It
is management’s job to ensure they are getting the services they
pay for and that all security protocols are operating correctly.
Fitness
Depot hit by data breach after ISP fails to 'activate the antivirus'
Canadian
retailer Fitness Depot announced customers that their personal and
financial information was stolen following a breach that affected the
company's e-commerce platform last month.
… Based
on the info in the breach
notification letter the
company sent to all potentially impacted individuals, the attack has
all the signs of a textbook Magecart
attack where
the threat actors were able to compromise Fitness Depot's online
store and inject a malicious form designed to harvest and exfiltrate
customer information.
… Fitness
Depot blames its internet service provider (ISP) for the data breach
saying that "[b]ased on our preliminary findings it appears our
Internet Service Provider [ISP] neglected to activate the anti-virus
software on our account."
It
is not yet known what Canadian fitness retailer refers to since it's
not an ISP's job to protect its customers' e-commerce platforms with
anti-malware solutions.
Another
flimsy excuse not to encrypt has been eliminated.
IBM
Releases Open Source Toolkits for Processing Data While Encrypted
IBM
this week announced the availability of open source toolkits that
allow for data to be processed while it’s still encrypted.
The
toolkits implement fully homomorphic encryption (FHE), which enables
the processing of encrypted data without providing access to the
actual data. The toolkits are currently available for macOS and iOS,
but IBM is also working on versions for Android and Linux.
… “For
example, what if all the health care providers on the planet could
pool fully encrypted patient records to allow analytics on patient
data without divulging anything about the individuals involved.
Think of the progress that could be made with regards to treating
certain kinds of diseases!” IBM’s Eli Dow explained in a blog
post.
Dow
added, “As you might appreciate, the concept generalizes to
analytics and cloud storage for regulated industries in general.
Basically most scenarios where information-sharing collides with the
paradox of ‘need-to-know’ vs. ‘need to share’ would benefit
from FHE.”
Toward
the automation of lawyers?
The
Wisdom of Using AI for Middle Value Arbitration Disputes
… Although
arbitration prides itself on eschewing the type of scorched-earth
discovery considered common-place in U.S. litigation, it is hard to
get around the fact that disputes today involve more data. There is
likely to be a significant volume of data that parties and their
counsel need to wade through to even begin to assess whether they
have a case. We are already using AI technology to categorize,
process and evaluate such data, but more complex tasks are possible.
For example, predictive coding (also known as technology assisted
review or TAR) uses AI to learn and make better decisions while
significantly expediting the document review process. Predictive
coding starts by training software with a sample set of data and then
using continuous active learning builds on that data set with the
help of computer-driven algorithms. The value of predictive coding
has already been endorsed in U.S. courts, including by then-U.S.
Magistrate Judge Andrew Peck in Da Silva Moore v. Public Group
(where the court held that predictive coding helps secure the just,
speedy, and inexpensive determination of lawsuits).
Learning
for shut-ins.
Library
continues Artificial Intelligence series
The
Ridgefield Library continues its new series called The Future is Now:
Artificial Intelligence in 2020, on Thursday, June 18, at 6 p.m., via
a live online webinar with Dr. Laxmi Parida who will discuss AI in
the Life Sciences.
No comments:
Post a Comment