Sunday, September 27, 2020

Subscribers Only

Free

Congress Questions NASA on Cybersecurity Efforts

Foreign and domestic hacking activity targeting NASA continues to grow at a time when at least 75 percent of NASA’s civilian employees are working at home, according to agency officials. An inspector general report released in June found that NASA continues to struggle with implementing cybersecurity policies, despite spending about $2.3 billion on IT, networking, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Treasury Needs Better Cybersecurity Tracking

A GAO report states that the Treasury Department isn’t keeping up with tracking how well the financial services sector is mitigating cybersecurity risk, and needs to put data behind its efforts. The department says the same problem that prevented it from developing metrics five years ago remains: the reluctance of financial services firms to share […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Interior Department OIG Clearly Had Some Fun Hacking the Agency’s Wi-Fi Networks

Rather than using expensive outside experts to test the security of wireless networks at the Department of the Interior, inspector general investigators used cheap, readily available hacking tools. They found systematic weakness in the department’s security that a malicious hacker could have exploited to steal data, and their mock attacks were not noticed by either […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California Legislature Adopts CCPA Exemption for Information Deidentified in Accordance with the HIPAA Privacy...

The California legislature passed AB 713, which would create a new healthcare-related exemption under the CCPA. All provisions of the bill will take effect immediately to prevent the CCPA from “negatively impact[ing] certain health-related information and research,” except for certain required contractual provisions. Information is not subject to the CCPA’s obligations if: It is deidentified […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Brazil’s General Data Protection Law: A Comparison Between Brazil’s Newly Effective Law and the...

After some back and forth between the president and the legislature about the date, Brazil’s General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, or LGPD), a law similar to the European Union’s GDPR, is now in effect. Businesses that are GDPR compliant may be well on their way to achieving compliance with […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Senators Demand More Details on VA Breach

Several Senate Democrats are demanding more information about the Department of Veterans Affairs' cybersecurity practices following the disclosure that a breach exposed data on...

NIST and the Internet Keep Safe Coalition Join Forces on K12 Cybersecurity Education

The National Institute of Standards and Technology has a new cooperative agreement with the Internet Keep Safe Coalition (iKeepSafe) to assist the National Initiative for Cybersecurity Education in its outreach efforts to build a K12 community that inspires cybersecurity career awareness with students in elementary school, stimulates cybersecurity career exploration in middle school, and enables […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Cybersecurity: A Guide to Preparing for and Responding to a Breach

A cyber breach can have serious legal, financial, and reputational consequences for a company. As such, cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at a company should take the lead to ensure that the company is taking appropriate actions to protect itself against cyber risks. There […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Lessons From the Complaint Against Uber’s Former Chief Security Officer

Former Uber CSO Joe Sullivan was charged last month with obstruction of justice and misprision of a felony for knowingly concealing a hack of Uber in 2016. Looking at the charges, Knobbe Martens identifies lessons about how a company should respond to cyber intrusions, considering: (1) what Sullivan allegedly did wrong; (2) what corporate officers […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Massachusetts Attorney General Creates Data Privacy And Security Division

The Massachusetts Office of the Attorney General has created a new Data Privacy and Security Division, charged with protecting consumers from the threats to the privacy and security of their data. In the Fall of 2019, governor Charlie Baker introduced an expansive cybersecurity program, including statewide workshops for municipalities to work together to enhance their […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.