Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS – Cybersecurity: Legislation, Hearings, and Executive Branch Documents, Rita Tehan, Information Research Specialist. May 12, 2017. [FAS]

“Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic or industrial espionage, engaging in cybercrime, or intimidating political activists. In addition, national borders mean little or nothing to cyberattackers, and attributing an attack to a specific location can be difficult, which may make responding problematic…”

Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports

DHS OIG – Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports, December 30, 2016. OIG-17-14. “Our previous reports identified numerous deficiencies in security controls for TSA’s IT systems and equipment at airports. These deficiencies included inadequate physical security for TSA server rooms at airports, unpatched software, missing security documentation,… Continue Reading

Report – Fostering The Advancement of the Internet of Things

Department of Commerce Internet Policy Task Force & Digital Economy Leadership Team report, Fostering the Advancement of the Internet of Things, January 2017. “The Internet of Things (IoT) – in which connected devices are proliferating at an unprecedented rate–is a technological development that is transforming the way we live and do business. IoT continues the… Continue Reading

Regulating Software When Everything Has Software

Ohm, Paul and Reid, Blake Ellis, Regulating Software When Everything Has Software (November 16, 2016). George Washington Law Review, Vol. 84, No. 6, 2016. Available for download at SSRN: https://ssrn.com/abstract=2873751 “This Article identifies a profound, ongoing shift in the modern administrative state: from the regulation of things to the regulation of code. This shift has… Continue Reading

Data Breach Incidents, Causes, and Response

Data Breach Incidents, Causes, and Response, 12/12/2016“In October and November of 2012 the Society of Corporate Compliance and Ethics and the Health Care Compliance Association conducted a survey among compliance professionals to better understand the impact and frequency of data breaches. At the time breaches were very much in the news, just as they are today. To assess whether and… Continue Reading

IRS IG – Improvements Are Needed to Ensure the Protection of Data the IRS Transfers to External Partners

“When the Internal Revenue Service (IRS) has shared data, including Personally Identifiable Information, taxpayer information, and other sensitive data, with external entities, it has not always adequately protected the data through secure file transfer technology, according to an audit report that the Treasury Inspector General for Tax Administration (TIGTA) released today. The IRS shares data… Continue Reading

USSS Faces Challenges Protecting Sensitive Case Management Systems and Data

“We performed this audit as a follow-up to a September 2015 Office of Inspector General (OIG) investigation regarding United States Secret Service (USSS) employees improperly accessing and distributing sensitive information onthe agency’s Master CentraIndex (MCI) mainframe system. Our objective was to determine whether adequate controls and data protections were in place on systems to which… Continue Reading

NIST study – Security Fatigue

Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84 “Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect… Continue Reading

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016. “Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation… Continue Reading

Article excerpt from new book – “Rise of the Machines: A Cybernetic History”

This article is published via the Passcode – Modern field guide to security and privacy from The Christian Science Monitor”: The cypherpunk revolution-How the tech vanguard turned public-key cryptography into one of the most potent political ideas of the 21st century, by Thomas Rid, July 20, 2016. “…But amid the hype [in the 1990s with… Continue Reading

ACRL – Keeping Up With Cybersecurity, Usability, and Privacy

Snipped – via Bohyun Kim. Associate Director, Library Applications and Knowledge Systems, at the University of Maryland-Baltimore, Health Sciences and Human Services Library – Keeping Up With Cybersecurity, Usability, and Privacy What is Cybersecurity? Cybersecurity is a broad term. It refers to the activities, practices, and technology that keep computers, networks, programs, and data secure… Continue Reading

CRS – Stealing Trade Secrets and Economic Espionage

Stealing Trade Secrets and Economic Espionage: An Overview of the Economic Espionage Act, Charles Doyle, Senior Specialist in American Public Law. August 19, 2016. “Stealing a trade secret is a federal crime when the information relates to a product in interstate or foreign commerce, 18 U.S.C. 1832 (theft of trade secrets), or when the intended… Continue Reading