Tuesday, January 25, 2022

Subscribers Only

Free

Langevin, Katko Retirements Create Cyber Gap in Congress

Representatives Jim Langevin (D-RI) and John Katko (R-NY) have each announced that they will not be seeking re-election in November. Both legislators have focused considerable attention on cybersecurity issues, and on working with the other party to pass legislation addressing them. “You have a Republican and a Democrat, both who recognized the national security implications […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Cybersecurity Risks from Renewable Energy Sector

The energy sector is already an attractive target for hackers, and a report from the UK’s Royal United Services Institute indicates that the growth of the renewable energy sector, creates cybersecurity risks from vulnerabilities in everything from power plants down to smart meters. A key issue is renewables’ use of new – and more pervasive […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Credential Stuffing: Cyber Best Practices from NY Attorney General’s Latest Report

In new guidance, New York state’s attorney general urges businesses to incorporate safeguards to detect and prevent credential-stuffing attacks in their data security programs. This guidance – a kind uncommon from state AGs – is promoted by its finding that 1.1 million customer accounts at “well-known” companies had been compromised in automated attacks using usernames and […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

EU Authority Rules that U.S. Government Surveillance of Google Analytics Conflicts with GDPR

A new ruling by the Austrian Data Protection Authority traps EU/US data transfers between the General Data Protection Regulation and the Foreign Intelligence Surveillance Act, whose respective goals are fundamentally at odds. This case concerns data from a European company transferred to Google in the United States via Google Analytics. The Austrian DPA has ruled […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Tensions with Russia Prompt CISA Warning to Critical Infrastructure

CISA, in tandem with the FBI and NSA, has issued a Cybersecurity Advisory to warn organizations – especially critical infrastructure operators – to “adopt a...

Texas and Federal Government Seek to Protect U.S. Infrastructure From Disruption by Foreign Adversaries

The Lone Star Infrastructure Protection Act, a new Texas law that went into effect June 2021, prohibits Texas businesses and governments from contracting with entities owned or controlled by individuals from China, Russia, North Korea, and Iran, if the contracting relates to “critical infrastructure” and provides the foreign party remote access or control of the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

White House Hosts Tech Summit to Discuss Security of Open-Source Software

The White House hosted a summit for representatives of federal agencies and major tech companies to discuss the security of open-source software, prompted in part by the vulnerability in the widely used Log4j logging utility. The goal was to identify ways to improve the security of open-source software and to support the collaborative communities that […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NIST Seeks Advisors for Internet-of-Things Board

The National Institute of Standards and Technology is developing its first Internet of Things Advisory Board, and is seeking nominations for members, who will serve two years each. The 16-member body and its working groups will research, analyze, and advise NIST on federal policy that might influence IoT devices and industries. Secretary of Commerce Gina […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Rosenworcel Moves to Update Data Breach Reporting Requirements Under CPNI Rules

FCC chair Jessica Rosenworcel has circulated to her colleagues a Notice of Proposed Rulemaking to update the rules for notifying customers and federal law enforcement of breaches involving customer proprietary network information. The proposed “updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors.” The […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CPPA Releases Public Comments for CPRA Regulations

Public comments to recently published regulations governing compliance with the California Privacy Rights Act show that stakeholders sharply disagree on multiple areas of the CPRA. Seventy submissions totaling nearly 900 pages were published by the California Privacy Protection Agency during a forty-five day comment period. The agency solicited preliminary written comments from the public in […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.