Risk News

Major Report: Unsecure Medical Devices Need A Fix
"Healthcare organizations are vulnerable to network intrusions through unsecured devices on their networks. There’s no unified solution yet, as Joseph Marks at the Washington Post reports."
Annie's take:

Mike Simon breaks a long report down into four recommendations.
'We Want IoT Security Regulation,' Say 95% of IT Decision-Makers
"IT professionals often see government regulation as a last resort or even a hindrance to solving their problems. Yet when it comes to Internet of Things (IoT) security, 96% of IT decision-makers say government regulation is necessary – even though some wouldn't actually want it."
Annie's take:

We're going to spend a whole week on IoT in my cyber course. Our guest speaker is MSIM alumni Andy Herman, now at Microsoft.
En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares
"FIC2019 France’s defence secretary Florence Parly today declared: “Cyber war has begun.” And she said the Euro nation's military will use its “cyber arms as all other traditional weapons… to respond and attack,” as well as setting up a military bug bounty program."
Annie's take:

One wonders how long this new program will last.
Climate and Cyber Risks Top Concerns Facing the World in 2019
"The failure to tackle climate change and extreme weather events are the most threatening global risks this year, according to the World Economic Forum."
Annie's take:

More on the topic we covered here yesterday.
Why Cyberattacks Are the No. 1 Risk
"With the world going digital, the dependence on the availability of IT infrastructure keeps exponentially growing, and many people don't comprehend the true scope of the implications."
Annie's take:

" The World Economic Forum (WEF) says business leaders in advanced economies see cyberattacks as their single biggest threat, even more so than terrorist attacks (No. 2), an asset bubble (No. 3), a new financial crisis (No. 4), or failure to adapt to climate change (No. 5)."
The Cybersecurity 202: How the shutdown could make it harder for the government to retain cybersecurity talent
"The partial government shutdown that's now in its 18th day is putting key cyber policy priorities on hold and leaving vital operations to a bare bones staff. But the far greater long-term danger may be the blow to government cyber defenders' morale, former officials warn."
Annie's take:

This is exactly what I have been worried about: such poor practices from a government that cannot match private sector salaries is sure to be on everyone's mind in this, the third week of the shutdown -- and the week normally employees would be paid.
Shutdown sets back U.S. cyber defenders
"A popular cyber technology showcase is the latest casualty of a partial government shutdown that's taking a toll on U.S. cybersecurity."
Annie's take:

Just one of the many examples of government employees who provide critical services and who are not being paid.
As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants
"For years, Facebook gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed, effectively exempting those business partners from its usual privacy rules, according to internal records and interviews."
Annie's take:

There is so much more to be said on this topic.
Uber CEO Says Market Turmoil Won’t Derail IPO Plans
"Uber Technologies Inc. Chief Executive Dara Khosrowshahi said market turbulence in the U.S. would be unlikely to affect the ride-hailing titan’s plans for a public listing."
Annie's take:

Keeping a close eye on Uber in two areas as they move toward an IPO: culture and marketplace.