Laws, Policy, Regulations

Symantec Denies Russia's Request for Source Code Access

Symantec Denies Russia's Request for Source Code Access

Security firm Symantec will no longer allow Russian authorities to inspect its source code, according to Reuters. "It poses a risk to the integrity of our products that we are not willing to accept," the company's Kristen Batch said. The worry is that by allowing the supposedly independent Federal Security Service (FSB) to examine source code, it would give Russia an inside view of potential...

German Police Get Broad Phone and Computer Hacking Powers

German Police Get Broad Phone and Computer Hacking Powers

Germany's coalition government has significantly increased police hacking powers by slipping a last-minute amendment into a law that's nominally supposed to deal with driving bans. While the police have so far only been allowed to hack into people's phones and computers in extreme cases, such as those involving terrorist plots, the change allows them to use such techniques when investigating...

  • More at ZDNet
  • |
  • |
NIST Finalizes Extensive Update of Digital ID Guidelines

NIST Finalizes Extensive Update of Digital ID Guidelines

Federal scientists at the National Institute of Standards and Technology have finalized a major update to their guidelines on digital identity authentication, getting rid of outdated requirements and introducing standards for the use of biometrics and keysticks or other authenticating two-factor tokens. The final document, dubbed NIST Special Publication 800-63, is the 3rd revision of the...

Cyber Laws and Regulations Must Be Strengthened

Cyber Laws and Regulations Must Be Strengthened

A fair number of laws and regulations have been passed in the United States, Europe and elsewhere, all fundamentally designed to force companies and organizations to better protect their systems and data from cyberattacks. The promulgation of cybersecurity laws and regulations underscores the importance of implementing a cyber regulatory framework. If effective, it would reduce the number of...

Under Pressure, Western Tech Firms Bow to Russian Demands to Share Cyber Secrets

Under Pressure, Western Tech Firms Bow to Russian Demands to Share Cyber Secrets

Western technology companies such as Cisco, IBM SAP, Hewlett-Packard Enterprise Co, and McAfee are acceding to demands by Moscow for access to closely guarded product security secrets. The demands are being made by Russia’s Federal Security Service (FSB), which the U.S. government says took part in the cyberattacks on Hillary Clinton’s 2016 presidential campaign. The requests, which have...

Google Tells Governments to Update Data Laws

Google Tells Governments to Update Data Laws

Alphabet Inc.’s Google emphasized their desire for reforms of the Electronic Communications Privacy Act along with international data access laws, asking U.S. and foreign lawmakers Thursday to take another look at the current international data access laws governing the digital evidence acquisition process. Speaking at the Heritage Foundation, Google’s Senior Vice President and General...

Trump's Cybersecurity EO is 'Terrible' Says Ex AT&T CISO

Trump's Cybersecurity EO is 'Terrible' Says Ex AT&T CISO

"The executive order was terrible," said Ed Amoroso, the former chief security officer of AT&T, at the 2017 Borderless Cyber conference in New York. "It's this amazing jumble of page after page after page of requesting reports... Who the hell is reading all those, and who's writing them? A thousand reports are just going to confuse us all." What Amoroso thinks the Trump administration needs to do...

China: Authorities Release Catalog of Network and Cybersecurity Products

China: Authorities Release Catalog of Network and Cybersecurity Products

On June 9, 2017, the Cyberspace Administration of China (CAC), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch). It specifies network products that must be certified before they can be marketed in China. China’s Cybersecurity Law requires certain “critical network equipment and network security products” to go...

Why the NIST Framework Should Be the Common Language of Cybersecurity

Why the NIST Framework Should Be the Common Language of Cybersecurity

There is no doubt the importance of cybersecurity has exploded exponentially over the past few years, culminating in 2016-2017, when it seems to dominate headlines on a daily basis. The United States needs to determine exactly how we are going to exist and communicate in cyberspace. People cannot participate in cyberspace by simply creating and disposing of their own rules, nor can people exist...

UK: ICO Fines Grocers Morrisons for Sending Unwanted Emails to Its Customers

UK: ICO Fines Grocers Morrisons for Sending Unwanted Emails to Its Customers

The Information Commissioner's Office (ICO), UK, has run an investigation and concluded that Morrisons intentionally sent thousands of marketing emails to its card members. Despite opting out of receiving them, Morrisons More card members received emails related to their More card, according to the ICO's report. A total of 130,671 emails sent in October and November 2016 with the subject line...

Erosion of ISP Privacy Rules Incites New Anti-Snooping Efforts

Erosion of ISP Privacy Rules Incites New Anti-Snooping Efforts

Since Congress voted to prevent the implementation of new ISP privacy protections there has been a committed and sometimes loud call for new rules. The fear is, without adequate safeguards in place, ISPs will be free to build detailed customer profiles that include names, addresses and online activities. That data can then be sold to, or used by, an advertiser without the user’s consent....

Thailand Proposes Cyber Network Scrutiny, Law to Toughen Online Monitoring

Thailand Proposes Cyber Network Scrutiny, Law to Toughen Online Monitoring

Thailand aims to buy software to strengthen the military government's ability to track online networks and monitor online activity while planning a cyber law that will expand powers to pry into private communications. The Digital Economy Ministry aims to spend 128.56 million baht ($3.8 million) on software including a "social network data analysis system" to monitor and map individuals and...

European Union Suggests a Ban on Encryption-busting Backdoors

European Union Suggests a Ban on Encryption-busting Backdoors

Governments believe that backdoors are silver bullets for tackling terrorism, while people who understand technology say that backdoors are a big problem that could undermine everyone's security and ruin the internet for everyone. View of the European Union: The European Parliament's Committee on Civil Liberties, Justice and Home Affairs has come to the conclusion that secure is better and has...

Australia Push to Make Decryption Easy, Could Threaten Global Internet Security

Australia Push to Make Decryption Easy, Could Threaten Global Internet Security

An Australian push to persuade western intelligence partners to make it easier to decrypt messaging services and devices could “threaten global internet security,” privacy and free speech advocates have warned. Australia’s attorney general, George Brandis, said this week he would approach the Five Eyes intelligence network – made up of the US, the UK, Canada, New Zealand and Australia –...

5 Questions to Ask About the GDPR to Your CISO

5 Questions to Ask About the GDPR to Your CISO

The European General Data Protection Regulation (GDPR) comes into force on May 25, 2018, and it will have a huge impact on the way businesses store and collect personal information belonging to those located in the European Union (EU). To help IT teams understand how the requirements of the GDPR may affect their organizations, here are five important questions they should be asking their CISOs to...

Lawmakers Voice Fears over Internet Devices Security

Lawmakers Voice Fears over Internet Devices Security

House lawmakers on Tuesday voiced fears about cyber threats to mobile and internet-connected devices, soliciting feedback from authorities in the private sector about how to ensure their security. At a hearing, members of a House Energy and Commerce subcommittee heard from a panel of cybersecurity experts about the compounding threats to smartphones as well as the expanding attack surface...

Get the latest updates on the cyber laws, policies and regulations

The increasing use of cyberspace for personal and official work by the citizens has necessitated new laws for governing the cyberspace. Data privacy laws and data protection laws have assumed utmost importance. Whenever a new data protection regulation or a new data protection law is passed by the government, it is meticulously debated and discussed by the experts and non-experts alike because it affects everyone. It is essential to note that laws and regulations reflect the policy of the government. This category provides expertly curated cyber security news on all the laws, policy and regulations related to cyberspace and the different types of security policies adopted by the government and the corporate sector alike. These include but are not restricted to IT security policy, network security policy, data security policy, data protection policy and information system security policy.