Archive for July, 2017

A Chinese Government Official has clarified the VPN Crackdown that Apple is complying with

From: Patently Apple

On Saturday Patently Apple posted a report titled “Apple Accused of Bowing to Chinese Government by Shutting Down VPN Service Apps.” The report covered ExpressVPN making it public that Apple sent them a letter notifying them that their app was being removed from the App Store because it included content that is illegal in China, which is not in compliance with the App Store Review Guidelines. Apple’s CEO has made it clear that they would follow the laws of the land that do business in. Today the Chinese Government made a formal statement to help clarify the VPN matter.

Singapore Government issues Public Consultation on draft Cybersecurity Bill

From: Lexology

Yi Lin Seng and Ken Chia | Baker McKenzie

IEEE And National Institute Of Standards And Technology (NIST) Team On Standards Development For Intercloud Interoperability And Federation

From: Press Release

Collaboration between NIST and IEEE P2302™ will help build consensus on creating an Intercloud—an open, transparent infrastructure amongst cloud providers to support evolving technological and business models

PISCATAWAY, N.J.–(BUSINESS WIRE)–IEEE, the world’s largest technical professional organization dedicated to advancing technology for humanity, and the IEEE Standards Association (IEEE-SA), today announced a new collaborative effort has been launched with NIST to meet the growing demand for standards that address Intercloud interoperability. The new cooperative arrangement brings together efforts from the NIST Public Working Group on Federated Cloud (PWGFC) with the IEEE Intercloud Working Group (ICWG) developing IEEE P2302TM—Standard for Intercloud Interoperability and Federation.

Local governments keep using this software — but it might be a back door for Russia

From: The Washington Post

Local and state government agencies from Oregon to Connecticut say they are using a Russian brand of security software despite the federal government’s instructions to its own agencies not to buy the software over concerns about cyberespionage, records and interviews show.

The federal agency in charge of purchasing, the General Services Administration, this month removed Moscow-based Kaspersky Lab from its list of approved vendors. In doing so, the agency’s statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it. Kaspersky has strongly denied coordinating with the Russian government and has offered to cooperate with federal investigators.

Bahamas ‘Falls Too Far’: 129th On Cyber Security

From: Tribune 242


The Deputy Prime Minister yesterday conceded that the Bahamas “continues to fall too far down the scale”, after this nation was ranked 129th out of 164 countries for its commitment and effectiveness in fighting cyber crime.

K P Turnquest acknowledged that the Bahamas’ ranking in the bottom third of the Global Cybersecurity Index (GCI), published by the International Telecommunications Union (ITU), could “undermine” the financial services industry and this nation’s desire to expand its information technology (IT) capabilities.

Read Complete Article

China Drafts Legislative Rules Regarding Cross-border Data Transfers

From: Lexology

Todd Liao and Stella Chen | Morgan Lewis & Bockius LLP

The draft legislation provides further guidance on the regulations provided in the recent cybersecurity law, including definitions and details on the security assessments required for cross-border data transfers.

China’s recently enacted Cybersecurity Law (CL), effective June 1, 2017, requires that personal information and important data collected and produced by critical information infrastructure (CII) operators in China be stored in China. The CL also requires that security assessments be performed before personal information and important data are provided to any entity or individual outside of China (Cross-border Data Transfer).[1] Along with the CL, China has published other draft legislation addressing the requirements for local storage and Cross-border Data Transfer and soliciting public comments. The new draft implementing rules include

Bahrain insists on managing risks in critical telecom infrastructure

From: AMEInfo

Bahrain’s telecommunications watchdog has urged to manage risks in critical telecommunications infrastructure.

The Telecommunications Regulatory Authority (TRA) has issued resolution number 5 of 2017 on its website and published in the Official Gazette the new set of regulations on critical telecommunications infrastructure (CTI) risk management.

Read Complete Article

NATO Cybersecurity: A Roadmap to Resilience

From: The German Marshall Fund of the United States

Bruno Lété, Daiga Dege


Keeping Pace with an Evolving Threat

Today NATO faces ongoing efforts from antagonists, including non-state actors, to intimidate and destabilize member states through cyber-attacks. The notion of cyber warfare is not new, but the scale, speed, and intensity of the challenge demands a new approach toward the preparation, deterence, and defense against these threats. One important innovation that cyber activities provide an adversary is ambiguity, both of intent and attribution. The source of cyber aggression is not easy to identify and requires advanced technological capabilities that only a few member states in NATO possess. Cyber aggression is even more difficult to prove publicly because laws and regulations in cyberspace are still incomplete. For NATO, the ambiguity of cyber campaigns present challenges vis-à-vis action that needs to be collectively addressed across the political, military, civilian, and technological spectrum. The following recommendations are designed to strengthen NATO resilience in cyberspace.