the
research
challenges put forth by Vice Admiral Chuck Michel during the
Maritime Cyber Security Symposium. The admiral challenged the
assembled academics, industry, and federal, state, and local
attendees to leverage their collective capability to help the USCG
rigorously explore research areas and identify research priorities.
… During the summit, participants fleshed out
six research challenges, identifying key priority topics and
important research questions. The challenge areas are as follows:
- Vulnerabilities: What analysis could be employed to identify the greatest cyber vulnerabilities in the maritime domain/Maritime Transportation System (MTS), both shipboard and ashore?
- Resilience: Identify the best options for operational and systems cyber resilience. This research would include definition, operational, and legal considerations.
- Threats: What analysis framework and tools could be used to map and predict dynamic maritime cyber threats?
- Impacts: What framework should be employed for impact analysis for the MTS? What are the cascading consequences to the nation and economy of a cyber incident?
- Critical Points: What approach should be used to conduct nodal analysis to identify single points of failure for maritime cyber events within the MTS, including navigation systems?
- Info Sharing: How would a framework for network analysis be developed to support optimal information sharing with partners to address maritime cyber issues?
See? It's not just police-cams and license plate
readers and cellphone interception and facial recognition and …
Internet
Technology Could Aid Police, Courts and Prisons; Resolving Privacy
Issues Key to Future Use
New Internet-based technology may aid criminal
justice agencies through tools such as better criminal databases,
remotely conducted criminal trials and electronic monitoring of
parolees in the community, according to a new RAND Corporation study.
Top criminal justice priorities for new Internet
tools include developing a common criminal history record that can be
shared across agencies, developing real-time language translation
tools and improved video displays for law enforcement officers to
adapt to changing needs, according to the analysis.
Background for my IT Governance class as we
consider unregulated technologies.
Regulation
of Emerging Risks
by Sabrina
I. Pacifici on Aug 18, 2015
Wansley, Matthew, Regulation of Emerging Risks
(August 17, 2015). Vanderbilt Law Review, Forthcoming. Available for
download at SSRN: http://ssrn.com/abstract=2646316
“Why has the EPA not regulated fracking? Why
has the FDA not regulated e-cigarettes? Why has NHTSA not regulated
autonomous vehicles? This
Article argues that administrative agencies predictably fail to
regulate emerging risks when the political environment for regulation
is favorable. The cause is a combination of
administrative law and interest group politics. Agencies must
satisfy high, initial informational thresholds to regulate, so they
postpone rulemaking in the face of uncertainty about the effects of
new technologies. But while regulators passively acquire more
information, fledgling industries consolidate and become politically
entrenched. By the time agencies can justify regulation, the newly
entrenched industries have the political capital to thwart them.
This Article offers a prophylactic against this predictable
regulatory failure. It defends an experimentalist model of
regulation, in which agencies are empowered to impose moratoria on
risky emerging technologies while regulators organize experiments to
learn about the risks they pose and the means to mitigate them. The
agency-coordinated experiments would expedite the promulgation of
empirically informed rules. The moratoria would extend the political
window for regulatory action and protect the public in the interim.
The Article applies this experimentalist model to the regulation of
fracking, e-cigarettes, and autonomous vehicles. It also identifies
legal strategies for implementing experimental regulation under
existing law. It challenges the conventional wisdom that agencies
should postpone regulation until they can confidently predict the
effects of new risky technologies.”
(Related) Speaking of unregulated... Another
article for my future executives. (That's you, students!)
McKinsey –
An executive’s guide to the Internet of Things
by Sabrina
I. Pacifici on Aug 18, 2015
“As the Internet of Things (IoT) has gained
popular attention in the five years since we first published on the
topic, it has also beguiled executives. When physical assets
equipped with sensors give an information system the ability to
capture, communicate, and process data—and even, in a sense, to
collaborate—they create game-changing opportunities: production
efficiency, distribution, and innovation all stand to benefit
immensely. While the consumer’s adoption of fitness bands and
connected household appliances might generate more media buzz, the
potential for business usage is much greater. Research
from the McKinsey Global Institute suggests that the operational
efficiencies and greater market reach IoT affords will create
substantial value in many industries. (For more, see the video
“What’s the one piece of advice for a business leader interested
in the Internet of Things?” And to see how experts believe the
Internet of Things will evolve, see “The
Internet of Things: Five critical questions.”)
She doesn't seem “above the fray” rather she
seems “deliberately ignorant” for someone who must know the
questions will be asked again and again.
Hillary
Clinton had a testy press conference filled with questions about her
email server
Democratic presidential front-runner Hillary
Clinton endured an at-times combative press conference Tuesday,
during which she could not answer whether her email server, which was
turned over to the FBI last week, had been "wiped"
clean of data.
… "What, like with a cloth or something?"
Clinton joked, before saying she didn't "know how it works
digitally at all." [You'd
think she would ask. Bob]
… Two sources close to the FBI investigation
told
NBC that an "attempt" was made to wipe Clinton's server
sometime before it was handed over to the FBI. (It is unclear,
however, when that attempt was made.) But federal agents are
reportedly confident they can recover at least some of the deleted
files.
This should be really interesting.
… Yelp on Tuesday announced
it reached a terms of service agreement with the federal government
that will allow agencies and branch offices to set up their own Yelp
pages and respond to constituent comments.
… “With the addition of Public Services and
Government under the Yelp umbrella, agencies can continue to find new
ways to use customer insights to improve citizen services,” said
Justin Herman, who works for DigitalGov, within the General Services
Administration.
Herman revealed the agreement earlier this month
in a little noticed blog
post.
It is unclear exactly which agencies and branch
departments will utilize the new tool. A host of government pages
have existed for years for local post offices, libraries and TSA
posts.
The agreement will allow those branches to claim
the existing pages if they want.
Making
my students employable.
http://smallbiztrends.com/2015/08/commandments-of-business-networking.html?google_editors_picks=true
The 59
Commandments of Business Networking
Not free, but I bet my students will want it
anyway.
This new
dictation app is more powerful than any you've ever seen
Nuance plans to launch its new Dragon Anywhere
dictation app this fall on iOS and Android, the
Verge reports.
Most of us already have basic dictation features
that come with our phones, but this app is much more powerful than
any of the features offered by Apple and Google. Those companies’
features require you to constantly stop and wait, and with varying
levels of success. Dragon Anywhere, on the other hand, has proved to
be “quite accurate.”
… The only downside about this app is that it
will exclusively be available as a subscription, the price of which
has yet to be determined because running the servers to keep up with
all the transcriptions will be expensive for Nuance. The desktop
application will be sold at a flat rate.
[The
video: https://www.youtube.com/watch?t=55&v=rnsqVawvuJU
Another toy for my students. (Digest Item #2)
Get Stephen
Hawking’s Voice Software
The speech software that gives Stephen
Hawking a voice despite his severe physical disabilities is now
available for free. Intel has released the Assistive
Context-Aware Toolkit (ACAT) as open-source code in the hopes
that developers will expand its capabilities to a wider range of
disabilities.
ACAT allows Hawking to express himself using
nothing more than small facial movements, which are translated into
text. The software has allowed Hawking, the world’s most famous
theoretical physicist, to enjoy a long and illustrious career despite
being diagnosed with ALS (amyotrophic lateral sclerosis) at the age
of 21.
Sai Prasad, ACAT’s project owner, said, “Our
hope is that, by open sourcing this configurable platform, developers
will continue to expand on this system by adding new user interfaces,
new sensing modalities, word prediction and many other features”.
The software and user guide can be found
on Github.
Dilbert on “undue reliance.”
No comments:
Post a Comment