Risk News

Change In Corporate Mindset Needed To Combat Cyber Attacks

"Yahoo!’s announcement late last year that it had been victimized by not one but two separate data breaches was the Gettysburg of corporate cyber attacks – the biggest battle yet waged."

Annie's take:

An excellent column by my colleague, Richard Levick, on how corporations need to think differently about cyber attacks, not just assume that insurance will cover any breaches.

Inside Uber’s Aggressive, Unrestrained Workplace Culture

"When new employees join Uber, they are asked to subscribe to 14 core company values, including making bold bets, being “obsessed” with the customer, and “always be hustlin’.” "

Annie's take:

Uber illustrates once again what I call the three root causes of conduct risk: tone at the top, culture, and conflicts of interest.

Why Verizon Decided to Stick With Yahoo Deal After Big Data Breaches

"In January, a month after Yahoo Inc. disclosed a second massive data breach, Verizon Communications Inc.’s top executives huddled at the company’s headquarters and weighed their options."

Annie's take:

How badly do you want to compete against Facebook? Verizon at least wants that pretty badly.

'Internet of Evil Things' challenges security pros

"After Mirai shook the rafters of cybersecurity in 2016, IT security professionals (rightfully) expect that connected devices will be a major security headache in 2017 – but still struggle to get a grasp on how to account for, track and monitor those devices, a report from Pwnie Express found."

Annie's take:

It's getting increasingly difficult -- at work or at home -- to secure the borders. I'm still leaving "Location Services" turned off on my smartphone as my own commitment to being responsible for what I say and do.

How Vladimir Putin and Russia are using cyber attacks and fake news to try to rig three major European elections this year

"Governments and security services across Europe have sounded public warnings about Russian interference in upcoming elections, amid mounting concern about a spate of cyber attacks on political parties and government institutions."

Annie's take:

As if we did not already have enough to worry about!

Cybersecurity Is a Missing Piece of the Smart City Puzzle (Industry Perspective)

"The term “smart city” is as broad as the successes that are frequently published in industry journals and advocacy websites."

Annie's take:

It pays to pay attention to the focus on building smart cities.

The Cyberattacks We Don't Hear About But Should

"Some cyberattacks make it to the front pages of mainstream publications."

Annie's take:

A new KPMG study is worth reviewing.

It's 'Code Red' as cyber-security pros gather

"Cybersecurity threats are now a household worry, putting the thousands of professionals who flock to the annual RSA cybersecurity conference here in an unusually influential position."

Annie's take:

The RSA conference is the premier cyber conference in the United States. Here's a first report.

Microsoft Allowed to Sue U.S. Government Over E-mail Surveillance

"Microsoft Corp. persuaded a judge not to let the U.S. government out of a lawsuit alleging the company’s free-speech rights are violated by a law that blocks it from alerting users to the clandestine interception of their e-mails."

Annie's take:

Judge Robard has been keeping busy. Here's his latest opinion.

Yes Virginia, we still have three branches of government

"We have entered the fourth week of the new administration."

Annie's take:

Another government relations column, and a research note by Colin Andrade on risk in the energy sector.

How app makers increasingly track your every move

"Privacy advocates say tech companies are becoming more brazen about collecting users' location data and personal information."

Annie's take:

The Uber example is highly instructive. I do not turn location services on, so am not subject (probably) to the same kind of tracking that others who like the convenience of location services are.

A Hogwarts For Cyber Protection?

"Never let it be said that the British don't do things with style. In the years leading to World War II, they recognized the need to break enemy codes, and ran crossword puzzle contests to find recruits for their ultra-secret Government Code & Cipher School—also known as GC&CS, or Bletchley Park."

Annie's take:

I like the concept, not sure how it will execute.

Cellphone Spy Tools Have Flooded Local Police Departments

"A little after midnight on November 28, 2014, hundreds of Black Lives Matter protesters filled the streets of downtown Chicago."

Annie's take:

Putting such tools in the hands of local police may be a mistake, correctable only with some guidance from the courts.

Hacker Steals 700,000 Accounts from Police Forum

"Update: After the publication of this story, another source provided Motherboard with the full PoliceOne database. In all, it contains 715,588 entries. However, the source said that this data has already been publicly distributed for some time, and that Bekrut did not hack the site. Bekrut did not respond for Motherboard's request for comment."

Annie's take:

Even after reading the update, it's hard to know what the situation is -- was the database publically available some time ago?

Some key cyber-security tips for financial firms

"The SEC has expanded considerably its efforts relating to cyber-security, beefing up its regulatory examinations with targeted sweeps for cyber-security, as well as maintaining an active cyber-security enforcement program."

Annie's take:

All good advice.

China’s Intelligent Weaponry Gets Smarter

"Robert O. Work, the veteran defense official retained as deputy secretary by President Trump, calls them his “A.I. dudes.” The breezy moniker belies their serious task: The dudes have been a kitchen cabinet of sorts, and have advised Mr. Work as he has sought to reshape warfare by bringing artificial intelligence to the battlefield."

Annie's take:

Related indirectly to the presentation we had Friday evening on ethical frameworks around autonomous weapons.

Things to Consider When Crossing the US Border

"Planning on crossing the border into the United States anytime soon? Did you know that the government has the right to, without a warrant, search travelers at the border—including when they land at international airports—as part of its traditional power to control the flow of items into the country?"

Annie's take:

Advice that is increasingly useful.

Case Study in Chaos: How Management Experts Grade a Trump White House

"For someone who promoted his management skills and campaigned as an “organizational genius,” as Anderson Cooper of CNN put it, it has been a rocky White House debut for Donald J. Trump, the first president to go directly from the executive suite to the Oval Office."

Annie's take:

The analyses say it all.

Healthcare breaches cost $6.2B annually

"A new whitepaper from Protenus reveals data breaches not only harm an organization's public image, they also cost exorbitant amounts of money.

Titled "Cost of a Breach: A Business Case for Proactive Privacy Analytics," the whitepaper details seven potential costs of a healthcare data breach."

Annie's take:

The numbers are very high. Not sure how to validate the study, but it's worth reviewing the findings.