How can you confirm/control third party security?
44% of Healthcare and Pharmaceutical Organizations Have Experienced a Data Breach Caused By a Third Party in the Last 12 Months
SecureLink, a leader in critical access management, has released a new report titled “A Matter of Life And Death: The State of Critical Access Management in Healthcare,” revealing that third-party attacks in healthcare are on the rise and fundamentally threaten not just highly sensitive medical data, but patient care.
The report, which includes data from research conducted in partnership with Ponemon Institute, reveals that within the last year, 44% of healthcare and pharmaceutical organizations experienced a data breach caused by a third party – posing compliance, reputational, and financial risks.
Read more of the SecureLink press release. Obviously there is a self-serving element to their report and release, but it highlights an important issue: the prevalence of breaches in the healthcare sector that involve third-parties.
Brilliant, but unlikely.
https://www.databreaches.net/why-not-hold-ransomware-attackers-hostage-for-a-change/
Why Not Hold Ransomware Attackers Hostage for a Change?
Mark Rasch writes about a fourth option for ransomware victims in terms of response:
… what happens in the case where you are able to identify—either by name, location, computer, IP address, MAC address or otherwise—the individual(s) responsible for the ransomware, extortionware or electronic demand for payment? Right now, a ransomware victim has few options. One: Pay the ransom. Two: Don’t pay the ransom and restore/rebuild. Or, three: Choose option one or two but work with law enforcement in the hope that the perpetrator will be caught and prosecuted. The real-world law offers another option. A form of self-help, you could say. Why not ransomware the ransomware purveyors?
Read more on Security Boulevard.
[From the article:
In many cases, the law permits what is called “prejudgement attachment.” In a prejudgement attachment, a litigant making a claim against a person, property or money can—with appropriate supervision—simply “take” the thing they want pending the ultimate outcome of the case. This is particularly true where the item will tend to dissipate or was obtained by fraud.
You wrote the algorithm, why don’t you know how it works? (Perhaps it’s not the algorithm at all…)
https://www.protocol.com/policy/twitter-algorithm-right-wing-bias
Twitter’s own research shows that it’s a megaphone for the right. But it’s complicated.
Twitter is publicly sharing research findings today that show that the platform's algorithms amplify tweets from right-wing politicians and content from right-leaning news outlets more than people and content from the political left.
The research did not identify whether or not the algorithms that run Twitter's Home feed are actually biased toward conservative political content, because the conclusions only show bias in amplification, not what caused it. Rumman Chowdhury, the head of Twitter's machine learning, ethics, transparency and accountability team, called it "the what, not the why" in an interview with Protocol.
"We can see that it is happening. We are not entirely sure why it is happening.
Privacy in a place you have to ‘open up.”
https://themarkup.org/blacklight/2021/10/21/nonprofit-websites-are-riddled-with-ad-trackers
Nonprofit Websites Are Riddled With Ad Trackers
Such organizations often deal in sensitive issues, like mental health, addiction, and reproductive rights—and many are feeding data about website visitors to corporations
Last year, nearly 200 million people visited the website of Planned Parenthood, a nonprofit that many people turn to for very private matters like sex education, access to contraceptives, and access to abortions. What those visitors may not have known is that as soon as they opened plannedparenthood.org, some two dozen ad trackers embedded in the site alerted a slew of companies whose business is not reproductive freedom but gathering, selling, and using browsing data.
The Markup ran Planned Parenthood’s website through our Blacklight tool and found 28 ad trackers and 40 third-party cookies tracking visitors, in addition to so-called “session recorders” that could be capturing the mouse movements and keystrokes of people visiting the homepage in search of things like information on contraceptives and abortions. The site also contained trackers that tell Facebook and Google if users visited the site.
The Markup’s scan found Planned Parenthood’s site communicating with companies like Oracle, Verizon, LiveRamp, TowerData, and Quantcast—some of which have made a business of assembling and selling access to masses of digital data about people’s habits.
Learning how to “Privacy.”
New IAPP-EY Privacy Governance Report Shows Rising Concerns About Cross-Border Data Transfers, Widespread Adoption of SCCs
The annual Privacy Governance Report from researchers at IAPP and EY focuses on the ongoing COVID-19 pandemic and its impact on privacy professions. But it also examines at least one seismic event that has had nearly as much impact on companies doing business in the EU: the Schrems II decision and the resulting complications it has created for data transfers to the United States.
The report finds that the majority of privacy professionals are having to deal with the Schrems decision, and that the most common strategy by far is the use of standard contractual clauses (SCCs) and third countries in the data transfer chain.
Keeping an eye on AI.
https://venturebeat.com/2021/10/21/ai-driven-strategies-are-becoming-mainstream-survey-finds/
AI-driven strategies are becoming mainstream, survey finds
Deloitte today released the fourth edition of its State of AI in the Enterprise report, which surveyed 2,857 business decision-makers between March and May 2021 about their perception of AI technologies. Few organizations claim to be completely AI-powered, the responses show, but a significant percentage are beginning to adopt practices that could get them there.
In the survey, Deloitte explored the transformations happening inside firms applying AI and machine learning to drive value. During the pandemic, digitization efforts prompted many companies to adopt AI-powered solutions to back-office and customer-facing challenges. A PricewaterhouseCoopers whitepaper found that 52% percent of companies have accelerated their AI adoption plans, with global spending on AI systems set to jump from $85.3 billion in 2021 to over $204 billion in 2025, according to IDC.
(Related) Another view.
Gartner’s list of top tech initiatives for 2022
Gartner released its annual list of top strategic technology trends this week, projecting that 2022 will keep enterprise executives busy with new developments in everything from artificial intelligence to cybersecurity.
While much of this tech is centered on greater automation and even autonomy in data systems, there are also some outliers in areas like mesh networks and application-level composability.
Perspective.
Palantir’s Peter Thiel thinks people should be concerned about surveillance AI
Tech billionaire Peter Thiel believes that people should be more worried about “surveillance AI” rather than artificial general intelligences, which are hypothetical AI systems with superhuman abilities.
The venture capitalist, who co-founded big data firm Palantir, said at an event in Miami on Wednesday that on the path to AGI, you get surveillance AI, which he described as a “communist totalitarian technology.”
Those that are worried about AGI aren’t actually “paying attention to the thing that really matters,” Thiel said, adding that governments will use AI-powered facial recognition technology to control people.
His comments come three years after Bloomberg reported that “Palantir knows everything about you.”
Perspective.
https://www.bbc.com/news/technology-59008812
Tech Tent: The world in 2031
This week Tech Tent gets out its crystal ball and asks some big thinkers to work out what the world will look like a decade from now.
Listen to the latest Tech Tent podcast on BBC Sounds
Don’t ya hate it when you have to re-think everything? Available Nov 9th
Human History Gets a Rewrite
… It is also, according to Graeber and Wengrow, completely wrong. Drawing on a wealth of recent archaeological discoveries that span the globe, as well as deep reading in often neglected historical sources (their bibliography runs to 63 pages), the two dismantle not only every element of the received account but also the assumptions that it rests on. Yes, we’ve had bands, tribes, cities, and states; agriculture, inequality, and bureaucracy, but what each of these were, how they developed, and how we got from one to the next—all this and more, the authors comprehensively rewrite. More important, they demolish the idea that human beings are passive objects of material forces, moving helplessly along a technological conveyor belt that takes us from the Serengeti to the DMV. We’ve had choices, they show, and we’ve made them. Graeber and Wengrow offer a history of the past 30,000 years that is not only wildly different from anything we’re used to, but also far more interesting: textured, surprising, paradoxical, inspiring.
The Dawn of Everything: A New History of Humanity
Sign away everything.
https://dilbert.com/strip/2021-10-22
No comments:
Post a Comment