According to IDC, by 2025 there will be 41.6 billion Internet of Things (IoT) devices, generating a massive 79 zettabytes (ZB) of data. To put that into perspective, in 2006, IDC estimated that the total amount of electronic data created and stored was a mere 0.18 ZB. This growing amount of data represents a vast and exponentially increasing attack surface, which poses a huge opportunity for cybercriminals and a seemingly insurmountable task for those responsible for protecting and securing it. This task is only made more difficult by the lack of regulation and security measures being built into IoT devices at present. As IoT looks to become a foundational aspect of our everyday lives, it’s vital we, as consumers, understand the threats posed to our devices and the data they store.
The US Government Accountability Office (GAO) reviewed how 3 agencies—the Federal Aviation Administration, Indian Health Service, and the Small Business Administration—used cybersecurity tools that identify the hardware and software on their networks and check for vulnerabilities and insecure configurations.
IBM, the owner of the Weather Channel mobile app, has reached a settlement with the Los Angeles city attorney’s office after a 2019 lawsuit alleged that the app was deceiving its users in how it was using their geolocation data.
The Election Infrastructure Government Coordinating Council (GCC) held its summer meeting virtually to discuss Election Day preparations and other areas of coordination between the federal government and state and local election officials.
CyVision Technologies, Inc. announced that Paul Goldenberg, chairman and president of Cardinal Point Strategies, and John “Jack” Donohue, Cardinal Point’s senior advisor–national security, have been appointed to serve on its board of advisors. In their advisory role these two renown cyber and homeland security experts will offer strategic and tactical guidance in understanding and navigating critical cybersecurity issues facing the public sector organizations, institutions and private sector businesses.
As many employees transfer back to a more traditional business setting from remote work environments, adjustments to cybersecurity protocols are going to be necessary. Organizations will need to evaluate any temporary provisions that were put into place during the COVID-19 pandemic, including any shortcuts that were taken and processes that were circumvented, and whether such protocols should be reversed or enhanced.
We speak to Saad Gul, Co-Chair of the Poyner Spruill, LLP, privacy and cybersecurity team, and learn about the Lifespan HHS investigation, what it means for data security professionals and why the HSS ruling should be a warning to all companies with HIPPA information.
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.
The U.S. Department of Energy (DOE) announced $37 million in funding for research and development in artificial intelligence and machine learning methods to handle data and operations at DOE scientific user facilities.
Beginning in M86, Chrome will warn users when they try to complete forms on secure (HTTPS) pages that are submitted insecurely. These “mixed forms” (forms on HTTPS sites that do not submit on HTTPS) are a risk to users’ security and privacy. Information submitted on these forms can be visible to eavesdroppers, allowing malicious parties to read or change sensitive form data, says Google.
RSS
