I could have my students do this,
but with more moderate language.
This
Website Has Solved Cybersecurity
A
new parody website generates random excuses to explain why companies
got hacked and apologize to their users.
Big
companies that hold our personal data get hacked almost
every day,
but most don’t really know how to deal with getting hacked,
especially when it comes to telling users what happened. If you’ve
read some data breach disclosures or notices, you know the classic
“we
take your privacy and security seriously”—truly
the “thoughts and prayers” of cybersecurity. No matter how bad
the hack is, companies always have an excuse.
Luckily,
there’s now a website that automatically generates more original,
and entertaining, apologies you can use if your company gets hacked.
It’s called “Why
the fuck was I breached?”
and its excuse generating algorithm spills out truly hilarious
excuses.
(Related)
We
Need a Global Standard for Reporting Cyber Attacks
Cyber
threats are a seemingly impossible challenge. By their very nature —
fast-changing, borderless, asymmetric — they’re ridiculously
difficult to predict and manage. No wonder the World Economic Forum
has once again placed cybersecurity near the top of its
latest list of global risks.
Indeed, conventional wisdom holds that it’s only a matter of time
before your organization is the target of a cyberattack. And while
we
agree with Andy Bochman,
a senior cybersecurity analyst at the Idaho National Lab, that “no
amount of spending on defenses will shield you completely from
hackers,” we contend that you can shore up your defenses to
substantially mitigate the risk.
In
this article, we focus on the main challenge in managing
cybersecurity: the data gap. Very little cyber data is broadly
available, making it difficult to objectively evaluate the potential
impact of incidents. Through our work with stakeholders across
regions and industries, we propose an approach to identifying what to
measure, how to capture the required data, and how to make it useful.
A
collection of Best Practices.
CISA
RELEASES CYBER ESSENTIALS FOR SMALL BUSINESSES AND GOVERNMENTS
… “When
it comes to collective defense, we are only as strong as our weakest
link, which is why CISA is committed to raising the bar in
cybersecurity across all companies and government, regardless of
their size,” said CISA Director Christopher Krebs. “Cyber
Essentials are designed for those small businesses and local
governments who don’t have abundant resources – where the CEO is
also the chief information officer, head of marketing and HR – who
are looking for where to start. This is a set of cybersecurity
practices that are easy to adopt and understand and together
constitute ‘the basics.’”
Each
of the six Cyber Essentials includes a list of actionable items
anyone can take to reduce cyber risks. These are:
- Drive cybersecurity strategy, investment and culture;
- Develop heightened level of security awareness and vigilance;
- Protect critical assets and applications;
- Ensure only those who belong on your digital workplace have access;
- Make backups and avoid loss of info critical to operations; and
- Limit damage and restore normal operations quickly.
Privacy
by design...
Spanish
DPA Publishes Guide for Satisfying PbD Obligation
On
October 17, the Spanish data protection authority (AEPD) published
the Guide
to Privacy by Design (Guide).
While Privacy
by Design (PbD)
first became a legal requirement in the EU with implementation of the
General Data Protection Regulation (GDPR), it is a well-known concept
among privacy professionals that dates back to the 1990s.
(Related)
...could save you millions!
Real
estate company fined € 14.5 million in Germany for violating GDPR
principle of privacy by design
On
October 30, 2019, the supervisory authority (“SA”) of Berlin
issued a € 14.5 million fine against the real estate company
Deutsche Wohnen SE for
storing personal data of tenants without a legal basis
(Art.
6 GDPR) and for
not implementing the GDPR principle of privacy by design
(Art. 5 and 25(1) GDPR) (press release here
in
German). It is the highest GDPR fine imposed so far in Germany.
I
eagerly await the results!
NAB,
CBA, Telstra, and Microsoft to test Australian government AI ethics
principles
National
Australia Bank, Commonwealth Bank, Telstra, Microsoft, and Flamingo
AI have put their hands up to be the first businesses to test run the
federal government's newly announced artificial intelligence (AI)
ethics principles, Minister for Industry, Science and Technology
Karen Andrews has announced.
The
federal government said the businesses will voluntarily trial a
series of eight AI principles that have been developed as part of the
national AI ethics framework to ensure the principles can be
translated into real world scenarios.
… The
eight ethics principles that have been developed for the framework
include: Human, social and environment wellbeing; human-centre values
in respect to human rights, diversity, and the autonomy of
individuals; fairness; privacy protection and security of data;
reliability and safety in accordance to the intended purpose of the
AI systems; transparency and explainability; contestability; and
accountability.
The
ethics principles were developed following the release
of a discussion paper earlier
this year by Data61, the digital innovation arm of the Commonwealth
Scientific and Industrial Research Organisation (CSIRO).
What
do they see?
Xerox
has made a cash-and-stock offer for HP, sources say
… Xerox,
which makes printers and copiers, has a market cap of $8.05 billion,
less than a third of HP’s $27.27 billion market value.
No comments:
Post a Comment