Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

SEC publishes 2016 priorities for Office of Compliance Inspections and Examinations

“This document identifies selected 2016 examination priorities of the Office of Compliance Inspections and Examinations (“OCIE,” “we,” or “our”) of the Securities and Exchange Commission (“SEC” or “Commission”). In general, th priorities reflect certain practices and products that OCIE perceives to present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.Continue Reading

Data Security and Breach Notification Legislation: Selected Legal Issues

CRS – Data Security and Breach Notification Legislation: Selected Legal Issues, Alissa M. Dolan, Legislative Attorney. December 28, 2015. “Recent data breaches at major U.S. retailers have placed a spotlight on concerns about the security of personal information stored in electronic form by corporations and other private entities. A data breach occurs when data containingContinue Reading

DoD Needs an Effective Process to Identify Cloud Computing Service Contracts

Audit – DoD Needs an Effective Process to Identify Cloud Computing Service Contracts, DODIG-2016-038, December 28, 2015. “Objective – Our objective was to determine whether selected DoD Components performed a cost-benefit analysis before acquiring cloud computing services. In addition, we were to identify whether those DoD Components achieved actual savings as a result of adoptingContinue Reading

The Rise and Fall of Silk Road

Via Wired – “In October 2013, a young entrepreneur named Ross Ulbricht was arrested at the Glen Park branch of the San Francisco Public library. It was the culmination of a two-year investigation into a vast online drug market called Silk Road. The authorities charged that Ulbricht, an idealistic 29-year-old Eagle Scout from Austin, Texas,Continue Reading

Engaging the International Community on Cybersecurity Standards

White House: “U.S. companies are most effective when they can rely on the same cybersecurity standards overseas as they do in the United States. Not only do common standards make it easier for product development and sales, companies can more easily maintain and enhance network defense and resilience, which are vital in today’s world ofContinue Reading

Verizon – 90% of industries have experienced a protected health info breach

“90% of industries have experienced a PHI breach…Welcome to the first Verizon Protected Health Information Data Breach Report (PHIDBR)…The purpose of this study is to shed light on the problem of medical data loss—how it is disclosed, who is causing it and what can be done to combat it. This is a far-reaching problem thatContinue Reading

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS – Cybersecurity: Legislation, Hearings, and Executive Branch Documents. Rita Tehan, Information Research Specialist. December 10, 2015. “Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic orContinue Reading

Second Annual Study on Exchanging Cyber Threat Intelligence

Dr. Larry Ponemon – “We are pleased to let you know about our latest study on intelligence sharing. The Second Annual Study on Exchanging Cyber Threat Intelligence: There Has to Be a Better Way [registration req’d – report is free] reveals interesting trends in how organizations are participating in initiatives or programs for exchanging threatContinue Reading

IG Semiannual Report to Congress on State Department

Semiannual Report to the Congress – April 1, 2015, to September 30, 2015 – Office of Inspector General “Although the Department has taken steps to improve security since the September 2012 attack on the U.S. Special Mission in Benghazi, Libya, OIG continues to find security deficiencies at U.S. diplomatic facilities abroad. Of the 11 U.S.Continue Reading

NIST Seeks Comments on Cybersecurity Framework

“The National Institute of Standards and Technology (NIST) is seeking information on how its voluntary “Framework for Improving Critical Infrastructure Cybersecurity” is being used, as well as feedback on possible changes to the Framework and its future management. A preview copy of the Request for Information (RFI) was posted to the Federal Register today. The commentContinue Reading

Washington Post – Cybersecurity – A Special Report

The ethics of Hacking 101 by Ellen Nakashima and Ashkan Soltani Lassoing the Internet’s Wild West by James Andrew Lewis What top government and business officials are saying about cybersecurity by Washington Post Live With mobile devices, many firms are playing Russian roulette with cybersecurity by Amrita Jayakumar Editor’s note: Cyber attackers have upper handContinue Reading

Annual Assessment of IRS Information Technology Program

Treasury Inspector General for Tax Administration. Annual Assessment of the Internal Revenue Service Information Technology Program, September 30, 2015. Reference Number: 2015-20-094 “For FY 2015, TIGTA designated Security for Taxpayer Data and Employees as the IRS’s number one management and performance challenge for the fifth consecutive year. The IRS faces the daunting task of securingContinue Reading