Companies increasingly aware of data breach and cyber liability risk, says expert

From: Out-Law.com

Businesses are becoming increasingly aware of insurance products that protect against the risks posed by data breaches and liability for other cyber incidents, an expert has said

Insurance data risks and cyber liability specialist Ian Birdsey of Pinsent Masons, the law firm behind Out-Law.com, said that in-house lawyers were encouraging businesses to become more aware of cyber products but that they still faced challenges in convincing senior management that it is worth investing in insuring against the risk of cyber attacks.

Birdsey was commenting after a Zurich-sponsored survey of more than 500 risk managers by insurance market researchers Advisen detailed that 60% of companies do not have cyber liability insurance.


Official Calls for Iran’s Smart Confrontation with Enemy’s Cyber Threats

From: FARS News Agency (Iran)

TEHRAN (FNA)- The enemy is developing, mastering and using the hi-tech to strike at Iran and Tehran should adopt a smart civil and cyber defense strategy against this approach, Head of Iran’s Civil Defense Organization Brigadier General Gholam Reza Jalali said.

Addressing a ceremony in Tehran on Sunday, Jalali said his organization aims to harness and reduce threats against Iran, “so, threats determine the direction of our movement”.


Australia: Next stage in privacy law reforms: Discussion paper released on mandatory data breach notification laws

From: Mondaq/Clayton Utz

Article by Sharon Segal and Chris McLeod

The discussion paper considers the rationale for mandatory data breach notification laws and a range of data breach notification regimes that have been proposed or legislated in Australia and other jurisdictions.

The Commonwealth Attorney-General, Nicola Roxon, released a discussion paper on 17 October 2012 seeking views on whether a mandatory data breach notification law should be introduced in Australia and, if so, how it should be framed.


How The Feds Drive Cloud Innovation

Editor’s Note:  The last sentenance of this article is worth noting as it is equally true for Big Data and cybersecurity projects, “The federal IT budget remains flat, and scratch-pad analysis says they can save 10% or more in the cloud. The business case, where it holds up, is impossible to ignore.”

From: InformationWeek

John Foley

The coolest cloud computing application in the world — and in our solar system — comes from NASA. The space agency is using commercial cloud services to process the digital images being transmitted to Earth from the Curiosity rover as it searches for signs of life on Mars.


US-CERT warns DKIM email open to spoofing

From: The Register

Mathematician accidentally spots flaw

By Iain Thomson

US-CERT has issued a warning that DomainKeys Identified Mail (DKIM) verifiers that use low-grade encryption are open to being spoofed and need to be upgraded to combat attackers wielding contemporary quantities of computing power.

You might think this is no big deal – after all the value of strong cryptography has been recognized for years. Unfortunately this problem has been found to affect some of the biggest names in the tech industry, including Google, Microsoft, Amazon, PayPal and several large banks.


Cybersecurity Never Sleeps, Except In Canada

From: TechDirt

from the this-post-closes-at-5pm dept

We’re highly critical of most government cybersecurity efforts for a number of reasons. One is that they are often pushed with totally overblown rhetoric about power grids going down and planes falling from the sky. That said, it’s not as though we want our governments to be completely ignorant about security issues online — more realistic threats like data breaches are something we expect them to be protected against, especially as they struggle to bring more and more government services online. Which brings us to another big reason we are critical of new cybersecurity powers for the government: they usually aren’t very good at it, and fail to make smart use of the powers and resources they already have. In the US, federal agencies are demanding more information sharing powers without identifying the obstacles they claim to face. In Canada, a public audit reveals that they have made little effort to start sharing security information at all:


Protect Network Information Security In Accordance with the Law

Editor’s Note:  Translation courtesy of CRE.

From: Cheng Lin, Party Secretary and President of Chinese People’s Public Security University (via GMW.cn)

The 21st century is the age of information, information networks and society are closely intertwined. Network security is no longer a purely technical issue, but a real social issue.


Currently, China’s network information security is facing three serious challenges:


Cyber-Threats Affect Industries Differently: Verizon Report

Editor’s Note:  For additional information about the reports, including copies of each industry-specific report, see FISMA Focus here.

From: eWeek

By Robert Lemos

While financial services has to worry about targeted attacks looking to siphon money, health care breaches mainly affected smaller doctors’ offices and were used to perpetrate insurance fraud schemes.

Different industries need to worry about attackers taking different tactics to compromise their systems and steal data, according to five new analyses of data from Verizon’s annual Data Breach Investigations Report (DBIR).


Cyberattack on Saudi Oil Company Aramco Reverberates (mp3)

From:  PRI’s The World, a co-production of WGBH/Boston, Public Radio International, and the BBC World Service

Editor’s Note:  The PRI interview with Reporter Dan De Luce who covers the Pentagon for the AFP news agency is attached here.


Data Lawyers and Preventive Law

From: Law Technology News

In-house counsel will use Big Data to reduce costs and litigation risks.

By Nick Brestoff

I fondly remember Louis M. Brown (1909-1996), a University of Southern California professor of law who advocated for and arguably pioneered the concept of “preventive law.”  His philosophy was this:  “The time to see an attorney is when you’re legally healthy — certainly before the advent of litigation, and prior to the time legal trouble occurs.”

Older posts «

» Newer posts