Commentaries and Analyses – Page 537

How to report a data breach under the GDPR

Posted on August 10, 2017 by Dissent

Conor Donnelly writes: One of the main changes under the GDPR is that all organisations must report a personal data breach to their supervisory authority within 72 hours, and in some cases to the individuals affected. What is a personal data breach? A personal data breach refers to a breach of security that can lead…

HBO Hackers Dump Game of Throne Scripts, Another Episode, and Confidential Corporate Files

Posted on August 7, 2017 by Dissent

“If history repeats itself, HBO may NEVER be the same Again. Winter Really is here” HB-Old is Dying……. — From an Email from the HBO Hackers This evening, the hackers who grabbed headlines last week by announcing their hack of HBO, released more files and more evidence of how thoroughly they may have ransacked some…

Department of Justice Releases Guidance for Vulnerability Disclosure Programs

Posted on August 4, 2017 by Dissent

Jennifer Martin, Ashden Fein and Weiss Nusraty write: Last week, the U.S. Department of Justice (“DOJ”) released a voluntary frameworkfor organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments. This framework provides private entities a series…

INFORMATION SECURITY: OPM Has Improved Controls, but Further Efforts Are Needed

Posted on August 3, 2017 by Dissent

INFORMATION SECURITY: OPM Has Improved Controls, but Further Efforts Are Needed GAO-17-614: Published: Aug 3, 2017. Publicly Released: Aug 3, 2017. What GAO Found Since the 2015 data breaches, the Office of Personnel Management (OPM) has taken actions to prevent, mitigate, and respond to data breaches involving sensitive personal and background investigation information, but actions are…

Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con

Posted on August 3, 2017 by Dissent

Update 1: This indictment may help explain things. Then again, it might not, as the more I read it, the more puzzled I am by the charges. Original Post: Joseph Cox reports: On Wednesday, US authorities detained a researcher who goes by the handle MalwareTech, best known for stopping the spread of the WannaCry ransomware…

Senators introduce bill to secure Internet of Things devices; provide some protection for researchers

Posted on August 1, 2017 by Dissent

Zack Whittaker reports: A bipartisan group of senators have introduced legislation aimed at securing internet-connected smart devices, which were at the center of a massive cyberattack that brought down large swathes of the internet last year. The distributed denial-of-service in October lasted for less than a day, but it further fueled concerns about threats posed by…