Archive for July, 2018

Pentagon Creates ‘Do Not Buy’ List of Russian, Chinese Software

From: Defense One


Increasingly alarmed at foreign hacking, DOD and intelligence officials are racing to educate the military and defense contractors.

The Pentagon is warning the military and its contractors not to use software it deems to have Russian and Chinese connections, according to the U.S. Defense Department’s acquisition chief.

Officials have begun circulating a “Do Not Buy” list of software that does not meet “national security standards,” Ellen Lord, defense undersecretary for acquisition and sustainment, said Friday.

Read Complete Article

EU, China setting global cyber standards

From: Politico | Morning Cybersecurity


With help from Eric Geller and Martin Matishak

REWRITING THE RULES — The U.S. is ceding ground in the race to shape global standards and laws around cybersecurity, according to Eric’s new story for Pros. While Congress and multiple presidents have spent years supporting the tech industry’s aversion to new regulations, the EU and China have forged ahead with laws that are setting the tone for digital security and privacy regulations. The EU’s General Data Protection Regulation has set privacy standards that companies like Facebook and Google must follow. And China has been even more aggressive, enacting a cyber law with strict security controls on tech companies and spreading its heavy-handed model throughout the developing world. And while the global tech industry is adapting to these new realities, no one in the Trump administration has devised a clear plan to rebut either of these agendas.

Consumers Own Their Data, Not the Industry, Says Telecom Regulatory of India (TRAI)

From: Entrepreneur India

While submitting the recommendations to the Srikrishna Committee, the regulator also acknowledged the fact that the existing framework for data protection of consumers is not sufficient

Vanita D’souza

As the Justice BN Srikrishna Committee is also set to table the draft of the Data Protection Bill, the Telecom Regulatory of India (TRAI) is of the opinion that data is purely owned by the users, and industry stakeholders, who include telecom companies and digital services providers, are merely custodians of it.

Guernsey: A laboratory of innovation

From: Institutional Asset Manager

By James William

The funds sector has matured and developed into a more sophisticated market than it was 10 years ago. Technology advances and product innovation in new asset classes has deepened the funds industry, creating more complexity as a result. At the same time, over the last decade, demands on jurisdictions have risen in terms of the level of support that needs to be provided, in terms of substance and effective oversight. Guernsey has always been cognisant of this and has evolved in step with those changing times.


The stock market is rewarding tech companies that protect data more than ones that exploit it

From: Quartz

John Detrixhe, Future of Finance Reporter

Tech stocks are booming, despite concerns about how some of sector’s giants, like Google and Facebook, make money from personal data. Cyber security companies, meanwhile, have performed even better, as more of our lives are digitized and hacks become more common and sophisticated.

A popular cybersecurity exchange traded fund (ETF) has soared by 20% this year. That compares with 14% for one of the most widely traded tech ETFs, and 4.5% for a fund tracking the S&P 500 index of US stocks. Key constituents of the Prime Cyber Security ETF (which trades under the on-brand ticker HACK) include companies like Palo Alto Networks and Qualys, both of which have gained more than 40% in value so far this year.

A Glimpse into Private-Sector Cybersecurity in Japan

From: Lawfare

By Mihoko Matsubara

PDF Version

Review of Shinichi Yokohama’s “Keiei to Saiba Sekyuriti—Dejitalu Rejilienshi [Business Management and Cybersecurity – Digital Resiliency for Executives]” (Nikkei BP, 2018).


The traditional approach in Japan by the large-scale corporate sector to addressing national technology policies—such as cybersecurity requirements—that will inevitably affect wide swathes of industry has been to await instructions from government regulators. The approach of large American corporations, by contrast, has long been to engage proactively and publicly with government agencies, through their own corporate policy teams or industry-wide trade associations, with the aim of being part of policy and regulatory formation. Industry and particular corporate businesses bring their own agendas and goals to the American public policy conversation, to be sure. They also bring important technical and operational knowledge of the issues and policy choices—ever more so in a world dominated by increasingly complex technologies.