Cyber Security Practitioner

Volume: 2 Issue: 2
(February 2016)


News

The Joint Committee released its report on the UK’s draft Investigatory Powers Bill on 3 February, which calls for a significant overhaul of the draft Bill and reiterates the call for clarity expressed in the two previous Committee reports. / read more

Blogger Troy Hunt posted on 9 February that VTech Holdings Ltd has updated its T&Cs to extend its limitation of liability; the T&Cs state, ‘You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorised parties.’ / read more

US President Barack Obama announced on 9 February a Cybersecurity National Action Plan (‘CNAP’), which contains actions to inter alia empower citizens to improve their cyber security, to foster cooperation between organisations, and to establish a number of bodies and new roles, including a Commission on Enhancing National Cybersecurity to advise on strengthening cyber security and protecting privacy. / read more

Apple Inc. released, on 16 February 2016, a customer letter (‘the Letter’) further to a US District Court Order (‘the Order’) released the same day, requiring Apple to assist law enforcement agents in obtaining access to the data on the mobile device used by one of the San Bernardino suspects during a terrorist attack. / read more


Features

The San Bernardino killer Syed Farook was an evil man, responsible with his wife for the deaths of 14 people and the serious injury of many others in December last year. His dreadful crimes, which the US law enforcement agencies are duty bound to investigate, are again making the headlines, but judging by the tone of some current news reports, Apple is being seen by some as a wrongdoer in this story. What on earth is going on? Like you and me, Farook was an Apple customer and he owned an iPhone, which the US authorities consider may contain the clues to help them understand his crimes and perhaps help prevent others. The authorities want access to the data on his iPhone and they have the backing of a court, but Apple is unwilling to help. Tim Cook has described the dilemma facing Apple as “dangerous, chilling and unprecedented.” 

/ read more

Blockchain, the underlying protocol behind Bitcoin, has received a tremendous amount of attention over the last two years. Whilst initially focused on financial services, new blockchain companies are being founded on a seemingly daily basis, to address challenges in healthcare, supply chain provenance, the Internet of Things, insurance and others. Blockchain technology holds much promise and in this article, Mike Gault, CEO of Guardtime, a provider of cyber security products and solutions that utilise blockchain technology, reviews how the technology works, and argues that cyber security may be its most important application. / read more

Huge numbers of cyber attacks exploit vulnerabilities in computer-based systems and yet vulnerability disclosure is not a straightforward matter, as the discoverer of a vulnerability could face legal risk if they report that vulnerability. Sofie van der Meulen, Attorney at Law at Axon lawyers in Amsterdam, discusses vulnerability disclosure with a particular focus on ENISA’s recent Good Practice Guide on Vulnerability Disclosure and the Dutch approach to this issue. / read more

The US National Institute of Standards and Technology (‘NIST’) Cybersecurity Framework (‘Framework’) is a voluntary, risk-based cyber security standard that was developed by consensus among thousands of participants from government, academia and industry. While the Framework’s immediate purpose was to improve security and resilience in the US, its development was mindful of global needs for more standardisation in vocabulary and policies. Since its release, the Framework has drawn growing interest internationally, making it a valuable guide for all organisations to consider, both in the US and globally. Evan D. Wolff, Maida Oringher Lerner, Peter B. Miller, Matthew B. Welling and Christopher Hoff of Crowell & Moring describe here the Framework’s uses and development, and discuss why it has proven attractive to organisations both in the US and elsewhere, and why this popularity continues almost two years after its original release. / read more

Rolf H. Weber and Dominic N. Staiger of the University of Zurich discuss the delicate balance between privacy and security in the context of the fight against terrorism. They consider the prevailing tensions and the legal surveillance framework in the US and EU regarding data collection, and argue that mass surveillance has so far not been proved to aid the fight against terrorism and thus only serves to encroach on individual privacy rights. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed