Legal
Suing Our Way to Better Security?
June 21, 2012 Added by:Jayson Wylie
It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?
Comments (7)
Contracts and Infosec Part 3: Processing and Data Disposal
June 21, 2012 Added by:Bill Gerneglia
The parties should also stipulate their expectations for data return or destruction upon termination of an NDA. The expectations for data return or destruction will be typically molded by a party’s desire to keep compliant with the particular data handling law or regulation to which the party is subject...
Comments (0)
Napoleon’s Invasion of Russia and Risk Management
June 20, 2012 Added by:Thomas Fox
As compliance programs become more mature, you can use the information generated in a risk assessment in a variety of ways to facilitate an overall risk management program. To create an effective risk management system, understand the qualitative distinctions among types of risk an organization faces...
Comments (0)
No Copyrights on APIs: Judge Defends Interoperability and Innovation
June 18, 2012 Added by:Electronic Frontier Foundation
Judge Alsup, a coder himself, got it right when he wrote that “copyright law does not confer ownership over any and all ways to implement a function or specification of any and all methods used in the Java API.” It's a pleasure to see a judge so fundamentally understand the technology at issue...
Comments (0)
Bill Gates, the Perfect Game and Your Compliance Program
June 17, 2012 Added by:Thomas Fox
Collins has been looking at corporations for over 25 years to unlock the mystery of what makes a great company tick and discusses twelve questions that leaders must grapple with if they truly want to excel. This list is a good summary of questions that you can and should be posing to your compliance team...
Comments (0)
Contracts and Information Security Part 2: NDAs
June 13, 2012 Added by:Bill Gerneglia
NDAs might include potential liability for unauthorized disclosure of protected personal information, privileged communications (such as lawyer-client or doctor-patient communications), national secrets, or the trade secrets of the company or business partner...
Comments (0)
Pink Floyd’s "The Wall" and Compliance
June 12, 2012 Added by:Thomas Fox
Compliance: One of the most important things is that sometimes you just hit a brick wall. You can carefully plan a strategy, implement the planned strategy and then measure the results, but it can still fall completely flat. In other words, you hit the proverbial wall...
Comments (0)
Organization for Computer Professionals Opposes CISPA
June 12, 2012 Added by:Electronic Frontier Foundation
ACM is the world's largest organization for computer professionals. They are joining a diverse group in opposing CISPA, including a wide array of digital civil liberties organizations like EFF, computer scientists like Bruce Schneier and Tim Berners-Lee, and companies like the Mozilla Foundation...
Comments (0)
Apple's Crystal Prison and the Future of Open Platforms
June 06, 2012 Added by:Electronic Frontier Foundation
Apps that require administrative privileges are impossible to install on an iOS device without jailbreaking it. This includes apps that let you firewall your device and secure your internet traffic with OpenVPN. Jailbreaking also helps security and privacy researchers to see if apps are leaking data...
Comments (3)
Twitter's New Tailored Suggestion Service Raises Questions
June 06, 2012 Added by:David Navetta
Congress seeks clarification on how Twitter purports to honor a user’s choice to opt-out of targeted advertising and data collection using the Do Not Track browser option, while simultaneously collecting user information from third party websites under the tailored suggestions program...
Comments (0)
Lieberman-Collins Cybersecurity Act Frequently Asked Questions
June 04, 2012 Added by:Electronic Frontier Foundation
Companies already use firewalls to protect their networks. ISPs do filtering as well, for example disallowing end users from hosting certain services, or de-prioritizing certain types of traffic. But this bill makes no effort to restrict the definition of countermeasures to reasonable techniques in use today...
Comments (0)
Megaupload User Asks Court for Their Files Back... Again
June 01, 2012 Added by:Electronic Frontier Foundation
EFF’s asked the court to return files lost when Megaupload was seized last January. Since then, we’ve been to court both for a hearing and a mediation and nothing has changed. The key problem: the government has failed to help third parties get access to their data. So we have no choice but to go back to court...
Comments (0)
Senator Demands Text of Secret Agreements Regulating Internet
May 30, 2012 Added by:Electronic Frontier Foundation
Senator Ron Wyden recently introduced a bill demanding access to draft texts of international trade agreements under negotiation such as the Trans-Pacific Partnership Agreement that carry provisions that could severely choke off users' rights on the Internet. This is a great positive step in the right direction...
Comments (0)
FTC MySpace Settlement: Say What You Do and Do What You Say
May 30, 2012 Added by:David Navetta
The settlement bars MySpace from making future misrepresentations regarding the extent to which it protects users’ personal information, requires it to implement a comprehensive privacy program and requires it to undergo biennial, independent, third party privacy assessments for the next 20 years...
Comments (0)
Join the Fight Against Cyber Spying Proposals in the Senate
May 29, 2012 Added by:Electronic Frontier Foundation
Even when faced with opposition from security experts and the Obama Administration, the House of Representatives managed to ram through CISPA, a bill widely decried as empowering the military to collect the Internet records of Americans’ everyday Internet use. Now the fight is moving to the Senate...
Comments (0)
The Netherlands Passes Net Neutrality Legislation
May 24, 2012 Added by:Electronic Frontier Foundation
The Netherlands is the first country in Europe to establish a legal framework supporting net neutrality. The law contains language that restricts when ISPs can wiretap users, and limits the circumstances under which ISPs can cut off a subscriber's Internet access altogether...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)