Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

GAO – Gov’t Opportunities to Address Pervasive Management Risks and Challenges while Reducing Federal Costs

Government Efficiency and Effectiveness: Opportunities to Address Pervasive Management Risks and Challenges while Reducing Federal Costs, GAO-17-631T: Published: May 17, 2017. Publicly Released: May 17, 2017: “The federal government is on a long-term, unsustainable fiscal path—it is spending more money than it is collecting. We’ve made hundreds of recommendations through our High Risk list and our work on duplicative, overlapping, and fragmented federal programs that could help the government save tens of billions of dollars. In this testimony, we discuss some of these recommendations, including reducing improper payments (particularly in the areas of Medicare, Medicaid, and the Earned Income Tax Credit), improving IT management and cybersecurity of federal IT systems, and better managing federal real property.”

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS – Cybersecurity: Legislation, Hearings, and Executive Branch Documents, Rita Tehan, Information Research Specialist. May 12, 2017. [FAS] “Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic… Continue Reading

Reminder – New articles on LLRX

Articles for March – April 2017 on LLRX.com – https://www.llrx.com The Challenges of a Workplace Bring Your Own Device Policy The Disconnect Between Knowledge Management and Counsel Google Books is not Alexandria redux Oh Lord, please don’t let Google Book Search be misunderstood Living in the Cloud … NOT for the Technically Challenged We Need… Continue Reading

24/7 Wall St – 15 Most Famous Cyberattacks of All Time

“The WannaCry ransomware attack has affected more than 200,000 computers in over 150 nations. The attack, which targets the Microsoft Windows operating system, has been described as one of the largest cyberattacks of all time. The malware encrypts files, demanding users of affected computers pay a ransom of $300 in bitcoin. The software behind WannaCry… Continue Reading

FTC updates consumers on ransomware

You’ve probably heard about the ransomware attack affecting organizations’ computer systems around the world. It seems to affect server software on organizations’ networked computers. But ransomware can attack anybody’s computer, so now is a good time to update your own operating system and other software. And then keep them up-to-date. The ransomware in the news… Continue Reading

NYT – With New Digital Tools, Even Nonexperts Can Wage Cyberattacks

The New York Times: “The ransomware tactic behind a global cyberattack on Friday was nothing new. But new digital tools mean that hackers “don’t even need to have any skills to do this anymore.” Attack May Worsen Monday, It Is Feared – “The effects of Friday’s attack could be magnified as workers return to their… Continue Reading

State of the Phish 2017

This report is compiled data from tens of millions of simulated phishing attacks sent through Wombat’s Security Education platform over a 12 month period, as well as an extensive survey of our database of infosec professionals. The report also includes survey data from thousands of end users in the UK and US that measured their… Continue Reading

Trump signs new cybersecurity executive order

Executive Order on May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure “Policy.  The executive branch operates its information technology (IT) on behalf of the American people.  Its IT and data should be secured responsibly using all United States Government capabilities.  The President will hold heads of executive… Continue Reading

Vendors approve of NIST password draft security recommendations – emojis welcome

Via CSO – “Standards group recommends removing periodic password change requirements – A recently released draft of the National Institute of Standards and Technology’s (NIST’s) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies… Continue Reading

2017 Data Breach Investigations Report

Verizon: “Welcome to the 10th anniversary of the Data Breach Investigations Report (DBIR). We sincerely thank you for once again taking time to dig into our InfoSec coddiwomple that has now culminated in a decade of nefarious deeds and malicious mayhem in the security world. 2016 was an extremely tumultuous year, both in the United… Continue Reading

Cybersecurity: Critical Infrastructure Authoritative Reports and Resources

CRS – Cybersecurity: Critical Infrastructure Authoritative Reports and Resources, Rita Tehan, Information Research Specialist, April 21, 2017. “Cybersecurity: Critical Infrastructure Authoritative Reports and Resources Congressional Research Service Summary Critical infrastructure is defined in the USA PATRIOT Act (P.L. 107-56, §1016(e)) as“ systems and assets, physical or virtual, so vital to the United States that the… Continue Reading

New on LLRX – Living in the Cloud … NOT for the Technically Challenged

Via LLRX.com – Living in the Cloud … NOT for the Technically Challenged – Perhaps Cloudy with a Chance of Meatballs? – Pete Weiss shares some insights into the IoT and living in the cloud – a move many of us have not been ready and willing to do but the question of choice regarding… Continue Reading