Paper –
OPM Demonstrated that Antiquated Security Practices Harm National Security
by Sabrina I. Pacifici on Apr 15, 2016
Handing Over the Keys to the Castle – OPM Demonstrated that
Antiquated Security Practices Harm National Security. Institute for Critical Infrastructure
Technology. July 2015.
“In this digital age, information is secured, coveted, and
exfiltrated by nation states, hacktivists, and ambitious actors because, now
more than ever, knowledge is power. Modern
needs dictate that only authorized users know information, that authorized
users can access information instantaneously, and that the integrity of
information is certain. In opposition to
these aspirations, an incessant tide of cybersecurity threats, spread across an
unfathomably complex cyber-threat landscape, batter the defenses a round any
valuable store of information. Adversaries
seek to discern and exploit any minute vulnerability that could compromise the
defenses and expose the wealth of knowledge inside. Information security professionals
often view convenience and security as a tug-o-war over controls and resources.
A fickle balance between convenience and
security actually exists for the organizations with the knowledge to pursue it
and vigilance to adapt their defenses to emerging changes in the threat
landscape. The increasing annual number
of successful breaches indicates that organizations and governments alike are
not correctly balancing security with convenience due to antiquated systems and
decades of poor security practices. If
information is seen as a treasure hoard, then the cybersecurity infrastructure
around it is the great fortress that is built by its people, founded on their
technology, and maintained by their security practices. The employment of reliable technology,
superlative security practices, and knowledgeable people culminates in a
multilayered, integrated defense that is resilient to threats. The majority of in bound threats are thereby
thwarted against its ramparts and the impact of the few successful breaches is
minimized to acceptable losses. No
adversary or persistent attack compromises either the cybersecurity
infrastructure or the integrity of the information secured within.”
Government trash talk?
Ethan Blevins writes:
This morning, Judge Beth Andrus
held a hearing to determine whether inspections of Seattle residents’ garbage
violates the Washington Constitution’s right to privacy. We relied on a Washington Supreme Court case
that said government agents cannot sift through garbage cans without a warrant. That includes garbage collectors. They have an invitation to collect–not to
inspect.
The City spent much of the
argument trying to backpedal from the clear language of the law being
challenged.
Read more on Pacific
Legal Foundation.
[A line from the article:
Inadvertent discovery of prohibited items that a garbage
collector happens upon in the course of their work might not violate the Washington
Constitution; a deliberate hunt for pizza crusts and brussel sprouts surely
does.
This sounds important.
The next dimension is time. If security
is dropped for months, the implications are clear. What if security fails for only a few
hours?
As reported on the Hunton Insurance Recovery Blog, data breach claims
involving customer data can present an ever-increasing risk for companies
across all industries. A recent case
illustrates efforts to recover the costs associated with such claims. A panel of the Fourth Circuit confirmed that
general liability policies can afford coverage for cyber-related liabilities,
and ruled that an insurer had to pay attorneys’ fees to defend the policyholder
in class action litigation in Travelers Indemnity Company v.
Portal Healthcare Solutions, No. 14-1944. Syed Ahmad, a
partner in the Hunton & Williams LLP insurance practice, was quoted in a
Law360 article concerning the importance of this decision.
Read more on on Hunton & Williams Privacy
& Information Security Law Blog.
[From the article:
In the Portal case, the specific issue was
whether the mere online availability of sensitive information constitutes
“publication” for purposes of triggering an insurance policy’s personal or
advertising injury coverage and its corresponding duty to defend. The appellate court ruled it does and adopted
the district court’s reasoning that “[p]ublication occurs when information is
‘placed before the public,’ not when a member of the public reads the
information placed before it.”
What works and why.
The Rise
of WhatsApp in Brazil Is About More than Just Messaging
For most people in Brazil, texting was never truly
accessible. The cost of SMS in the
country was as much as 55 times more than in North America and far too expensive
for most residents. So when the
messaging service WhatsApp entered
the market, in 2009, allowing users to send messages to anyone for free and
regardless of their mobile carrier, people gravitated toward the platform. Today, 96% of Brazilians with access to a smartphone use WhatsApp
as their primary method of communication.
Interesting. Imagine
the lobbyists who would have apoplexy if we tried this in the US.
India's
Audacious Plan to Bring Digital Banking to 1.2 Billion People
India is trying to yank its cash-based economy into the
21st century.
But how do you get 1.2 billion people, many of whom have
never seen a bank or opened an account, to send digital payments to each other?
The government's answer is an effort it has named the
Unified Payment Interface. Debuting
Monday, it's a system designed to make transferring and receiving money as
easy as exchanging e-mail or text messages.
… India is hoping to
replicate the success of a similar digital-payments scheme in Kenya. Introduced in 2007, Safaricom's M-PESA system
lets people send and receive money via mobile phones. What's impressive is the sheer number of
people doing so: 22 million, or half the African country's population. India's system is designed to work at a more
basic level, with payments flowing between mobile, banking and other networks.
Not sure this is the best use of time and treasure, but no
doubt someone does.
USDA Local
Food Directories: National Farmers Market Directory
by Sabrina I. Pacifici on Apr 15, 2016
Updated April 15, 2016 – The Farmers Market Directory lists markets that feature two
or more farm vendors selling agricultural products directly to customers at a
common, recurrent physical location. Maintained
by the Agricultural Marketing Service, the Directory is designed to provide
customers with convenient access to information about farmers market listings
to include: market locations, directions, operating times, product offerings,
accepted forms of payment, and more. Visit
our Local Food Directories page to find other operations
offering locally grown products. If you
are a market manager visit our Local Food Directory Registration & Update page to add
or update a market listing. An API is available for developers to integrate this data into
other applications.”
It can’t hurt.
Interest in computer science education is growing rapidly;
even the President of the United States has spoken of the importance of giving every student an
opportunity to learn computer science. Google has been a supportive partner in these
efforts by developing high-quality learning programs, educational tools and
resources to advance new approaches in computer science education. To make it easier for all students and
educators to access this information, today we’re launching a CS EDU website that specifically
outlines our initiatives in CS education.
For my collection of tools & techniques.
5+ Best
Sites & Apps to Find, Create, or Edit the Perfect GIF
(Ditto)
How to
Make an Infographic for Free with PowerPoint
Weekly amusement and amazement.
Hack
Education Weekly News
… The
Pacific Standard on “The Teen
Sexting Overcorrection”: “Last week, Colorado lawmakers rejected a bill that would have
made sexting among teenagers a misdemeanor crime. As Colorado law currently stands, minors who
sext can technically be charged with felony child pornography, which carries a
mandatory sex offender registration, even when the act is consensual. Lawmakers, it seems, aren’t quite sure how to
respond to libidinous teens in the digital age.” … Via Inside Higher Ed: “Graduates of an online program at George Washington U sue the institution, saying they paid more to receive a worse experience than face-to-face students.”
… Via
Salon: “California school district votes to allow teachers to carry guns in
the classroom.” What could possibly go wrong?! [California? Bob]
… Also
via The Chronicle of Higher Education: “Tenured Professor Says Blog Post
Cost Him His Job.”
… Via
The Wall Street Journal: “States Where Day Care Costs More Than College.” [Yes, Colorado too Bob]
No comments:
Post a Comment