policy

Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair

Cybersecurity luminaries including Bruce Schneier, Gary McGraw, Joe Grand, Chris Wysopal and Katie Moussouris are backing securepairs.org, countering industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk.

Cyber Attacks May Be Early Consequence of Trump Exiting Iran Nuclear Deal

President Trump’s decision to exit from the Iran nuclear deal doesn’t bode well for U.S. cybersecurity and likely will spur cyber attacks on a number of U.S. industries from the Islamic State, a new report from Recorded Future has found.

Child Smart Watches

Podcast: Why Germany wants Smart Watches destroyed and One Nation Under Trolls

Podcast: Play in new window | Download (Duration: 48:59 — 89.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger podcast, sponsored by our friends at CyberArk, we talk about the German government’s recent decision to declare kids smart watches “surveillance devices” and to order their destruction. Also: Adrian Shabaz of Freedom House comes in to talk to us about the latest Internet Freedom report, which finds that governments are increasingly manipulating online content to shape online discussions and even the outcome of elections at home and abroad. And finally: leaked credentials in a GitHub repository may have been behind Uber’s loss of information on some 50 million customers. In a preview of a Security Ledger spotlight podcast, we hear from Elizabeth Lawler of CyberArk about the proliferation of so-called “Dev Ops secrets” and how companies need to do a better managing the permissions assigned to applications. 

Hacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security

Podcast: Play in new window | Download (22.3MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: on this week’s Security Ledger Podcast, we delve deeper into the question of maritime cyber security, speaking with noted researcher Ruben Santamarta of the firm IOActive about the work he’s done exposing vulnerabilities in the software that runs both commercial and navy vessels. Also: Alan Brill of Kroll joins us to talk about The Internet of Things Cybersecurity Improvement Act. And we talk to Maria Loughlin of the firm Veracode about a new survey that suggests undergraduate computer science majors aren’t receiving adequate instruction in cyber security. 

Petya Malware may be an Early Test of Muscular Trump Cyber Doctrine

In-brief: In the hours before the Petya malware began circulating, two high level Trump Administration officials called for a tougher stand against online actors who sow chaos. The question now is how the Administration will react.