[From the desk of Paul Davis – his opinions and no-one else’s Apart from the reporter’s opinions ]
* Microsoft fixes critical flaw affecting every version of Windows
* Data breaches often result in CEO firing
* DHS Releases Guidance for Sharing Cyber Threat Indicators and Defensive Measures
* Training? What training? Workers’ lack of cybersecurity awareness is putting the business at risk
* How effective are orgs at detecting and investigating cyber threats?
* DHS to Launch Insider Threat Database
* Reviewing incident response plans for data risk preparedness
* 5 ways to stop malware in the cloud
* Beazley Breach Insights 2016 shows sharp increase in hacking and malware
* Fewer than 7,000 Mac computers infected with ransomware: Report
* ASIS, (ISC)² and ISACA to collaborate on new standard
* SA is top cyber crime target in Africa
* Home Depot agrees to pay customers $20M to settle that massive 2014 hack
* Huge Shortfall in Security Operations Experts Amid Growing Cyberattacks
* Study Reveals Popular Android Apps Interact with Risky Websites
* Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015
* Unfortunately, it’s a jungle out there in cyberspace! Deutsche Telekom is offering simple and effective solutions at CeBIT
* BAE Systems’ research reveals 40% of U.S. executives are unsure of the cyber security measures their Companies have in place
* TrendMicro published an interesting analysis of the principal cyber criminal underground communities in the Deep Web worldwide.
* Hottest Topics To Come Out Of RSA Conference
* International politics of the VPN regulation
Microsoft fixes critical flaw affecting every version of Windows
This month’s bumper release of security patches has one bulletin that affects every supported version of Windows.
Microsoft said on its regularly scheduled Patch Tuesday that users on Windows Vista and later — including Windows 10 — should patch as soon as possible to prevent attackers from exploiting a flaw in how the operating system handles media files.
The “critical” bulletin (MS16-027) patches an issue that could allow an attacker to remotely execute code or malware as the logged-in user.
The “critical” bulletin (MS16-027) patches an issue that could allow an attacker to remotely execute code or malware as the logged-in user.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ece1cc35ca&e=20056c7556
Data breaches often result in CEO firing
According to Warren Buffet, “It takes 20 years to build a reputation and five minutes to ruin it.
If you think about that, you’ll do things differently.” The “2015 Cost of Data Breach Study: Global Analysis” from the Ponemon Institute shows that companies suffer a higher churn rate, increased customer acquisition costs, reputation losses and diminished goodwill due to an information security breach.
The 2015 Information Security Breaches Survey, conducted by PwC states. “When asked what made a particular incident ‘the worst’, 16 out of the 39 organisations who responded cited that it was the damage to their reputation which had the greatest impact.
This is an increasing trend, up from 30 percent of respondents in 2014 to 41 percent this year.”
Lastly, from the Global Risk Management Survey 2015, quoting Greg Case, CEO of Aon, “For the first time since 2007, damage to brand and reputation has emerged as the top-ranked risk in our survey.
Interestingly, cyber risk has entered the top 10 for the first time this year.
The connection between these two risks has been felt around the world in 2014, as a rash of data breaches demonstrated the fragile nature of consumer trust in leading corporations.”
Regulatory attention increases the likelihood of fines and an additional cycle of negative publicity.
Even with increased regulatory attention and negative press, fines are still relatively rare when compared with the volume of breaches reported.
Regulators have been warning that information security breaches will see increased scrutiny and higher fines.
Last year’s record breaking fines from the US Federal Communications Commission and recent enforcement action from the US Federal Trade Commission have shown these warnings to be far from idle.
Information security breaches directly affect the reputation of a business, but it is unclear how detrimental that is to the bottom line.
Only TalkTalk suffered significant reduction in their share price.
There is little doubt that heavily publicized information security breaches will draw the attention of regulators.
There is less certainty that attention will result in a significant fine.
The impact of the cybersecurity breach on the CEOs of Target, Home Depot and Sony was more severe than the impact on their company’s.
They were no longer in their positions within six months of the breach.
The apparent six-month window is still open for TalkTalk’s CEO.
The long-term risks of an information security breach to companies appear to be changing, but the near-term risk to corporate CEOs seems clear.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b3e4c0d335&e=20056c7556
DHS Releases Guidance for Sharing Cyber Threat Indicators and Defensive Measures
The US Department of Homeland Security (DHS) issued guidance to facilitate and promote timely and proper sharing of cyber threat indicators (CTIs) and defensive measures (DMs) under the Cybersecurity Information Sharing Act of 2015 (CISA), which was passed as part of the Cybersecurity Act of 2015.
The DHS also released guidance about interim procedures for federal entities related to receiving cyber threat indicators and defensive measures, privacy and civil liberties, and how to assist nonfederal entities with sharing cyber threat indicators and defensive measures with federal entities.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=41b8785781&e=20056c7556
Training? What training? Workers’ lack of cybersecurity awareness is putting the business at risk
Human error is responsible for the worst data breaches and, because of a lack of cybersecurity awareness, organisations are risking their reputation, customer trust, and potentially their bottom lines when employees mishandle data.
These are the messages from research into approaches to cybersecurity within organisations conducted by AXELOS, a joint venture setup by the UK government and Capita to nurture best practice in business; and it makes grim reading.
The report suggests that organisations are ultimately failing to protect themselves against cyberattacks because even if staff are being provided with cybersecurity training, it isn’t adequately informing them about good practice.
Nick Wilding, head of cyber resilience best practice at AXELOS, argued that the research demonstrates how there’s no “silver bullet” for cybersecurity, especially given how “staff should be [businesses’] most effective security control but are typically one of their greatest vulnerabilities”.
Alongside the research, AXELOS has published advice on cybersecurity awareness training which organisations should include “as a minimum” when attempting to educate staff in how to best prevent data breaches.
It suggests employees should be aware of threats such as phishing and social engineering, as well as being taught the importance of a strong password and good handling information technique.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e72483db93&e=20056c7556
How effective are orgs at detecting and investigating cyber threats?
Only 24% percent of organizations surveyed indicated that they were satisfied with their ability to detect and investigate threats.
Only 8% of those organizations feel they can detect threats very quickly with only 11% that can investigate threats very quickly.
There is a staggering imbalance between organizations that collect perimeter data (88%), and data from modern IT infrastructures (Cloud-based infrastructure 27%, Network Packet 49%, Identity Management 55%, and Endpoint 59%).
“This survey reinforces our greatest fear that organizations are not currently taking, and in many cases are not planning to take, the necessary steps to protect themselves from advanced threats.
They are not collecting the right data, not integrating the data they collect, and focusing on old-school prevention technologies.
Today’s reality dictates that they need to plug gaps in visibility, take a more consistent approach to deploying the technologies that matter most, and accelerate the shift away from preventative strategies.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3c9c9b85dd&e=20056c7556
DHS to Launch Insider Threat Database
The system will allow DHS to manage insider threat inquiries, investigations, and other activities associated with complaints, inquiries, and investigations regarding the unauthorized disclosure of classified national security information.
The plan notes that threats include attempted or actual espionage, subversion, sabotage, terrorism, or extremist activities directed against DHS and its personnel, facilities, resources, and activities; unauthorized use of or intrusion into automated information systems.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bea32b407b&e=20056c7556
Reviewing incident response plans for data risk preparedness
The point of reviewing an incident response (IR) plan is to ensure that it still addresses the real risks that an enterprise faces.
To update an IR plan to include new risks, an organization must have ample resources that provide an awareness of at least the moderate to high risks.
These are the risks that are most likely to result in damage.
The Baker Hostetler Data Privacy Monitor blog, DataLossDB, the data breach section of the Privacy Rights Clearinghouse, Data Breach Watch, data breach search results on Statista, and the Office of Inadequate Security are all good resources for reports of data breaches.
With these the enterprise can begin to approach a broader list of information risks that may affect the organization.
Enterprise IRTs must know the organization’s data types, purposes, and value as well as the data’s current and potential locations and the paths between those in order to know what risks really apply to their enterprise information.
The density of the details in the step-by-step instructions in an IR plan should fit the expanse and manifold nuances of the organization and data that it defends.
A simple organization could best benefit from a simple plan.
A larger, more involved enterprise could require new components and instructions in the IR plan for each additional element of concern to the business.
Regulations will almost certainly magnify enterprise complexity and the complexity of the IR plan. “Healthcare companies need to include procedures for conducting a breach risk assessment pursuant to HIPAA regulations,” says Koller.
Laws and regulations are important external factors that can reshape components of an IR plan.
“This past year, several states amended their statutes to include usernames and passwords that would permit access to an online account,” says Koller.
Breaches affecting those states can now require notification, even where only usernames and passwords are compromised.
Changes in personnel can rob the IRT of valuable information and necessitate changes to contact information.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3490fb82f4&e=20056c7556
5 ways to stop malware in the cloud
It’s critical to have real-time backup of critical cloud-based content so prior versions of data can be easily accessed.
That’s a great way to thwart ransomware.
Enterprises need tools to look for malware in cloud data at rest.
Enterprises need to identify malware and detonate it inside of a sandbox.
Also, enterprises need to be constantly on the lookout for anomalous behavior.
For example, lots of files moving all at once.
Finally, companies need to monitor the network for data exfiltration, using DLP tools to block data from leaving the network in real time.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=045f6c6809&e=20056c7556
Beazley Breach Insights 2016 shows sharp increase in hacking and malware
NEW YORK, March 8, 2016 — Beazley, a leading provider of data breach response insurance, today released its Beazley Breach Insights 2016 findings based on its response to over 2,000 breaches in the past two years.
The specialized Beazley Breach Response (BBR) Services unit responded to 60% more data breaches in 2015 compared to 2014, with a concentration of incidents in the healthcare, financial services and higher education sectors.
Breaches caused by either hacking or malware nearly doubled in relative frequency over the past year.
In 2015, 32% of all incidents were caused by hacking or malware vs. 18% in 2014.
Unintended disclosure of records – such as a misdirected email – accounted for 24% of all breaches in 2015, which is down from 32% in 2014.
The loss of non-electronic physical records accounted for 16% of all breaches in 2015, which is unchanged from 2014.
The proportion of breaches involving third party vendors more than tripled over the same period, rising from 6% of breaches in 2014 to 18% of breaches in 2015.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d11afca61e&e=20056c7556
Fewer than 7,000 Mac computers infected with ransomware: Report
Over the weekend experts with Palo Alto Networks said the ransomware was found in version 2.90 of the BitTorrent app called “Transmission.” Ransomware is a type of malicious software that encrypts files on a user’s computer and asks for money in exchange for unlocking data.
Over the weekend experts with Palo Alto Networks said the ransomware was found in version 2.90 of the BitTorrent app called “Transmission.” Ransomware is a type of malicious software that encrypts files on a user’s computer and asks for money in exchange for unlocking data.
The malicious software – dubbed “KeRanger” – waits three days before encrypting info on the infected Mac and then asks for one Bitcoin (about CAD$548) in ransom, according to researchers.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8d09580dc8&e=20056c7556
ASIS, (ISC)² and ISACA to collaborate on new standard
ASIS International, (ISC)² and ISACA have signed an MOU to develop a Security Awareness American National Standard.
This guidance standard will address the intersections of physical, cyber and information security management to help organizations of all sizes maximize protection of people, property, and assets.
ASIS, (ISC)² and ISACA will form a joint technical committee and working group to develop the standard, soliciting input from security experts around the globe.
The committee will operate under ASIS’s ANSI-accredited process to develop an American National Standard that can be applied anywhere in the world.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=78a62f5414&e=20056c7556
SA is top cyber crime target in Africa
South Africa will be 2016’s top target for cyber crime in Africa, according to Control Risks.
This emerged in the company’s Riskmap 2016, an international report on the most significant underlying trends in global risk and security, which Control Risks has compiled for more than 20 years.
“The five African nations with the highest number of active malicious IP addresses are South Africa, Egypt, Kenya, Tunisia and Botswana,” said John Nugent, senior analyst for Control Risks’ Cyber Threat Intelligence.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=344e9394ed&e=20056c7556
Home Depot agrees to pay customers $20M to settle that massive 2014 hack
The retail giant said Tuesday it’s agreed to pay a minimum of $19.5 million in compensation to customers caught up in the incident that saw cybercriminals nab payment card information and email addresses belonging to tens of millions of Home Depot shoppers.
If approved by the courts, the settlement will take care of nearly 60 proposed class-action lawsuits that resulted from the security breach, though Home Depot has always denied any wrongdoing or liability.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b0ce2ce9e0&e=20056c7556
Huge Shortfall in Security Operations Experts Amid Growing Cyberattacks
A new survey has uncovered a massive shortfall in qualified security experts needed to maintain the average Security Operations Center (SOC) which monitoring the operations of a corporation’s digital footprint.
The results of the seventh (ISC)² Global Information Security Workforce Study (GISWS) conducted by Frost & Sullivan for the (ISC)² Foundation with the support of Booz Allen Hamilton, found 45 percent of hiring managers reporting that they are struggling to support additional hiring needs and 62 percent of respondents reporting that their organizations have too few information security professionals.
These findings were reported despite security spending increases across the board for technology, personnel and training; rising average annual salaries; high rates of job satisfaction and low rates of change to employment status.
The analysts from Frost & Sullivan forecast a shortfall of 1.5 million experienced Security Operations experts by 2020.
The report said: “Today’s CISOs and CIOs need to start forcing more integration into their operations — that is, better leveraging automation and building the right skills with the right tools among staff to get the right results.
In today’s connected society, the dangers of this workforce shortage are far-reaching and serious.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5e2fc00f28&e=20056c7556
Study Reveals Popular Android Apps Interact with Risky Websites
NJIT computer science professor Iulian Neamtiu helped to create an Android URL Risk Assessor (AURA), to detect risks associated with well-intentioned apps, which contain URLs to malicious and questionable domains.
The team developed a systematic and comprehensive tool called AURA (Android URL Risk Assessor), to focus on a lesser-studied security aspect of apps, which uses both static (bytecode) analysis and dynamic (execution) analysis.
‘We found that 1,187 (8.8 percent) of the good apps communicate with malicious websites, 15 percent of the good apps communicate with bad websites and 74 percent of the apps talk to websites containing material not suitable for children,’ reveals Neamtiu. ‘Interestingly, we found that not all URLs that bad apps connect to are bad as well, because many malicious apps are created by injecting a malware veneer into a benign app.’
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=33d3da128a&e=20056c7556
Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015
STERLING, Va. – Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today released preliminary data that shows April, February, October and December as the most popular months for DDoS attacks.
The report, compiled from 2015 data from Neustar’s Security Operations Center (SOC), also details the rising threat of multi-vector attacks, a weapon commonly used to plant malware and extract company information.
The winter holiday season accounted for 32 percent of all attacks in 2015.
Attackers took note of the opportunities presented during Cyber Monday and the holiday shopping season, and timed their assaults for maximum impact.
October saw the highest number of attacks with 12.63 percent
December accounted for 11.39 percent of attacks
February received 10.48 percent of hits
April had 9.04 percent of attacks
tatistics from Neustar’s Security Operations Center uncovered:
47 percent of all multi-vector attacks occurred in the fourth quarter
42.6 percent of multi-vector attacks were less than 1 Gbps
57 percent of all multi-vector attacks involved reflection attacks
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f41383f44e&e=20056c7556
Unfortunately, it’s a jungle out there in cyberspace! Deutsche Telekom is offering simple and effective solutions at CeBIT
Deutsche Telekom’s honeypots are now registering four to six million attacks per day
Deutsche Telekom is introducing a range of new products that will provide effective digital shielding – for companies of all sizes and for private customers – against an extremely wide spectrum of cyber attacks.
At CeBIT 2016, prior to the launch of its new Telekom Security organizational unit, the Deutsche Telekom Group is showing new products from its Magenta Security Portfolio.
The key principle behind all the new products is that security needs to be simple.
Security tools and measures can only be effective when they are actually used, and they get used only when they are easy to use and understand.
In introducing its new portfolio, Deutsche Telekom is aiming for a clear goal: to build on its market leadership in Germany and to gradually extend that leadership to the entire European market.
One key statistic from Deutsche Telekom’s private-customer business suffices to show that customers often fail to use security solutions or to use them properly: each month, the company sends over 220,000 emails and letters to customers whose computers have been roped into illegal botnets, for activities such as high-volume spamming.
In addition, Deutsche Telekom receives some 2.1 million tipoffs about suspected abuse each month.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4d775ebd7d&e=20056c7556
BAE Systems’ research reveals 40% of U.S. executives are unsure of the cyber security measures their Companies have in place
BAE Systems today revealed new research which shows that more than 40% of surveyed executives in the U.S. are unsure or don’t have a clear understanding of the cyber security protocols that are in place within their organization, despite 70% recognizing that data breaches are a threat to their company.
Additionally, although 70% of companies do have cyber defense training programs in place, these are only implemented once or twice a year, leaving organizations vulnerable to attacks.
‘Cyber security training needs to be more than an infrequent, ‘tick-the-box’ activity for it to have any sort of lasting impact on improving employee awareness.
Programs need to have a cognitive element to ingrain these practices into employees’ daily routines and empower them to be more engaged, increase their knowledge of bad practices and awareness of the most common threat techniques.’
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=51f9c59347&e=20056c7556
TrendMicro published an interesting analysis of the principal cyber criminal underground communities in the Deep Web worldwide.
The researchers who analyzed illegal activities in the Deep Web have identified at least six different cybercriminal ecosystems operating in Russia, Japan, China, Germany, in the United States and Canada (North America), and Brazil.
“Each country’s market is as distinct as its culture.
The Russian underground, for instance, can be likened to a well-functioning assembly line where each player has a role to play.
It acts as the German market’s “big brother” as well in that it greatly influences how the latter works.
The Chinese market, meanwhile, boasts of robust tool and hardware development, acting as a prototype hub for cybercriminal wannabes.
Brazil is more focused on banking Trojans while Japan tends to be deliberately exclusive to members.” states the report.
The Russian underground is defined “a well-functioning assembly line,” it is an ecosystem crowded by professional sellers that competing each other by providing goods in the shortest amount of time and most efficient manner possible.
Marketplaces like fe-ccshop.su and Rescator that offer products and services for credit card frauds are very popular in the criminal underground worldwide.
The Japanese underground is characterized by members only bulletin board systems, the criminals make large use of special jargon to evade the authorities.
This market is characterized by the attitude in accepting more unusual kinds of payment, including gift cards and forum points instead of bitcoins or cash paid via money transfer.
“The Chinese underground is a teeming hub of prototypes.
It not only sells the usual array of software and services found in its counterparts, but also hardware.
It adapts the fastest to the latest in cybercrime trends and leads the way in terms of cybercriminal innovation.
And true to its adaptive nature, it now boasts of uncommon offerings like leaked-data search engine privacy protection services that can only be dubbed “made in China.” states the report.
The North American underground is considered the most open to novices, it is visible to both cybercriminals and law enforcement, meanwhile the Canadian underground is focused on the sale of fake/stolen documents and credentials (fake driver’s licenses and passports, stolen credit card and other banking information, and credit “fullz” or complete dumps of personal information).
The researchers who analyzed illegal activities in the Deep Web have identified at least six different cybercriminal ecosystems operating in Russia, Japan, China, Germany, in the United States and Canada (North America), and Brazil.
“Each country’s market is as distinct as its culture.
The Russian underground, for instance, can be likened to a well-functioning assembly line where each player has a role to play.
It acts as the German market’s “big brother” as well in that it greatly influences how the latter works.
The Chinese market, meanwhile, boasts of robust tool and hardware development, acting as a prototype hub for cybercriminal wannabes.
Brazil is more focused on banking Trojans while Japan tends to be deliberately exclusive to members.” states the report.
The Russian underground is defined “a well-functioning assembly line,” it is an ecosystem crowded by professional sellers that competing each other by providing goods in the shortest amount of time and most efficient manner possible.
Marketplaces like fe-ccshop.su and Rescator that offer products and services for credit card frauds are very popular in the criminal underground worldwide.
The Japanese underground is characterized by members only bulletin board systems, the criminals make large use of special jargon to evade the authorities.
This market is characterized by the attitude in accepting more unusual kinds of payment, including gift cards and forum points instead of bitcoins or cash paid via money transfer.
“The Chinese underground is a teeming hub of prototypes.
It not only sells the usual array of software and services found in its counterparts, but also hardware.
It adapts the fastest to the latest in cybercrime trends and leads the way in terms of cybercriminal innovation.
And true to its adaptive nature, it now boasts of uncommon offerings like leaked-data search engine privacy protection services that can only be dubbed “made in China.” states the report.
The North American underground is considered the most open to novices, it is visible to both cybercriminals and law enforcement, meanwhile the Canadian underground is focused on the sale of fake/stolen documents and credentials (fake driver’s licenses and passports, stolen credit card and other banking information, and credit “fullz” or complete dumps of personal information).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0c05850444&e=20056c7556
Hottest Topics To Come Out Of RSA Conference
Encryption Backdoors
Bug Bounties
Threat Intel
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ab1df8066d&e=20056c7556
International politics of the VPN regulation
As information security guru Bruce Schneier and his Berkman Center for Internet and Society associates brought up in a report a week ago, there are currently around 865 encryption-related items accessible all around the globe.
From voice encryption tools to free and premium VPNs, this business sector extends a long ways past the fringes of the United States.
Today, the encryption economy incorporates no less than 55 distinctive nations crosswise over Europe, Latin America, the Asia-Pacific, and the Caribbean.
As a major aspect of a project having international research, a group of the digital media analysts have been following and looking at universal patterns in VPN use, society, and regulation.
Throughout the most recent year, researchers have been concentrating how VPNs (and other security weapons) are being utilized for stimulation, legislative issues, and correspondence in various nations.
The outcomes have been enlightening.
One of the rising subjects is that distinctive governments take diverse ways to deal with managing VPNs.
In nations with solid Internet oversight, a typical technique is a blend of authoritative bans and system level squares.
In China, home of the world’s most advanced Internet oversight framework, various VPN sites have been blocked from the net under the appearance of a crackdown on unlicensed telecoms administrations.
VPN movement has been upset through profound bundle review and port blocking, as well.
Comparable boycott and block-systems are set up in a few Gulf States, including Bahrain, Oman and Saudi Arabia, and in Pakistan.
Reports recommend that Russia has been considering such a move.
The signs are blended.
Tech liberationists are most likely right to demand that the circulated way of cryptography and encryption imply that tech groups will more often than not discover a path around top-down regulation.
What’s more, administration suppliers have numerous alternatives in the progressing session of whack-a-mole, for example, exchanging locales, changing server runs, and imagining new workarounds.
In the meantime, we ought to be mindful so as not to accept that VPNs, voice scramblers, email encryption, or whatever other innovation items are totally past the limits of regulation at the purpose of utilization and in addition generation.
Security organizations are a long way from weak in this diversion, particularly when the fundamental point is to dishearten uptake no matter how you look at it as opposed to stamp out use among techies.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2f0b0c2f05&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=71a8f8e16d)
Update subscription preferences (http://paulgdavis.us3.list-manage2.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)