- 88% of hackers at the 2016 DEF CON conference say they can hack a target in 12 hours
- 81% of hackers say that they can identify and exfiltrate a target’s data in 12 hours
- 50% of hackers change their method each time
- 84% of hackers social engineer their vicitms- hello Facebook profiles
- 52% say training employees is effective
Monthly Archives: February 2017
TREND. Data Protections for Home Devices. Warrant or no Warrant.
Alexa, the Amazon product, home guru records voices.
Alexa also records suspected murderers, at least it did in Arkansas.
What kind of protection is Amazon seeking for the Alexa recordings?
- Until law enforcement creates a compelling enough case, no Alexa recordings
- Amazon wants prosecutors to “prove the data isn’t available anywhere else and that it’s sufficiently related to the subject of the investigation”
Next step: Legislative fixes
Public-Private Partnership to Improve State CyberSecurity Training. Improve Student Cybersecurity
The Public Private Partnership: Virginia and Amazon
The role of Amazon: to support scalable cloud infrastructure and collaborate on cybersecurity educational efforts
How far down the state employee food chain will education go? The partnership will also help educate teachers with cybersecurity courseware
Data Security Legislation Trend. 1st Legislative Phase is Missing. Ask the experts.
A former top national security adviser says the cybersecurity legislation that is necessary is: uniform definitions for cybersecurity across all government levels.
Why do we need uniform definitions? Uniform defintions improve strategy for enforcement and legislation.
Defense of Democracies | Framework and Terminology for Understanding Cyber-Enabled Economic Warfare
Business TREND. 5 Data Security Protections for Oil and Gas Companies.
5 ways oil and gas comapnies can minimize legal exposure from a data breach:
- Plan ahead. Have an incident reponse team in place.
- Insurance. Lots of policies cover data security now, check your policy.
- Stay up to date on data security laws & regulations. There are overlapping levels of laws between state and federal and overlapping agency jurisdictions.
- Create & Maintain a data policy. Prescribe what is retained and for how long.
- Train and test your employees.
Internet Association. New Campaign Fundraising Tool. 3 Key Points.
What group is launching a new campaign fundraising tool? the Internet Association (Google, Facebook, et.al.)
How does the new fundraising tool work?
- The Internat Association selects candidates for virtual meetings
- The virtual meetings allows people to ask candidates questions
- During which, people can donate money to the association’s political action committee and will be directly transferred to the candidate featured during the virtual meeting
1 in 4 had healthcare data breach. What you need to know:
What survey reveals that 1 in 4 U.S. Consumers had a health care data breach? An Accenture survey released at HIMSS2017 in Orlando
What is the impact to health care providers? 25% changed health care providers
National Governor Association Details State Role in Cyber & Data Security
The Chair of the National Governor’s Association lays out 3 ways states can tackle data and cyber security:
- share disruption response plans
- establish cybersecurity operations centers
- convening cooperation among public safety agencies, the National Guard, and private partners.
3 States with model public-private partnerships, task forces, and cybersecurity commissions:
- California
- Indiana
- Virginia
3 Reasons Cyber Security legislation More Harm than Good. 4 Ways to write good cybersecurity laws.
The state landscape: Virginia
The cyber security proposals: make it a felony for cyber criminals to use ransomware
The reasons that the change in law may do more harm than good:
- the laws a jumbled with overlapping enforcement of multiple agencies
- the jumbled laws make it overburdensome for businesses to comply
- technology advances more quickly than laws
What do good cyber security laws do?
- They are principle-based
- Specify outcomes
- Do not target specific methods of action
- Respect a…
New Mexico. Data Security Legislation 2017. 3 Key Points.
New Mexico’s House Bill 15 wants to put the state on par with other states by remedying a gap in our existing consumer protections by:
- Requiring notice within 45 days
- After Personal Identifying Information is Compromised
- With notification to the state attorney general and consumer credit reporting agencies
Los Alamos Daily Post | House Passes Data Breach Notification Act