now browsing by tag
(Eds: Disclaimer: The following press release comes to you under an arrangement with PR Newswire. PTI takes no editorial responsibility for the same.)
As a partner of AWS, Fractal is co-presenting with Office Depot at NRF 2020 Vision
MUMBAI, Jan. 13, 2020 /PRNewswire/ — Fractal (https://fractal.ai), a global leader in artificial intelligence and analytics, powering decision-making in Fortune 100 companies, announced today that they are a Certified Retail Competency Partner of Amazon Web Services (AWS). As an AWS Certified Retail Competency Partner, Fractal will co-present with Office Depot at the National Retail Federation’s (NRF) 2020 vision event, taking place at the Javits Center in New York City, January 11-14.
Fractal and Office Depot will jointly present on retail technologies enabling customer centricity and growth, using AI and Machine Learning solutions to help retailers make decisions around customer segmentation, next best action, customer churn and more, giving attendees a closer look at the company’s latest innovations.
The AWS Retail Competency status differentiates Fractal as an AWS Partner Network (APN) member that delivers highly specialized technical proficiency with deep AWS expertise, and delivers solutions seamlessly on AWS. AWS Retail Competency Partners undergo rigorous validation by AWS to ensure alignment to AWS’ best practices for building the most secure, resilient and highest-performing cloud infrastructure for industry applications, giving customers increased confidence when making decisions.
“Fractal has been focused on transforming the retail business for some time now. We are thrilled to be recognized as a Retail Competency Partner by Amazon Web Services,” said Amitabh Bose, Chief Practice Officer at Fractal. “AWS is the market leader in cloud computing platforms and well penetrated in the retail sector. This acknowledgment and our strategic partnership with AWS will help us drive significant value for our retail clients by solving their business problems at scale.”
Fractal offers a wide range of retail-focused solutions in areas including personalization, marketing effectiveness, supply chain, promotions optimization, shrink management, and more, which can be deployed either on-premise or through deployed cloud systems. With these solutions, Fractal has helped deliver successful top-line and bottom-line impact for various Fortune-100 retailers.
Fractal is one of the most prominent players in the Artificial Intelligence space. Fractal’s mission is to power every human decision in the enterprise and uses the power of AI to help the world’s most admired Fortune 100 companies.
Fractal’s products include Qure.ai to assist radiologists in making better diagnostic decisions, Cuddle.ai to assists CEOs, and senior executives make better tactical and strategic decisions, Theremin.ai to improve investment decisions and Eugenie.ai to find anomalies in high-velocity data.
Fractal has consistently been rated as India’s best companies to work for by The Great Place to Work® Institute. Fractal has been featured as a leader in the Customer Analytics Service Providers Wave 2019 by Forrester Research and recognized as an “Honorable Vendor” in 2019 magic quadrant for data & analytics by Gartner.
For more information: www.fractal.ai
View full post on National Cyber Security
On Aug. 21, Lumber Liquidators’ corporate and store-level computer systems began to shut down. Without them, the flooring company’s retail employees couldn’t check product prices or inventories. They had to send in orders to distribution centers by phone or from their personal email accounts and write down customers’ credit card information on paper. Each transaction took up to half an hour. Amid the chaos, sales took a hit. So did morale, since sales factored into employee bonuses.
“You couldn’t really sell or haggle anything,” said Trevor Sinner, then a store manager in Los Angeles. “You couldn’t see inventory, you couldn’t see cost, you couldn’t see anything.”
Once most of the computer systems were back online six days later, the Virginia-based retailer reported what it called a “network security incident” showing “symptoms of malware” to the Securities and Exchange Commission. But Sinner got a different explanation from a divisional vice president, who confided that the real culprit was ransomware — malicious software that freezes computer files and demands payment to decrypt them.
“We knew it was ransomware a long time ago,” Sinner said. “I don’t think the company disclosed it was ransomware to anybody, even now.”
Each year, millions of ransomware attacks paralyze computer systems of businesses, medical offices, government agencies and individuals. But they pose a particular dilemma for publicly traded companies, which are regulated by the SEC. Because attacks cost money, affect operations and expose cybersecurity vulnerabilities, they sometimes meet the definition used by the SEC of a “material” event — one that a “reasonable person” would consider important to an investment decision. Material events must be reported in public filings, and failure to do so could spur SEC action or a shareholder lawsuit.
Yet some companies worry that acknowledging a ransomware attack could land them on the front page, alarm investors and drive down their share price. As a result, although many companies cite ransomware in filings as a risk, they often don’t report attacks or describe them in vague terms, according to experts in securities law and cybersecurity.
Weak or no disclosure to the SEC is one of several omissions that hamper federal monitoring of ransomware assaults on U.S. businesses. Companies seldom choose to alert the FBI, fearing that the attacks would become public, that agents might investigate unrelated problems or that the bureau would discourage them from paying ransoms. And at least two data recovery firms that some victimized businesses hire to pay the hackers have not registered with a bureau of the U.S. Department of the Treasury that tracks financial transactions involving suspected criminals.
These gaps become more glaring as the ransomware danger grows. In an October announcement, the FBI warned that attacks “are becoming more targeted, sophisticated, and costly,” and that losses from them “have increased significantly.” Some recent ransomware attacks have resulted in the theft of victims’ sensitive data and threats to sell or publish it — a breach of security that could undermine one of the most common corporate rationales for lack of disclosure. John Reed Stark, a former SEC enforcement attorney, said companies have leaned on the notion that ransomware attacks aren’t material because there’s little evidence that personally identifiable information — the release of which may trigger reporting requirements in various states — is stolen.
“The general consensus is that data was not exfiltrated, so we don’t have to say anything,” said Stark, now a consultant for businesses dealing with ransomware and other cyber issues. He added later, “Ransomware attacks have now evolved into data breaches, and it is terrifying.”
Even when companies do allude to an attack in SEC filings, they typically resort to euphemisms rather than the very word that best describes what paralyzed their business and caused millions of dollars in losses. Just as wizards in the Harry Potter books speak of evil Lord Voldemort as “He Who Must Not Be Named,” so companies are loath to refer to dreaded ransomware.
“They specifically avoid saying it,” said Bill Siegel, chief executive of Coveware, a Connecticut-based firm that analyzes ransomware victims’ options and often pays the ransom on their behalf. “They generally don’t use the word ‘ransomware’ for obvious reasons. It’s an ugly term. It scares people.” By using more generic terms, “You can put it out there, and you’ve officially said something, but you’ve also said nothing that can get you in any sort of trouble any which way.”
Siegel said Coveware works with as many as six publicly traded companies a month, which he declined to identify. “Any company that uses a phrase like ‘malware that encrypted’ or ‘malware that caused system disruption or downtime’ is likely referring to ransomware. Because malware is everywhere, it’s constant, and you don’t stop doing business because of malware,” he said. “I think you can feel very, very confident that … anybody that phrases it as a malware or IT security incident that causes a disruption is likely referring to ransomware.”
Less than half of Siegel’s publicly traded clients pay a ransom, while the rest usually restore data from backups, he said. “Some of these [situations] are pretty messy and sometimes take weeks or longer to fully recover from,” he said. “We’ve had public companies that have literally rebuilt every computer from scratch.”
In a November filing, Lumber Liquidators said that its computer freeze was “caused by malware,” and that it “implemented our business continuity plan and undertook actions to recover the affected systems.” It estimated a $6 million to $8 million revenue loss. In an accompanying earnings call, the company’s chief executive said that a “network attack” had “encrypted certain IT systems.” Encrypted files are characteristic of ransomware.
Asked whether the company was attacked by ransomware, and if so why the company hadn’t used the term, Lumber Liquidators spokesman Nathan Bowie didn’t respond.
A ProPublica review of SEC filings found that companies typically attribute computer mishaps to malware. For example, Illinois-based trucking company Roadrunner Transportation Systems blamed a “malware attack” in September for quarantined servers and invoice delays that reduced revenue by more than $7 million. Another Illinois company, Ingredion, a maker of sweeteners and starches, said “suspicious activity” and a “malware incident” took servers offline in October, with an expected delay in transactions with customers and suppliers. Indiana-based Patrick Industries, which makes components for recreational vehicles, spent $1.5 million to repair damage from a “highly-sophisticated third-party malware cyberattack” this year that disrupted operations for two business days. Spokeswomen for the companies declined to respond to questions.
Companies sometimes cite ransomware in filings as a potential risk. Last February, Massachusetts-based beverage company Keurig Dr Pepper warned in an SEC filing that a ransomware attack could breach its cybersecurity. In that same filing, it said that an “organized malware attack” had disrupted its coffee systems division, and that it had “taken actions to address this attack,” but offered no other details. A company spokeswoman declined to comment.
ProPublica could not determine if Roadrunner, Ingredion, Patrick Industries or Keurig Dr Pepper were hit by ransomware.
Steven Chabinsky, a Washington, D.C., attorney who focuses on privacy and cybersecurity matters, said that such disclosures satisfy the materiality rule. There is “no reason to think the SEC would look for magic words like ransomware as long as the incident was described accurately,” he said.
SEC spokesman Christopher Carofine declined to comment on companies’ avoidance in filings of the word “ransomware.” However, in cyber disclosure guidance last year, the SEC appealed for more candor. Companies “should avoid generic cybersecurity-related disclosure and provide specific information that is useful to investors,” it said.
In a speech last year at the Tulane Corporate Law Institute, SEC Commissioner Robert Jackson expressed concern that companies aren’t reporting cyberattacks, though he didn’t single out ransomware. The commission “relies heavily on the judgments of corporate counsel to make sure investors get the information they need” on cyber incidents, he said. “I worry that these judgments have, too often, erred on the side of nondisclosure, leaving investors in the dark and putting companies at risk.”
Without knowing about the existence or extent of ransomware attacks and any subsequent payments, investors cannot make informed decisions about stock ownership or proposals that could boost a company’s cybersecurity, Rhode Island Congressman Jim Langevin said in an interview. Companies need to “err on the side of reporting,” and the SEC must be “more proactive” in enforcing regulations, he said.
“Investors certainly have a right to know if a ransomware attack happened, how it was handled and whether or not the ransom was actually paid,” said Langevin, a Democrat who is co-chair of the Congressional Cybersecurity Caucus and has called on the SEC to require companies to disclose their cybersecurity practices.
“We don’t know what we don’t know,” he continued. “When breaches have occurred, if companies are silent about it, investors don’t know, policyholders don’t know, regulators don’t know. It sends the message that everything is fine here, there’s nothing to worry about, and they just go on with business as usual. That’s wrong.”
Internal debates within corporations over whether to disclose a ransomware attack typically involve discussions about two groups that might challenge a material omission in the filings, Stark said. “You worry about the Division of Enforcement at the SEC, and you worry about the plaintiff’s bar,” he said.
Failing to disclose material events to investors and the SEC can spur backlash from both directions. After Yahoo failed to promptly report a data breach (not ransomware) affecting hundreds of millions of accounts, it settled a shareholder lawsuit in 2018 for $80 million and SEC charges for an additional $35 million. Yahoo, now called Altaba, denied the shareholder allegations and neither admitted nor denied the SEC charges.
Whether a ransomware attack that doesn’t expose troves of personal data must be deemed material and reported to the SEC is a closer call. While the ransom demand generally isn’t high enough to be considered material by itself, companies often incur other costs related to the attack — from hiring outside consultants and replacing damaged equipment to paying higher cyber insurance premiums and coping with lost revenues from interrupted operations. There are qualitative considerations as well, from customer dissatisfaction to loss of corporate data. Corporations should weigh “the importance of any compromised information and of the impact of the incident on the company’s operations,” the SEC has said.
The test for materiality is subjective, and companies “absolutely take advantage of the leeway,” said consultant Stephanie Tsacoumis, who teaches a class called Disclosure Under the Federal Securities Laws at Georgetown University’s law school. “I could argue from an investor’s perspective that a ransomware event is significant because it demonstrates that there are flaws in the company’s cybersecurity protections and that’s a threat to their business, and it could be a huge failure of internal controls,” she said. “And therefore it qualitatively is material enough to be disclosed.”
Corporations sometimes warn in filings that they may be affected by ransomware in the future. Tsacoumis said companies may use this generic “risk factor” disclaimer to justify not reporting a specific attack, taking the position that the market already has been alerted about the potential for it, she said. Reporting only a hypothetical risk in the face of real harm, however, can get companies in trouble. In July, Facebook agreed to pay $100 million to settle SEC charges that it disclosed only a hypothetical risk of misuse of user data when actual misuse, not involving ransomware, had already occurred. Facebook neither admitted nor denied the allegations.
From corporate IT employees and senior management to outside auditors, “everybody’s interest is to downplay” an attack, Tsacoumis said. “It’s self-interest. My personal annual evaluation, my bonus, my salary, my promotion. It’s how management looks to the board, and then it’s how the company looks to the public. And they all have an interest in maintaining the stock price. It goes from the individual level to the more macro level and impact on the market.”
John Olson, an attorney who has represented companies before the SEC, said he would advise disclosure when ransomware affects vital business information, finances or customers. “The financial impact could be significant and is certainly embarrassing and does raise questions about how good their cybersecurity is,” he said.
When Beth George was an attorney in the U.S. Justice Department, she worked with the FBI to persuade public companies to cooperate with law enforcement investigations into cyberattacks. Now in private practice in California, she’s one of several former DOJ and FBI officials who don’t recommend to clients that they report ransomware attacks to the bureau.
“I do think the FBI truly believes that they can be helpful to companies when these ransomware attacks happen, but I don’t know in actuality how true that is,” she said. The bureau “lacks the resources to be the cybersecurity responder for every company, and I don’t think they understand their resource constraints. … And as someone who is a former government official, it makes me sad. It’s completely opposite of what we thought our mission was to do in the government, which is to help companies. But the FBI spends a lot of time saying, come to us and we’ll help you, and no time saying, ‘How can we help you?’”
Reporting a crime to the FBI is voluntary. Since 2016, more than 4,000 ransomware attacks have taken place daily, according to statistics posted by the U.S. Department of Homeland Security. Nevertheless, only 1,493 were reported to the FBI in 2018. The bureau said in October that it does not advocate paying ransoms since doing so encourages continued criminal activity, but it added that it “understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers.” Regardless of whether victims decided to pay ransoms, the FBI urged them to report ransomware incidents. “Doing so provides investigators with the critical information they need to track ransomware attackers, hold them accountable under U.S. law, and prevent future attacks.”
Fear that an attack will become public knowledge is one of the biggest deterrents to reporting, said Thomas DiBiagio, a former U.S. attorney in Maryland, who now handles internal investigations for corporations. Other corporate concerns include the FBI’s historical opposition to paying ransoms and its reluctance to share intelligence with victims about who might be behind the attack — information that is often considered classified. Companies can turn instead to private cybersecurity firms, largely staffed by former FBI agents, which have no compunctions about paying ransoms, and typically share findings with clients, George said. Working with a consultant rather than the government may also reduce the chance that the news will leak.
Moreover, many attacks originate in countries that do not cooperate with U.S. law enforcement. Last year, the DOJ delivered its first indictment of alleged cyberattackers for deploying a ransomware scheme. The two Iranian hackers were wanted in connection with SamSam ransomware, which paralyzed computer networks across North America and the U.K. between 2015 and 2018. This month, the DOJ indicted two Russians in connection with deploying financial malware that cost victims tens of millions of dollars. Later versions of the malware were designed to facilitate ransomware installation, the DOJ said. Neither the Iranians nor the Russians have been arrested.
Chabinsky, a former deputy assistant director of the FBI’s cyber division, said some businesses report ransomware attacks to the bureau because their cyber insurance policies require them to or because they believe cooperating with law enforcement protects their reputation. But many don’t, feeling the FBI can’t offer much assistance and could create a distraction as “one more party asking you for information during a time of crisis management,” he said. Chabinsky has never advised a client hit by ransomware to contact the bureau, he said.
DiBiagio cited another downside of dealing with the FBI. “Not that I’m saying corporate America is dishonest, but the last thing you want is a bunch of FBI agents crawling around your company,” he said. “There is no benefit whatsoever of you reporting. There’s no incentive. And there’s clearly identifiable cost. It’s the cost, the disruption, the risk they talk to some employee and now you’re under investigation. There’s no upside.”
In an emailed response to questions, the FBI said it “protects the confidentiality of sensitive information it receives.” It said it “works closely” with victimized corporations to protect their interests and make sure they “have all the information needed to reconstitute systems, patch vulnerabilities, and prevent additional attacks.”
“Over the course of many responses to ransomware incidents, the FBI has refined its response protocols to ensure that it is able to conduct investigative activity in the least intrusive way possible,” the bureau said. “When a victim decides to voluntarily work with the FBI, we strive to do only the work required to thoroughly investigate the incident and to do so quickly and with minimal impact on the operations of the company we are working with.”
Langevin, the Rhode Island congressman, said the government needs stronger reporting requirements on cyberattacks so officials can compile more accurate incident data. That data could improve cyberdefenses by helping policymakers and companies decide where to focus their resources. One possibility, he said, is requiring insurers to report incidents to the FBI as they process cyber policy claims.
“All too often these ransomware attacks are being swept under the rug, but we don’t know how broad the problem is until we have real data to look at,” he said.
Theoretically, the federal government has another way of tracking ransomware attacks. Corporations hit by ransomware sometimes hire private firms to pay the cryptocurrency ransom on their behalf, taking a fee for the service. These companies should qualify as “money transmitters” regulated by the Financial Crimes Enforcement Network, or FinCEN, a bureau of the U.S. Treasury Department, said Matt Klecka, a former trial attorney in the DOJ’s Bank Integrity Unit, which works with FinCEN. As such, they should file “Suspicious Activity Reports” to FinCEN on ransomware payments since a criminal is known to receive the money, Klecka said.
Once they register, “they’re known quantities,” Klecka said. “They’re on FinCEN’s radar. Then FinCEN will be looking” at the suspicious activity reports.
Sentinel Crypto Holdings, a Florida firm that pays ransoms on behalf of victims, has registered with FinCEN, and its founder told ProPublica that it has regularly submitted suspicious activity reports. Florida-based MonsterCloud and New York-based Proven Data are not registered. ProPublica reported in May that both firms purported to use their own technology to disable ransomware but often just paid the ransom. Through a spokesman, MonsterCloud CEO Zohar Pinhasi declined to comment.
FinCEN spokesman Stephen Hudak declined comment on whether these companies should be considered money transmitters. If they are registered, he said, they should report ransomware transactions as suspicious activities. “Businesses should contact FinCEN if they are unsure of their registration requirements,” he said.
Proven Data did just that in 2016, when it asked FinCEN if its work facilitating ransom payments on behalf of clients required it to register with the agency as a money transmitter, according to correspondence provided by the company. Proven Data argued that registration was not required because its core business was “a suite of data recovery services,” and that it only paid ransoms when no other solution was available. Proven Data also assured FinCEN that, “in all cases, the company encourages the victim to report the incident to the FBI.” FinCEN agreed with Proven Data’s assessment.
Middlemen transacting ransoms is “troubling” and “unseemly,” Langevin said. “This is an area where law enforcement should be looking because it does facilitate the ongoing practice. These firms need to be looked at and regulated,” he said.
On Columbus Day weekend, ransomware struck Connecticut-based Pitney Bowes. Its clients — which include most Fortune 500 companies — realized something was wrong when they had trouble using the company’s postage meters and some of its e-commerce shipping services. As the Pitney Bowes technical team and outside consultants scrambled to restore operations, chief communications officer Bill Hughes spent the holiday weekend combing through SEC filings to see how other publicly traded companies disclosed ransomware attacks. He didn’t find much.
“I knew there were way more incidences than what was being reflected in the news and in SEC filings,” said Hughes, adding, “In the two or three examples that I found on Saturday or Sunday morning when I researched, it was always ‘malware.’ It was never ‘ransomware.’”
Following precedent, Pitney Bowes first told investors in an Oct. 15 filing that it had been “affected by a malware attack.” But company executives soon decided to be more forthcoming. In an Oct. 17 webinar, the company’s chief data protection officer referred to the attack as ransomware. Posted updates cited the “Ryuk virus.” Ryuk is a notorious ransomware strain that hackers use to encrypt files and command six- or seven-figure ransoms. Pitney Bowes said in a November filing that the “ransomware attack” could reduce annual revenue by 1⁄2%.
A few companies besides Pitney Bowes have dared to invoke the R word. California-based Fluidigm, a maker of biotechnology tools, said in an SEC filing that it had “experienced a ransomware attack” in March that encrypted some systems “containing critical business data.” Agnes Lee, who handles investor relations for Fluidigm, said the company tried “to be accurate and transparent to the extent that we can be.”
Maryland-based media company Urban One said in an earnings call this year that it was “hit by a ransomware attack” costing more than $1 million in recovery expenses and lost revenue. The company’s general counsel, Kris Simpson, told ProPublica that the company was penetrated by the Ryuk strain and did not pay the ransom.
“It really is going on every day, and I think part of the thought process is that everyone is getting hit so it’s kind of ordinary course,” Simpson said. “But I think that we tend to be conservative in our disclosure, so we tend to over-disclose. We just think it’s the right thing to do.”
The post #school | #ransomware | Like Voldemort, Ransomware Is Too Scary to Be Named — ProPublica appeared first on National Cyber Security.
View full post on National Cyber Security
#nationalcybersecuritymonth | Alex Pickering, BBC Studios’ Content Security Chief Named as New Chair by CDSA Board of Directors
Source: National Cyber Security – Produced By Gregory Evans The global entertainment industry’s advocate for content security, content protection and information security, the Content Delivery & Security Association (CDSA), has named BBC Studios’ Content Security Director, Alex Pickering as its new Chairman. Pickering will direct the strategy for the Association’s mission of providing global community engagement around […] View full post on AmIHackerProof.com
St. Petersburg College was recognized this month by The National Security Agency and the Department of Homeland Security.
- SPC named Center of Excellence in cybersecurity education
- Designated through academic year 2024
- Allows school to further expand program
- More Pinellas County stories
The school was named a National Center of Excellence in Cyber Defense Education. The recognition comes as October is Cybersecurity Awareness Month.
Dr. James Stewart, Dean of the College of Computers and Information Technology at SPC, says the designation is an honor and will help the school expand its cybersecurity program.
“We want to make sure that we’re number one, our students are number one, and that’s our goal,” said Stewart.
The students at SPC enrolled in the cybersecurity program to get hands-on experience, including learning how to block hackers.
“It’s really interesting to see how they kind of circumvent the common protections we have in place,” said student Lionel Plaisance. “When you’re working in cybersecurity, you have to have a really good idea not just about how one thing works but about how all the pieces come together.”
The dean says the designation will be on students’ diplomas. He also says this recognition will help them expand the program, including adding new classes focused on threat analysis.
The post #nationalcybersecuritymonth | SPC Named Center of Excellence in Cyber Defense Education appeared first on National Cyber Security.
View full post on National Cyber Security
School Choice Advocate Betsy DeVos Named Ed. Sec.: What Does That Mean? – Politics K-12 – Education Week
President-elect Donald Trump has tapped Betsy DeVos, a longtime school choice advocate and Republican mega-donor, to be his education secretary, he announced Wednesday.
View full post on Education Week: Bullying
#pso #htcs #b4inc
View full post on Parent Security Online
Eric Gordon, CEO of the Cleveland district since 2011, was chosen Thursday as the Urban Educator of the Year at the Council of the Great City Schools annual conference in Miami.
View full post on Education Week: Bullying
#pso #htcs #b4inc
The post Cleveland District CEO Named Urban Educator of the Year – District Dossier – Education Week appeared first on Parent Security Online.
View full post on Parent Security Online
Nathan Swirnoff is using his daily experience to lobby for change on the national stage as well as provide support to his peers nationwide.
On March 10, Swirnoff went to Capitol Hill as National Youth Ambassador for the Tourette Association’s National Advocacy Day. The event was designed to lobby Congress members to support H.S. 292, An Act Advancing Research for Neurological Disease Act – Inclusion for TS Prevalence.
“I went to Washington, D.C., to advocate for the problem I have, Tourette Syndrome,” said Swirnoff, of Marlboro Road. “I want to spread awareness to people who don’t really know about it.”
As a youth ambassador, Swirnoff received training in D.
The post Lexington eighth-grader named an ambassador for Tourette Syndrome awareness appeared first on Parent Security Online.
View full post on Parent Security Online
The White House released a list of names that US President Barack Obama has appointed to the new Commission on Enhancing National Cybersecurity panel. The panel was formed earlier this year as part of Obama’s $19bn (£13bn) proposal to boost the US government’s cybersecurity system. The panel includes top members of the tech, intelligence and academic communities. Among others appointed is CEO and president of MasterCard Ajay Banga; Microsoft Research’s Peter Lee, Uber chief security officer Joe Sullivan, former NSA director General Keith Alexander and Stanford cyberpolicy and security researcher Herbert Lin. In a statement, Obama said: “I have charged the Commission on Enhancing National Cybersecurity with the critically-important task of identifying the steps that our nation must take to ensure our cybersecurity in an increasingly digital world. These dedicated individuals bring a wealth of experience and talent to this important role, and I look forward to receiving the Commission’s recommendations.” The commission will have an advisory-only role and will be tasked with rehauling the US government’s current tech policies to develop and provide new long- and short-term suggestions on cybersecurity, privacy, safety and collaborative initiatives between government agencies and private tech firms. Coincidentally, the announcement of the panel members […]
The post Microsoft, Uber execs and MasterCard CEO Ajay Banga named to US cybersecurity panel appeared first on National Cyber Security.
View full post on National Cyber Security
Mozilla announced Chris Beard as its new interim former chief marketing officerreplacing Brendan Eich as he resigned last April. Bread has also taken the place of Eich onMozilla corporation board.
“We began exploring the idea of Chris joining the board of directors some months ago,” says the executive chair-women Mitchell Baker on company’s blog.
“He’s been actively involved with Mozilla since before we shipped Firefox 1.0, he’s guided and directed many of our innovative projects, and his vision and sense of Mozilla is equal to anyone’s. I have relied on his judgement and advice for nearly a decade. This is an excellent time for Chris to bring his understanding of Mozilla to the Board.” Mitchell Baker continued
While the Beard is only interim CEO , the board still searches for someone to take place ofEich on permanent basis. Brendan Eich was promoted to chief executive on 24 March.Mozilla had to face criticism as Eich donated $1,000 to a campaign to ban same-sex marriage.
View full post on Am I Hacker Proof
It’s not uncommon for a criminal defendant in a white-collar case to cooperate with prosecutors in hopes of receiving a lenient sentence. But it is less common for a defendant to then seek to keep that cooperation secret out of fear of retaliation from those he named. Yet that appears to have been the case with Eric Saldarriaga, a private investigator in New York who was sentenced on June 26 to serve up to three months in federal prison for hacking into dozens of personal email accounts. A year before he pleaded guilty, Mr. Saldarriaga tried, in vain, to cooperate with federal authorities in a bid to avoid prison time. In the end, prosecutors decided the information he provided was not enough to pursue charges against anyone else, according to court filings in the case that were unsealed on Tuesday. What seemed to trouble Mr. Saldarriaga the most in the weeks since his guilty plea was that the full extent of his efforts to help authorities might become public and prompt at least one of his former clients to possibly retaliate against him. “I now fear for the safety of my family,” Mr. Saldarriaga wrote in a previously redacted letter […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Hired Hacker Who Named Clients Now Fears Retaliation appeared first on National Cyber Security.
View full post on National Cyber Security