Altice Europe, a leading player in the convergence between telecom and media in France, services 23 million customers through its SFR division—Société française du radiotelephone—providing voice, video, data, internet telecommunications and professional services to consumers and businesses. The business-to-consumer (B2C) IT division of SFR deploys dozens of major projects each year, including web, front-end, and office applications.
On Friday, August 14, 2020, the California Office of Administrative Law (OAL) approved the California Office of the Attorney General’s (OAG) final CCPA regulations and filed them with the California Secretary of State (SOS). The regulations were immediately effective. Notably, the final text of the regulations submitted to the SOS was modified from the one filed with the OAL. The OAG published an Addendum to the Final Statement of Reasons setting forth the changes. Many of the changes are stylistic and grammatical. However, some of the changes are substantive and will impact compliance efforts. The most notable changes are discussed below.
Contact tracing for COVID-19 is critical to returning our nation to some semblance of normalcy, but we are far from a consensus on what effective, secure, cost-feasible and scalable contact tracing looks like. There are several documented, meaningful automated contact tracing efforts across the globe - not to mention more than 150 apps and initiatives in various stages of development. Getting contact tracing off the ground in the US is fraught with obstacles that are formidable, but not insurmountable. Among the thorniest is data privacy: if we can’t convince citizens that it’s safe and non-invasive to share information about who they’ve been in touch with, contact tracing will fail.
Over the past few months, millions of workers have turned their homes into their new, remote office, including state government employees, which brought a host of risks through use of unsecured Wi-Fi and poor access controls. This shift toward home as well as the underlying panic brought on by COVID-19 altered hackers’ focus and targets aimed at the remote worker. Chief Information Security Officers (CISO) preparing their companies for this change require time, training for employees and the right technology, as well as increased cooperation between the security teams and IT/network operations groups.
In her “Top Breaches of 2019”, a security journalist asked if last year would “…be the worst on record?” It looks like 2020 could surpass last year’s breaches, but it’s not entirely due to consequences of the global pandemic. For sure, unprecedented levels of remote working has emboldened hackers to exploit new vulnerabilities, but there’s one very insidious risk that shows up year after year: the silent and unwitting exposure of sensitive data that no one notices… until it’s too late.
The internet has become a powerful force for global interconnectivity and democratization. What’s more, the internet has introduced new methods for collective mobilization, such as “e-rebellions” and virtual protests. The global pandemic has accelerated the use of cyberspace as a powerful venue for individuals, groups, and nations to share ideas, engage, mobilize, and challenge authoritarian states in an impactful way.
Regardless of the exact wording of The CMS Interoperability and Patient Access final rule, it’s clear that healthcare executives will be spending considerable time this year thinking about, planning for, and implementing technologies that support healthcare data exchange.
The offices of the Chief Information Security Officer and the Chief Digital Officer have the biggest part to play in protecting consumers perception of a brand, but they couldn’t be more opposite in their objectives and operations. CISO’s are tasked with keeping the unknown users out. Their primary focus has been making sure internal users such as employees, contractors and vendors are properly vetted and authenticated. CDO’s are seeking to invite as many unknown users (prospects) in as they represent new business. Having said that, what would happen if the CISO and CDO partnered more closely to protect those unknown users (prospects) and improve their online experience?
When it comes to PKI, leaders have two options: build it or move it to the cloud. PKI as-a-Service (PKIaaS) platforms are becoming a popular investment choice that provide all the benefits of a privately rooted PKI, but without the cost and complexity of running it in-house. PKIaaS providers can deliver a much more effective, and ultimately more secure, PKI than most enterprises can achieve on their own. Regardless of whether the choice is to build or buy, teams must consider six key requirements to ensure in-house or out-sourced PKI success – and digital identity security.
RSS
