In This Issue
- Target: Net Neutrality
- Cyber Bill of Rights?
- Privacy Push to States
- Report from the CEO
- Senate Privacy Vote
- Cos Can Stay Ahead
- Cyber Best Practices
- Cos: Share Cyber Data
- WikiLeaks & Spy Tools
- AWS Security Primer
- Cyber Risks Network
- Online Cyber Course
- Google Cloud Clients
- Google Secret: People
- Cloud for Everything?
- Edge Will Eat Cloud
- Coming DCIA Events
The Trump administration served notice on Thursday that its next move to deregulate broadband internet service companies would be to jettison the Obama administration’s net neutrality rules, which were intended to safeguard free expression online.
The net neutrality rules, approved by the Federal Communications Commission in 2015, aimed to preserve the open internet and ensure that it could not be divided into pay-to-play fast lanes for web and media companies that can afford it and slow lanes for everyone else.
Supporters of net neutrality have insisted the rules are necessary to protect equal access to content on the internet.
Opponents said the rules unfairly subjected broadband internet suppliers like Verizon, AT&T, Comcast, and Charter to utility-style regulation.
In a news conference, Sean Spicer, the White House spokesman, mentioned the net neutrality rules affecting telecommunications and cable internet services, noting that the Obama administration had “reclassified them as common carriers.”
Mr. Spicer said President Trump had pledged to reverse this overreach… Read More
Your email could be hacked.
Your TV might be recording your conversations.
More and more of your personal data is being mined every day.
Data breaches have become commonplace.
Even your child’s doll might invite a stranger into your house.
By any measure, our privacy is in jeopardy.
When our conversations are no longer private, when our personal data is being sliced and diced every which way, when we can’t expect even our messages, our photos, and our email to remain in our control, that fundamentally changes who we are and how we act.
The US Constitution doesn’t specifically define protections for privacy, but the time has come to consider a new series of amendments… Read More
Now that Republicans are in charge, the federal government is poised to roll back regulations limiting access to consumers’ online data.
States have other ideas.
As on climate change, immigration and a host of other issues, some state legislatures may prove to be a counterweight to Washington by enacting new regulations to increase consumers’ privacy rights.
Illinois legislators are considering a “right to know” bill that would let consumers find out what information about them is collected by companies like Google and Facebook, and what kinds of businesses they share it with.
Such a right, which European consumers already have, has been a longtime goal of privacy advocates.
Two other proposals face a crucial Illinois House committee vote this week.
One would regulate when consumers’ locations can be tracked by smartphone applications, and another would limit the use of microphones in internet-connected devices like mobile phones, smart TVs and personal assistants like Amazon’s Echo… Read More
This week, the US Senate approved a resolution under the Congressional Review Act to roll-back the broadband consumer privacy rules adopted in October by the Federal Communications Commission (FCC), which would have gone into effect later this year.
The US House of Representatives approved a similar measure later in the week.
The broadband consumer privacy rules were intended to protect internet users from certain methods of unauthorized collection and utilization of sensitive data regarding their online activity.
The FCC rules would have applied to broadband network operators, while online web companies are covered separately under privacy protection rules enforced by the Federal Trade Commission (FTC).
The step taken by the Senate will remove the conflicting set of privacy protections and double-standard created by such different sets of regulation for internet service providers (ISPs) and the rest of the internet ecosystem.
While visibility into online users’ behavior is different for internet service providers (ISPs) than for web-based companies, it would have been challenging to synthesize these different regimes to ensure equitability, provide for a nondiscriminatory approach with consistent regulatory standards, and avoid confusion at the consumer level.
Consumers are attracted to online services, regardless of the source, supported by business models that defray costs through the integration of targeted advertising, which can be more valuable to both service providers and end-users than untargeted messages.
In addition, individualized content with enhancements driven by such factors as browsing data and other usage behavior benefits customers greatly.
An essential component to distributed computing industry expansion is maintaining and, where possible, increasing consumer trust.
Going forward, the structure for consent and the definitions of what constitutes sensitive information should be brought into line for such data collection and for that conducted by online offerings ranging from browsers to websites to software programs to mobile applications.
More work is necessary to develop a reasonable and coherent framework of regulations that are consistent and transparent to the consumer, and logically enforced by a single agency, to be applied fairly and in an unbiased manner at all levels of the distributed computing ecosystem.
Consumers deserve no less. Share wisely, and take care.
The US Senate on Thursday voted narrowly to repeal regulations requiring internet service providers (ISPs) to do more to protect customers’ privacy than websites like Alphabets Google or Facebook.
The vote was along party lines, with 50 Republicans approving the measure and 48 Democrats rejecting it.
The two remaining Republicans in the Senate were absent and did not cast a vote.
According to the rules approved by the Federal Communications Commission (FCC) in October under then-President Barack Obama, internet providers would need to obtain consumer consent before using precise geolocation, financial information, health information, children’s information and web browsing history for advertising and internal marketing.
The vote was a victory for internet providers such as AT&T, Comcast, and Verizon, which had strongly opposed the rules.
The bill next goes to the US House of Representatives, but it was not clear when they would take up the measure.
Senate Majority Leader Mitch McConnell said the Senate was overturning a regulation that “makes the internet an uneven playing field, increases complexity, discourages competition, innovation, and infrastructure investment… Read More
If you’re like me, on a given day you interact with a whole range of connected technologies for work and play.
Just today, I used Box to share and download files for work, called up Tile to find my keys, relied on Google Maps to run an errand while streaming a podcast to my AirPods, and connected via Skype with a colleague overseas.
And that was all before lunch.
As we interact with technology of all sorts, what security safeguards should we expect from the companies building the Internet of Everything?
Cyberattacks can interrupt business operations, hurting companies’ bottom lines, and can infringe upon the privacy and other human rights of consumers and the general public.
Right now, there isn’t much regulation around companies’ cybersecurity practices.
For example, Congress has not required that Internet of Things (IoT) devices accept security updates, nor that consumer information be fully encrypted to limit the effects of a data breach… Read More
It’s no secret that cybersecurity has moved into the mainstream of most organizations.
As vectors and exposure points have increased, attack methods have become more sophisticated, data flows have become more connected and complex, threats have spiked and, in many cases, the resulting damage has been enormous.
“The landscape is changing dramatically,” states Kevin Richards, managing director, North America Security Practice and global lead for security, strategy and risk at Accenture Security.
To be sure, several trends are converging to create a far more dangerous cyber-security landscape.
IT is rapidly moving into the cloud, the internet of things (IoT) is growing rapidly, and, as mobility becomes even more embedded and pervasive, third-party ecosystems are expanding.
As a result, attack surfaces are growing exponentially, and software-defined everything means that bugs and coding flaws touch virtually every system and device.
The takeaway? A focus on improving the state of enterprise cybersecurity is unavoidable… Read More
US companies large and small feeling the burn in the aftermath of a data breach are struggling to find resources to bolster their security systems, cybersecurity industry panelists said at a March 9th House Homeland Security Cybersecurity and Infrastructure Subcommittee hearing.
Cybercriminals usually don’t discriminate based on a company’s size, going after valuable personal data no matter the target.
Companies of all sizes need to work with the government and private-sector partners to combat the growing cyberthreat in the US, even though many hesitate to share threat data, given the limited liability protection offered by the government.
Separate from the hearing, Congressman Steve Chabot (R-OH), the House Small Business Committee chairman, told Bloomberg BNA March 9th that small businesses feel post-data breach fallout more strongly than large companies “such as Ford, General Motors, and General Electric.”
Unlike large companies, nearly 60 percent of small businesses have to close shop after a data breach, which costs, on average, about $32,000 per attack, he said.
That highlights the need for cybersecurity help at all levels of industry, Chabot said… Read More
Anti-secrecy group WikiLeaks on Tuesday published what it said were thousands of pages of internal Central Intelligence Agency (CIA) discussions about hacking techniques used over several years, renewing concerns about the security of consumer electronics and embarrassing yet another US intelligence agency.
The discussion transcripts showed that CIA hackers could get into Apple iPhones, Google Android devices, and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.
Cybersecurity experts disagreed about the extent of the fallout from the data dump, but said a lot would depend on whether WikiLeaks followed through on a threat to publish the actual hacking tools that could do damage.
Reuters could not immediately verify the contents of the published documents, but several contractors and private cyber security experts said the materials, dated between 2013 and 2016, appeared to be legitimate.
A longtime intelligence contractor with expertise in US hacking tools told Reuters the documents included correct “cover” terms describing active cyber programs.
Among the WikiLeaks claims is that the CIA has been able to bypass the encryption on popular messaging apps… Read More
If you’re considering migrating your business applications to a public cloud, the chances are that you’ve looked into Amazon Web Services.
With its higher capacity and wide range of cloud services, AWS has become the most popular choice for businesses looking to take advantage of the scalability and cost-effective storage that cloud computing offers.
Security in AWS is based on a shared responsibility model: Amazon provides and secures the infrastructure, and you are responsible for securing what you run on it.
This model gives you greater control over your traffic and data, and encourages you to be proactive.
However, before migrating your applications to AWS, here are some tips on how to manage and enforce security for maximum protection across your AWS and on-premise environment.
Amazon offers a virtual firewall facility for filtering the traffic that crosses your cloud network segment; but the way that AWS firewalls are managed differs slightly from the approach used by traditional firewalls… Read More
Financial firms have long used rating agencies like Moody’s or S&P to judge the risk of bonds.
Now, companies that face risk from cyberattacks – which these days is almost everyone – have a tool to do the same.
On Wednesday, CyberGRX unveiled a platform that acts as a clearinghouse for cyber risk.
Developed by a group of blue chip security pros from companies like Blackstone and Aetna, CyberGRX promises to make the process of flagging cyber dangers from their vendors dramatically more efficient.
The risk posed by vendors has been top of mind for many companies ever since the infamous hack on Target in 2013, which saw attackers compromise the computer systems of Target’s HVAC supplier in order to steal credit card information from 40 million customers.
According to Jay Leek, the former chief security officer of Blackstone, the idea for a clearinghouse came about because companies spend enormous amounts of time filling out check-lists to assess the security risks posed by their vendors.
Many of Blackstone’s portfolio companies, for instance, were all conducting the same compliance tests… Read More
A growing trend in the cybersecurity industry is rooted in educating everyone about the risks of a cyberattack.
Universities around the world are developing undergrad and graduate degree programs, professional mentors are engaging with high school students, girls are coding.
Everyone’s getting in on cybersecurity awareness, particularly as it relates to business risk.
That’s why MIT is launching a new online course for business professionals titled, Cybersecurity: Technology, Application and Policy.
MIT Professor Howard Shrobe, Director of Cybersecurity and a principal research scientist at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), said, “We created this course to tackle the ever-important issue of cybersecurity.”
“Cyberattacks continue to occur and we are basically stuck in what I often refer to as “cyber hell,” paying this reactive game of catch-up in which bad actors always seem to have the advantage.”
MIT’s mission is to move organizations away from the current “patch and pray” approach toward security by default… Read More
Alphabet’s Google is making progress in taking on cloud computing leaders Amazon and Microsoft, executives said on Wednesday, as the search engine company stakes more of its future on the cloud as a new source of growth.
At a conference in San Francisco, CA, Google cloud computing chief Diane Greene ticked off a host of new clients, including HSBC, Colgate, Verizon and eBay.
The company also announced it had acquired Kaggle, a popular platform for data scientists that could boost Google’s edge in the crowded field of artificial intelligence.
Despite the announcements, analysts said Google remains a distant third in the market for cloud computing, the increasingly popular practice of using remote internet servers to store, manage and process data.
“The big challenge Google faces is that, for all the names it announced today, it’s still miles behind Amazon and Microsoft in terms of scale,” said analyst Jan Dawson of Jackdaw Research.
“It has a long way to go, and a few more client announcements aren’t going to close the gap”… Read More
But the company is also leveraging a surprising resource to win enterprise customers – people.
It’s surprising because Google’s biggest successes have come from technology that pretty much sells itself, such as search and related advertising services like AdWords and AdSense.
But in those areas, Google succeeded because it was able to adroitly exploit its first mover advantage.
In cloud computing, it trails the clear leader Amazon Web Services (AWS) and second-place Microsoft Azure.
Customers, in general, praised the announcements, but then also shared an overlooked aspect of Google’s enterprise marketing… Read More
The cloud is already playing a key role in education — and that part will only grow in coming years.
On-demand IT has reached a tipping point and organizations of all sizes and sectors are using cloud computing services to run and develop their businesses.
The cloud is disrupting traditional operating models for IT departments and entire organizations.
But where does the cloud go next and what are some of the interesting use cases that will help take cloud to the next level?
Four business and tech leaders discuss what the cloud now means for their businesses.
Okta CIO Mark Settle runs his organization, an identity management specialist, using about 140 cloud-based applications.
“I have no data center to worry about,” he says.
“It makes the budgeting cycle so much easier.”
“You basically look at your list of SaaS subscription fees and project what the future costs will be like”… Read More
Today, cloud computing is eating enterprise data centers, as more and more workloads are born in the cloud, and some are transforming and moving to the cloud. But there’s another trend that will shift workloads and data and processing and business value significantly away from the cloud.
The edge will eat the cloud. And this is perhaps as important as the cloud computing trend ever was.
Several overlapping trends are colliding:
Cloud computing, centralizing IT for massive economies of scale and agile provisioning, volatility and growth,
The Internet of Things (IoT), where things are becoming connected and sending reams of data,
Machine learning, taking all of that data and improving processing and predictions,
Augmented and Mixed Reality (along with Virtual Reality), where people can interact with other people and things both in physical and virtual worlds, and
Digital Business and the Digital World, where connections are pushing us to more and more real-time interactions and decisions… Read More
Delivery of Things World — April 24th and 25th in Berlin, Germany. Over 400 IT executives will discuss what DevOps really means for business. This event brings together all stakeholders to share their experience and expertise.
Security of Things World — June 12th and 13th in Berlin, Germany. A world class event focused on the next information security revolution. Security concerns that preoccupy enterprise customers today and pragmatic solutions to threats.
Autonomous Systems World — June 14th and 15th in Berlin, Germany. An international knowledge exchange among top experts in the field, providing a unique glimpse into the fascinating world of autonomous robots, intelligent machines, and smart technologies.
INTRASECT — June 29th and 30th in Washington, DC. The first conference of its kind to engage key stakeholders in a comprehensive and engaging examination of existing and future regulatory policy governing the usage of commercial autonomous vehicles.
Industry of Things World Asia — July 3rd and 4th in Singapore. An international knowledge exchange platform bringing together more than 300 high-level executives who play an active role in the industrial internet of things (IoT).
Industry of Things World Europe — September 18th and 19th in Berlin, Germany. Join more than 1,000 high-level executives to rethink your technology and business strategy for scalable, secure, and efficient IoT.