Alphabet CEO Calls for Government Action in Tech Innovation

Sundar Pichai, CEO of Google and its parent Alphabet, is urging the U.S. government to step up innovation and more actively police cyberthreats. In a year beset with security breaches attributed to Russian and Chinese hackers, Pichai says it’s time to draft a Geneva Convention for technology, outlining international legal standards, safeguards and behavioral norms for the connected age. Pichai also made an appeal for state-sponsored innovation in the face of competition from China, where the Communist Party under President Xi Jinping has outlined plans to advance artificial intelligence and develop a proprietary semiconductor sector. Continue reading Alphabet CEO Calls for Government Action in Tech Innovation

U.S. Advances Cybersecurity Steps as Ransomware Doubles

Payments flagged by U.S. banks as suspected ransomware in 2021 are on pace to nearly double those of 2020, according to reports filed with the Treasury Department. Almost $600 million in potential ransomware payments have been filed with the federal government from January through June, which is more than 40 percent more than the tally for full-year 2020. Reflecting the fact that governments worldwide describe cybercrime as a critical national security threat, the first International Cybersecurity Challenge is scheduled for Greece in June 2022, where 25 Americans aged 18 to 26 are set to compete. Continue reading U.S. Advances Cybersecurity Steps as Ransomware Doubles

Google Action Team Is Ready for Its Cybersecurity Close-Up

By the end of 2021, cybercrime will cost the world an estimated $6 trillion through 2021, a figure that will swell to $10.5 trillion by 2025, according to Cybersecurity Ventures. To deal with that threat, Google has created the Cybersecurity Action Team (GCAT) and the Work Safer security bundle to help protect organizations, small businesses, enterprises and public sector institutions against cyberattacks. At Google Cloud Next ’21, the company said the Google Cybersecurity Action Team will draw on expertise from across the company to help protect entities from data breaches and help meet new government compliance rules. Continue reading Google Action Team Is Ready for Its Cybersecurity Close-Up

Government Pursues ‘Zero Trust’ Approach to Cybersecurity

The “zero trust” policy envisioned by President Biden in May when he signed an executive order to improve cybersecurity has begun taking shape with the release last week of a draft blueprint by the White House Office of Management and Budget (OMB). While Biden’s order covers the public and private sectors “and ultimately the American people’s security and privacy,” zero trust focuses on identifying and implementing best practices for the federal government’s digital platforms and processes. Deployment will take years of investment and effort. To help jump-start the initiative, some primers have hit the news feeds. Continue reading Government Pursues ‘Zero Trust’ Approach to Cybersecurity

European Union Members Are Concerned Over GDPR Delays

European Union nations are voicing discontent over delays in enforcement of the General Data Protection Regulation (GDPR) implemented in May 2018. Earlier this month Ireland announced a $266 million fine against WhatsApp, after haggling to boost the original sanction of up to $59 million by the Irish Data Protection Commission (WhatsApp parent Facebook has European headquarters in Ireland). The situation has prompted calls to revise how the 27 EU member countries participate in overlapping cases, with expanded pan-EU rules also under consideration. Continue reading European Union Members Are Concerned Over GDPR Delays

SEC Probe of SolarWinds Attack Concerns Corporate Execs

A Securities and Exchange Commission investigation into the 2020 Russian cyberattack of SolarWinds has corporate executives concerned over the possibility that information unearthed in the probe will expose them to liability. Companies suspected of or known to have been downloading compromised software updates from SolarWinds have received letters requesting records of all breaches since October 2019, raising fears that sensitive cyber incidents previously unreported and unrelated to SolarWinds may be revealed, providing the SEC with details that many companies may never have wanted to disclose. Continue reading SEC Probe of SolarWinds Attack Concerns Corporate Execs

Tech Firms Raid Security Flaws with ‘Bug Bounty’ Programs

In the security world, “bug bounty” programs are becoming more common, from Facebook to the Department of Defense. Hackers who can reveal the hidden vulnerabilities of a device, system or corporation can reap significant financial rewards. Apple launched its program in 2016 and offers payouts of up to $1 million for the most elusive flaws. The tech giant reportedly spent $3.7 million on such exercises in the 12-month period ending in July 2021, during which time Google shelled out $6.7 million and Microsoft spent $13.6 million. Such programs have become a valuable tool in security maintenance, putting hackers’ inquisitive natures to productive use.  Continue reading Tech Firms Raid Security Flaws with ‘Bug Bounty’ Programs

Strider Shield Technology Aims to Protect Intellectual Property

Strider Technologies has debuted its Strider Shield platform that helps businesses better understand potential threats to intellectual property — including nation-state directed IP theft and supply chain threats — by combining online tracking tools often used by advertising agencies with data ingestion tools, natural language processing and various algorithms. Strider co-founder and chief strategy officer Eric Levesque said that Strider Shield allows an enterprise to collect thousands of data points such as email addresses, domain names and keywords to correlate against systems where the IP resides, in order to surface potential risks. Continue reading Strider Shield Technology Aims to Protect Intellectual Property

White House Cybersecurity Summit Brings Leaders Together

At a White House summit, President Joe Biden asked leaders of Apple, Google, JPMorgan Chase and other major companies to step up their response to cybersecurity threats. The administration, which estimated that about half a million cybersecurity jobs remain unfilled, said it would assist in developing new guidelines for secure technology and assess the security of existing technology. Google, Microsoft, and insurance companies Travelers and Coalition have already signed on to the initiative. Microsoft plans to invest $20 billion over the next five years to integrate cybersecurity into its products and Google revealed its own $10 billion commitment. Continue reading White House Cybersecurity Summit Brings Leaders Together

Weighing the Challenges of a Post-COVID Hybrid Workplace

Post-pandemic, companies now must decide whether to allow their employees to continue to work remotely or require them to come to the office. Although staff did work at home for about one-and-a-half years without too many problems, it’s not clear if that scenario will transfer to a post-COVID world. The lockdown was an unusual circumstance, and bosses and workers were forced to be flexible. Now, some say a hybrid work environment is likely to be two-tiered, with on-site workers getting more access, networking opportunities, promotions and pay raises.

Continue reading Weighing the Challenges of a Post-COVID Hybrid Workplace

The FTC Votes Unanimously to Support Right to Repair Laws

The Federal Trade Commission (FTC), under the new leadership of chairperson Lina Khan, voted unanimously to enforce Right to Repair legislation. The vote will ensure that U.S. consumers will be able to repair their own electronic and automotive devices. The FTC published a report in May excoriating manufacturers for not adhering to the Right to Repair rules, one of them the Magnuson-Moss Warranty Act. The Right to Repair movement has been led by the U.S. Public Interest Research Group and iFixit, among others. Continue reading The FTC Votes Unanimously to Support Right to Repair Laws

China Cyberspace Agency Tightens Rules on Foreign Listings

The Cyberspace Administration of China, an agency set up by President Xi Jinping that reports to a leadership group he chairs, increased interagency oversight of companies traded in the United States and elsewhere overseas. The agency also will harden rules related to domestic companies listed on foreign stock exchanges and better coordinate various regulators. That lack of coordination was apparent in DiDi Global’s IPO last month, which was supported by financial regulators but tagged by the country’s cybersecurity regulator. Continue reading China Cyberspace Agency Tightens Rules on Foreign Listings

ByteDance Pauses its IPO After Meeting with Chinese Officials

Beijing-based ByteDance, parent company of social video app TikTok, which was valued at $180 billion in December, indefinitely put plans on hold for a public offering. The company had been considering an IPO in the United States or Hong Kong but its founder and CEO Zhang Yiming changed his mind after meeting with China’s cyberspace and security regulators who reportedly told him to focus on data-security risks and other issues. Another reason for holding off is that the company did not have a chief financial officer at the time. Continue reading ByteDance Pauses its IPO After Meeting with Chinese Officials

New York Is First City to Open a Cyberattack Defense Center

New York City just opened its Cyber Critical Services and Infrastructure (CCSI) Project, a real-time operational center to protect the metropolitan area against cyberattacks. Located in lower Manhattan, the center shares intelligence with 282 partners, including the New York Police Department (NYPD), Amazon, International Business Machines (IBM), the Federal Reserve Bank and several New York healthcare systems. The anti-cybercriminal effort started two years ago but has been entirely virtual until now. Continue reading New York Is First City to Open a Cyberattack Defense Center

U.S. Offers Incentives for Countries to Avoid China’s 5G Gear

The U.S. Commerce Department’s Commercial Law Development Program (CLDP) is leading a program to encourage nations to avoid gear from Chinese companies Huawei and ZTE in building their own 5G networks. The workshops on how to do so, combined with a handbook and some financial incentives, are aimed at legislators in Central and Eastern Europe as well as developing countries around the world. The handbook will include case studies of how the United Kingdom, for example, deployed 5G without Chinese equipment. Continue reading U.S. Offers Incentives for Countries to Avoid China’s 5G Gear