Archive for February, 2017
From: Virginia Business
by Collin Hite
Certain financial service businesses have just a few days to gear up for New York’s brand-new cybersecurity regulation. The new rule applies to all entities overseen by the New York Department of Financial Services (NYDFS) banking, insurance and financial service laws. The net scoops up commercial banks, foreign banks with New York licensed offices, mortgage brokers and servicers, small-loan lenders and money transmitters doing business in New York. Obviously, insurance companies, broker, agents (resident and non-resident), and others also fall within the scope. As Gov. Andrew Cuomo stated, “These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place” to protect businesses and clients “from the serious economic harm caused by these devastating cyber-crimes.”
New this year! Register Now
Sunday, April 2, 2017 • 9:00 am-4:15 pm
Limited seats available. Reserve early. Workshop registration includes refreshment breaks. Attendees are on their own for lunch.
The Baldrige Cybersecurity Workshop is a practical, interactive workshop on how to conduct a self-assessment of an organization’s cybersecurity program, utilizing the Baldrige Cybersecurity Excellence Builder. The workshop will provide you with information about how to use the self-assessment tool to better understand where your cybersecurity efforts are today and what they can look like in the future.
No Need to Panic, Cryptographers Say; Just Wait for NIST Guidance
There’s good news for anyone worried about the rise of quantum computers and the risk that they could be used to crack modern, public-key crypto systems, thus imperiling the security of much of today’s data, both in transit and at rest. Leading cryptographers advise: Don’t panic, and above all, don’t do anything about it right now.
“Do nothing, just wait for the NIST process,” said Dan Boneh, a professor at Stanford University, in an RSA Conference panel last week devoted to post-quantum cryptography and answering this question: “Is time running out?”
From: South China Morning Post
Concerns over censorship and data privacy overshadow the global ambitions of Chinese tech companies
“Most US and European consumers believe that the Chinese government has its hands in every software and hardware company and that there are numerous ways in which private information might be compromised in favour of the government and the Communist Party,” Snyder said in an email to the South China Morning Post.
Telecom gears made by Huawei and ZTE were labelled national security threats by the US government in 2012, while phonemaker Xiaomi faced data privacy investigations in Taiwan and Singapore.
NEWS ANALYSIS: It is quite possible that there is no such thing as personal data privacy anymore–especially when it comes to video.
SAN FRANCISCO — A growing number of people think Facebook, other social networks, connected device makers–and potentially the entire internet of things market itself–are (or soon will be) too invasive into personal data privacy for their own good. This topic was one of many on everybody’s minds at this week’s RSA Security 2017 conference at Moscone Center.
From: USA Today
In past years, the Obama administration was very engaged at RSA, in keynotes and panels. High- and low-ranking staff put out its views on cybersecurity, called for experts in the field to come work for the government to protect the homeland and were outspoken about the issues raised by encryption and the dangers of terrorists going dark through its use.
While there were 41 government speakers at RSA this year, there are no senior level speakers from the Trump administration.
From: NATO Cooperative Cyber Defence Centre of Excellence
Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations lays out expert analysis, paving the way for states to develop cyber norms, highlight experts. The European launch of the Tallinn Manual 2.0, the most comprehensive guide on how international law applies to events in cyber space, took place in The Hague today.
Despite acrimonious relations between Russia and the United States in recent years, experts on cyber security in both countries say their law enforcement agencies and private firms had been working together more closely behind the scenes to fight financial fraud and other crimes committed online.
But at least some of that cooperation appears to have come to a sudden halt since Ruslan Stoyanov, head of the computer incidents investigation team at Russian cyber security firm Kaspersky Lab, was arrested in December on suspicion of treason.
By Jason Miller
While the federal IT and acquisition communities still are “patiently” waiting for President Donald Trump to name key players at the Office of Management and Budget, the General Services Administration and the Office of Personnel Management, Republican lawmakers gave us a little bit of insight into their plans for 2017.
What may be the committee’s most important work that will receive little attention outside of a small community is the seven provisions of the E-Government Act of 2002 that will or have expired.