A news report from a few days ago is actually a good example of the frustration some experience with OCR investigation of breaches. TL;DR version: a breach was reported by the media in March, 2017. This site also noted it. But now, more than one year later, there have been no consequences for the entity,…
Category: Commentaries and Analyses
Vietnam’s New Cybersecurity Law and Push for Internet Sovereignty Reduces Freedom
Scott Ikeda reports: On June 12th the Vietnamese National Assembly voted in a new cybersecurity law. The legislation did not come easily having gone through more than 12 drafts and much debate in government and the business sector. The claimed purposes of the legislation are to increase Vietnam’s Internet sovereignty, that is the data of…
Huawei security concerns
Angus Grigg reports: Chinese phone company Huawei has been linked to a major data breach in Africa casting doubt on the company’s claim there is no evidence to back up national security concerns which could see it banned from the rollout of 5G networks in Australia. The revelations centre on an investigation by French newspaper…
NYS Comptroller audit of Town of Ontario, New York
Another disheartening audit involving local government. From the NYS Comptroller’s Office: Town of Ontario – Information Technology, Financial Management and Procurement (2017M-137) Purpose of Audit The purpose of our audit was to evaluate the Town’s IT controls, financial condition and purchasing practices for the period January 1, 2015 through March 2, 2017. Background The Town…
UK: Independent Inquiry into Child Sexual Abuse fined £200,000 for revealing identities of possible abuse victims in mass email
From the Information Commissioner’s Office, this press release: The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 by the Information Commissioner’s Office(ICO) after sending a bulk email that identified possible victims of non-recent child sexual abuse. The Inquiry, set up in 2014 to investigate the extent to which institutions failed to protect…
Vermont schools lag on cybersecurity while risks hit home with $50K fraud from Pownal
Nicole Higgins DeSmet reports: A cyber thief infiltrated a Vermont supervisory union’s computer network and made a $50,000 transfer out of a school bank account, but safe guards on the account alerted staff members to take action. “A more sophisticated thief or hacker could have spent the time to turn off alerts, make all bank…