A new definition of war?
https://www.theregister.com/2021/11/30/lloyds_london_cyber_insurance_clauses/
Lloyd's of London suggests insurers should not cover 'retaliatory cyber operations' between nation states
Lloyd’s of London may no longer extend insurance cover to companies affected by acts of war, and new clauses drafted for providers of so-called "cyber" insurance are raising the spectre of organisations caught in tit-for-tat nation state-backed attacks being left high and dry.
The insurer's "Cyber War and Cyber Operation Exclusion Clauses", published late last week, include an alarming line suggesting policies should not cover "retaliatory cyber operations between any specified states" or cyber attacks that have "a major detrimental impact on… the functioning of a state."
"The insurer shall have the burden of proving that this exclusion applies," warn the exclusion policies published by the Lloyd's Market Association.
Although the wordings in the four clauses are published as a suggestion for insurers in Lloyd's-underwritten policies and are not concrete rules, they provide a useful indicator for the direction of travel in the slow-moving cyber insurance world.
The policy clauses also raise the idea of insurance companies attributing cyber attacks to nation states in the absence of governments carrying out attribution for specific incidents, an idea that seems extremely unlikely to survive contact with reality. All four of the clauses, available as PDFs from the bulletin, contain this wording:
Pending attribution by the government of the state (including its intelligence and security services) in which the computer system affected by the cyber operation is physically located, the insurer may rely upon an inference which is objectively reasonable as to attribution of the cyber operation to another state or those acting on its behalf. It is agreed that during this period no loss shall be paid.
Your results may vary…
https://www.databreaches.net/recovering-from-ransomware-one-organizations-inside-story/
Recovering from ransomware: One organization’s inside story
Yann Serra reports:
On Sunday 21 February 2021, Manutan, a large office equipment distributor, discovered that two-thirds of its 1,200 servers had succumbed to a cyber attack by the DoppelPaymer ransomware crew.
Commercial activity at the France-headquartered company – which has 25 subsidiaries spread across Europe – would be frozen for 10 days and did not resume fully until May. This has now led to a total overhaul of its IT systems, which started in September and is set to take 18 months.
Manutan cannot reveal the scale of the economic losses it suffered in the cyber attack, and when asked that exact question, Jérôme Marchandiau, the group’s director of IT operations, says that the more profound impact was on the employees themselves.
Read more on ComputerWeekly. This company admits mistakes it had made and lessons learned. And it really does shine some light on what goes on — the impact on employees, and the failure of big companies that you may have contracts with and rely on to actually help you when you need it the most (spoiler alert: Microsoft gets slammed in this report)
Providing potential evidence without realizing it?
As critics warn of genetic ‘surveillance’, RCMP explores use of DNA matching in criminal probes
Catharine Tunney reports:
… While law enforcement’s use of genetic genealogy has been credited with advancing and solving cold cases, it’s also raising ethical questions about how police are taking advantage of the at-home DNA testing trend.
“There have been some pretty big wins with this technology, but the downsides are pretty big as well,” said Brenda McPhail, director of the Canadian Civil Liberties Association’s privacy, surveillance and technology program.
Read more on CBC.
If I tell you how my algorithm works, would you know if that was the proper/best way to do it?
Working of algorithms used in government decision-making to be revealed
Ministers and public bodies must reveal the architecture behind algorithms that influence exam results, housing benefit allocations and pothole repairs, under new transparency standards.
The UK government has published a transparency standard for algorithms, the series of instructions that a computer follows to complete a task or produce a single outcome. Algorithms have become the focus of increasing controversy, whether through their role in deciding A-level results last year or making decisions about benefit claims.
Under the new approach, government departments and public sector bodies will be required to explain where an algorithm was used, why it was used and whether it achieved its aim. There will also be an obligation to reveal the architecture behind the algorithm. It will be tested by several government departments and public sector bodies in the coming months before being reviewed again and formally launched next year.
Automated auditing? Data flows and processes change constantly. How often must you try to identify privacy risks?
https://techcrunch.com/2021/11/30/soveren-seed-gdpr-compliance/
Soveren launches from stealth with $6.5M seed funding to automate GDPR compliance
Soveren, a London-based startup that automates the detection of privacy risks to help organizations comply with GDPR and CCPA, has launched out of stealth with $6.5 million in seed funding.
The company analyzes real-time data flows inside an organizations’ infrastructure to discover personal data and detect privacy risks to make it easier for CTOs and CISOs to recognize and address privacy gaps.
… “Security software successfully addresses security threats, but has a limited impact on addressing privacy challenges,” Peter Fedchenkov, founder and co-CEO of Soveren, tells TechCrunch. “This is because, unlike other confidential data that can be easily isolated, personal data is actually meant to be accessed, used, and shared in day-to-day business operations. We believe that privacy is the new security because it demands the same automated, continuous protection measures.”
(Related)
https://hbr.org/2021/11/how-to-navigate-the-ambiguity-of-a-digital-transformation
How to Navigate the Ambiguity of a Digital Transformation
Summary: A successful digital transformation can be hard to predict or plan; it is often the result of new customer interactions, new combinations of talent and teams, unexpected alliances with new partners, and entirely new business models. These components are constantly evolving, shaped, and influenced by algorithmic systems, aggregated in such a way that their collective behavior is more than the sum of their parts. More is different. Just as water becomes ice when cold enough, or graphite turns into diamond under enough pressure, at a critical point, more data and algorithms can transform an organization or an industry into something else entirely. That raises a question for leaders: how do you navigate a transformation from what you know to what you have yet to define? What you need is an emergent approach to digital transformation, focused on the three principles described in this article.
(Related)
https://www.nytimes.com/2021/11/29/your-money/credit-score-alternatives-options.html
No Credit Score? No Problem! Just Hand Over More Data.
To determine your risk, start-ups are applying technology to data points as various as your college and the mileage on the used car you want to buy.
Perspective. Is this a good thing? Plain as in written at a sixth grade level?
https://www.bespacific.com/the-rise-of-plain-language-laws/
The Rise of Plain Language Laws
Blasie, Michael, The Rise of Plain Language Laws (October 1, 2021). University of Miami Law Review, 2022 Forthcoming, Available at SSRN: https://ssrn.com/abstract=3941564 or http://dx.doi.org/10.2139/ssrn.3941564
“When lawmakers enacted 778 plain language laws across the United States, no one noticed. Apart from a handful, these laws went untracked and unstudied. Without study, large questions remain about these laws’ effects and utility, and about how they inform the adoption or rejection of plain language. This Article creates a conceptual framework for plain language laws to set the stage for future empirical research and normative discussions on the value of plain language. It unveils the first nationwide empirical survey of plain language laws to reveal their locations, coverages, and standards. In doing so, the Article creates a systematic method to find these laws. Then it coins categories and terminology to describe their coverage and standards, thus creating a timely launchpad for future scholarship on domestic and international plain language laws. Along the way, the Article exposes the previously unknown scope of these laws—from election ballots and insurance contracts to veterans housing and consumer contracts to regulatory drafting and governor reports. That scope underscores the pervasive influence of plain language across public and private sectors, and over lawyers and non-lawyers alike. More, the survey reveals significant intrastate and interstate variations and trends in coverages and standards. With this knowledge, for the first-time empirical research can more precisely measure the benefits and costs of plain language laws while controlling for variables. Plus, the Article sets the stage for a forthcoming series of normative assessments on the role and design of plain language laws. Ultimately, the Article reignites a lively discourse on plain language amongst lawmakers, practitioners, and academics.”
You won’t use these every day, but keep them in your toolkit.
https://www.makeuseof.com/tag/download-anything-free/
How to Download Anything on the Web for Free: 12 Tips and Tools
There are countless useful things online that aren't easy to download. Photos, music, videos, maps, and other exciting content often doesn't come with a download button. It's also possible they're no longer free or may be gone from the web altogether.
Here, we'll show you how to download anything from the web that you thought you couldn't for free (but without breaking the law).
No comments:
Post a Comment