Tag: Policy

Security Ledger Editor In Chief Paul Roberts speaks with Chenxi Wang of Twistlock at The RSA Conference. (Image courtesy of RSA Conference)

Interview: Chenxi Wang on Information Security’s Mr. Robot Problem and Enforcing IoT Standards

In-brief: In an interview with Security Ledger Editor in Chief Paul Roberts, Chenxi Wang of the firm Twist Lock talks about information security’s “Mr. Robot” problem and the need for standards for the Internet of Things. 

The FTC announced a $2.2 million settlement with smart TV maker Vizio after the company was caught selling customer viewing information without consent.

TV Maker Vizio Settles with FTC Over Selling Viewer Data

In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.

In our inaugural edition of Security Ledger Live, we speak with Lance James, Chief Scientist at the firm Flashpoint.

Security Ledger Live: Interview with Lance James of Flashpoint

In-brief: in our inaugural Security Ledger Live, we speak with Lance James, the Chief Scientist at the firm Flashpoint about ransomware, the care and feeding of security talent and the news of the week. 

Cyber Attribution: What is It good for? | TrendLabs

Cyber Attribution: What is It good for? | TrendLabs

In-brief: The folks at Trend Labs take apart the recent EyePyramid malware attacks on high profile targets in Italy to talk about the risk of doing cyber attribution badly, and whether its even worth while.

A bipartisan group of Senators issued a resolution calling for a clear, national plan to promote development of the Internet of Things.

Republican bill aims to bolster U.S. attack attribution capabilities

The problems that surround cyber attribution came into sharp relief in recent weeks, as the Department of Homeland Security and FBI attempted to pin attribution for the hacking of Democratic party organizations on hackers affiliated with the government of Russia, with only mixed success. Attribution was again an issue after The Washington Post -citing the DHS and FBI report- said Russians had hacked their way into the U.S. electrical grid by way of a Vermont utility. That report was eventually walked back as more evidence emerged about the incident.  Pointing the finger of blame – it turns out – is easier said than done in matters of cyber espionage and cyber war. Now the folks over at Cyberscoop point to a new bill designed to boost the government’s ability to do cyber attribution and foster government-industry ties. New cybersecurity legislation aims to bolster the U.S. government’s attribution capabilities as well […]