ISMS.online News Roundup – 14th November 2019

Welcome

Google face groundbreaking UK claim, Intel fixes something it claims it fixed six months ago and more in this weeks edition of our information and cybersecurity news roundup!

The Sorry State of Cyber Security Imagery

The Hewlett Foundation commenced a campaign in 2018 to combat the visual stigma related to visual examples of cybersecurity. The concern was related to the standard imagery ignoring people involved or affected by the challenges of the subject matter. Eli Sugarman and Heath Wickline write an excellent piece, exploring some of the new principles which help in representing the subject matter more effectively.

Read the full article here.

Google wants to rid the Play Store of bad apps

In a bid to strike a major blow at the threat of dangerous android applications, Google has partnered with three mobile security firms as part of a new project called the App Defence Alliance. Anthony Spadafora of Tech Radar investigates the challenges of unifying malware and threat detection engines for the task in this intriguing article.

Read the full article here.

Why CFO’s must be involved in cybersecurity

Cybersecurity ties in with every aspect of an organisation. With this being the case, there is an arguement for having a Chief Financial Officer involved, as put by Thomas Stoesser of Security Boulevard.

Read the full article here.

After Brexit, Europe wants cybersecurity pact with UK

While strategies for cybersecurity continue to advance, examples such as high volumes of data storage, the number of smartphones and other connected devices create more avenues of attack. Dave Vellante and Mike Wheatley from Silicon Angle look at both sides of the situation, while there is a video to accompany the article.

Read the full article here.

Universities strengthen cyber security

In recent roundups, we have shared stories of student data at universities falling under threat to breaches from cyber attacks. On a positive note, Mark Say of UKAuthority.com is reporting that the number of universities in the United Kingdom achieving Cyber Essentials Certification has now hit 40%, a definite step in the right direction.

Read the full article here.

As 5G rolls out, troubling new security flaws emerge

Researchers presented in London recently at the Association for Computing Machinery’s Conference, stating the specifications for 5G still has vulnerabilities. While 5G begins to branch out, time appears to be running out to address the weaknesses. Lily Hay Newman reports for Wired.com

Read the full article here.

Can regulations improve cybersecurity? In APAC, opinions vary

In an interesting story, a commissioned survey in Asia collected opinions on whether strong regulations can improve cybersecurity. While there were those who supported the thought and agreed, Japan have countered the notion. Amer Owaida for Welivesecurity.com summarises the findings and captures some of the opinions.

Read the full article here.

Intel Fixes a Security Flaw It Said Was Repaired 6 Months Ago

Vulnerabilities in computer chips and processors can be used as viable options by hackers to illegally obtain private data. With this being a fact, it comes as something as a surprise to know that Intel has fixed a security flaw in its technology which was originally stated to have been repaired six months ago. Kim Zetter of the New York Times looks at how this has come to light.

Read the full article here.

Cyber-Resilience vs. Cyber-Security: Business Leaders Must Understand the Difference

Cybersecurity has many aspects, but a simpler way to look at it is comparing the subject to “cyber resilience”. Joseph Steinberg has produced a good read going into how cybersecurity tackles the immediate, while cyber resilience is all about how we move forward with cyber.

Read the full article here.

Taking responsibility for security in the cloud

While the use of cloud technology as with any other raises challenges with accidental breaches and security maintenance, what questions can be asked by organisations to their service providers? Peter Ray Allison of Computer Weekly looks at what those may be.

Read the full article here.

Adobe’s Cyber Woes: How Leaders Can Create Security Resilience

Following the recent breach of user data at Adobe, Jason Wingard of Forbes takes a retrospective look in this informative piece at how organisations can avoid making the same mistakes going forward.

Read the full article here.

Work still needed to protect student information against hackers, Oregon audit finds

After an audit of the Oregon Department for Education, findings revealed that more needs to be done to protect the personal data of students. Among highlights to prevent threats to cybersecurity, Claire Withycombe of Malheur Enterprise reports on the challenges ahead for the department.

Read the full article here.

Data Breach Costs Texas Health Agency $1.6 Million

A data breach which has affected the personal health information of 6,617 people has resulted in a fine to the cost of $1.6m. The Texas Health and Human Services Commission are examining ways to strengthen their process, captured in this story by Chuck Lindell of Govtech.com.

Read the full article here.

How to get closer to your customers without creeping them out

With rising concerns by customers over how brands make use of their data, it has become increasingly difficult for organisations to build a bridge of trust. eWeek offers some advice for these organisations to improve these relationships.

Read the full article here.

How to put together an effective information security policy

No matter what industry you are in, the securing of data in the digital age should always be a top priority. Having an effective set of security policies which enable employees to follow well implemented strategies is on step forward in creating a solid line of defence. Ashley Halsey of Infosecurity Magazine explains more.

Read the full article here.

Groundbreaking UK claim against Google will proceed

Between 2011 and 2012, Google allegedly covertly tracked the browsing activity of more than four million iPhone users for commercial purposes. This was done by bypassing default privacy settings. The Court of Appeal for England and Wales has revived this case against Google, which may pose costly implications for data privacy. Kate Paine, Marisa Pearce and Sarah L.Croft report for Financier Worldwide.

Read the full article here.

UK: North Wales Police boss blasts facial ID technology at football matches

A recent football derby fixture between Cardiff City and Swansea City played host to facial ID recognition technology. While supporters were very much outraged, so was Information Commissioner, Elizabeth Denham. Deeside.com captures the story which is part of a wave of issues surrounding facial recognition coming into effect.
 

Read the full article here.

Managing data subject access requests more effectively

The Open Data Institute has found that the NHS is topping the list of sectors which the public trusts for how it uses personal data. The survey was taken from 2,000 adults, but the result is lower than a previous survey. Mark Say for UKAuthority reports the findings.

Read the full article here.

Microsoft’s national privacy benefits gesture is welcome as California’s ‘GDPR avatar’ looms

With the California Consumer Privacy Act (CCPA) edging much closer, Microsoft has recently announced its intentions of offerring its benefits to consumers across the USA, accompanying the likes of Salesforce and Apple who are also supporting the pending legislation. Stuart Lauchlan gives the details of the story for diginomica.com.
 

Read the full article here.

Children’s personal data ‘secretly’ passed to Home Office

The Department for Education has been criticised by a data watchdog for secretly passing on personal data to the home office for immigration enforcement. This was done without the permission or knowledge of parents and teachers. William Eichler digs deeper into this story for localgov.co.uk

Read the full article here.

Kaspersky to Process and Store Data of its Customers from the United States and Canada in Switzerland

Cybersecurity company Kaspersky, is moving forward with plans to store the data or customers from the US and Canada in Switzerland. This is part of plans which also includes opening a new centre in Brazil next year. Business Wire looks at plans further to explain why.
 

Read the full article here.

ICO concerned by mass health data-sharing with advertisers

The ICO has voiced concerns about popular health websites sharing sensitive information with advertisers with the use of cookies to collect data. Naturally this raises issues relating to GDPR and in accompaniment to previous warnings, the ICO has reiterated the need for greater protections where health information comes into question. Keumers Afif Sadet reports for itpro.com.

Read the full article here.

Share This