Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
EPIC: “A Congressional hearing on the Office of Personnel Management data breach has now revealed one of the worst data breaches in US history. The agency initially reported that the personal information of 4 million government employees was obtained, but news reports suggest the breach was much larger–exposing the social security numbers of more than …
PWC: “We have been commissioned by the Department for Business, Innovation and Skills (BIS) to survey companies across the UK on cyber security incidents and emerging trends…The key observations from the 2015 survey were: The number of security breaches has increased, the scale and cost has nearly doubled. Eleven percent of respondents changed the nature …
Follow up to Massive hack of federal personnel files included security-clearance database – related news – “Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains. As of early 2015, 12 of these agencies allowed some of their users access to computer networks with no form of two-factor …
“The U.S. Office of Personnel Management (OPM) Office of the Inspector General (OIG) is issuing this Flash Audit Alert to bring to your immediate attention serious concerns we have regarding the Office of the Chief Information Officer’ s (OCIO) infrastructure improvement project (Project). This Project includes a full overhaul ofthe agency’s technical infrastructure by implementing additional information technology …
Follow up to previous posting, Massive hack of federal personnel files included security-clearance database, again via Washington Post: “The recently disclosed breach of the Office of Personnel Management’s security-clearance computer system took place a year ago, giving Chinese government intruders access to sensitive data for a year, according to new information. The considerable lag time between breach …
CRS – Cybersecurity Issues for the Bulk Power System, Richard J. Campbell, Specialist in Energy Policy. June 10, 2015. “In the United States, it is generally taken for granted that the electricity needed to power the U.S. economy is available on demand and will always be available to power our machines and devices. However, in …
Via Amazon Security Blog: “Amazon knows customers care deeply about privacy and data security, and we optimize our work to get these issues right for customers. With this post I’d like to provide a number of observations on our policies and positions: Amazon does not //www.bespacific.com/wp-admin/post-new.phpdisclose customer information unless we’re required to do so to …
Washington Post, Ellen Nakashima: ” The Chinese breach of the Office of Personnel Management network was wider than first acknowledged, and officials said Friday that a database holding sensitive security clearance information on millions of federal employees and contractors also was compromised. In an announcement, OPM said that investigators concluded this week with “a high …
Beyond the USA Freedom Act: How U.S. Surveillance Still Subverts U.S. Competitiveness, Information Technology and Innovation Foundation, June 2015, Daniel Catrol and Alan McQuinn | JUNE 2015: “Almost two years ago, ITIF described how revelations about pervasive digital surveillance by the U.S. intelligence community could severely harm the competitiveness of the United States if foreign customers …
DataLossDB – Open Security Foundation: “In order to request data breach notification reports from governments, several critieria need to exist. The state must have Freedom of Information or Open Records legislation. The state must have Breach Notification legislation, and the state must require notifications to a centralized authority (like an Attorney General, or a Consumer …
Via lawfareblog – “Entitled “A Question of Trust,” the report was presented to Parliament and the Prime Minister today and was authored by David Anderson QC, the UK’s Independent Reviewer of Terrorism Legislation. As required under the 2014 Data Retention and Investigatory Powers Act, Anderson therein undertakes a broad review of law and policy regarding “investigatory powers” in the UK—essentially government surveillance and …
arstechnica – Feds want an expanded ability to hack criminal suspects’ computers – Proposed rules to let one judge authorize “remote access” essentially anywhere. “The United States Department of Justice wants to broaden its ability to hack criminal suspects’ computers, according to a new legal proposal that was first published by The Wall Street Journal on …
