Will TikTok Make Good on Privacy Promises?

TikTok has a problem. Researchers continue to turn up oddities with respect to the storage of user data/information. The timing, of course, is precarious for TikTok, as they are under review by the Committee on Foreign Investment in the United States (CFIUS) and calls are being made by members of ... Read More
Security Boulevard
GPT OpenSSF AI ML Darktrace Concentric supply chain Palo Alto AI partnership ai

White House Proposes a Path to a US AI Bill of Rights

The White House Office of Science and Technology Policy (OSTP) has issued a proposed AI “bill of rights” to codify how artificial intelligence and automated systems should engage with the citizens of the United States. The proposal isn’t a pithy recommendation; rather, it is a well-thought-out presentation designed to engage ... Read More
Security Boulevard
government legacy remote work cities mayors collaboration remote workforce security

How Governments Request Your Data From Service Providers

A recently-released Surfshark report looked into global inquiries into the activities of specific accounts made by governments to service providers. The report found the United States “requests the most user data from big tech companies.” While the company characterizes government requests as “surveillance,” I prefer the term “inquiry.” The Surfshark ... Read More
Security Boulevard
disinformation deep fakes social engineering What Does Fake News Have to Do With Cybersecurity

Unpacking China’s (Dis)information Operations

When U.S. House of Representatives speaker Nancy Pelosi visited Taiwan, it riled up the People’s Republic of China, which immediately energized their military with land, sea and air activities intended to intimidate. But China also accelerated their disinformation and misinformation activities that are intended to shape world opinion and muddy ... Read More
Security Boulevard
business, risk, cyber, CRQ, TPRM risk management register

Why You Need a Third-Party Risk Management (TPRM) Program

What entity, or sector doesn’t engage with a third party in some way, shape or form? Not many. The reality is that outsourcing, contracting and subcontracting happen all the time and is the norm as businesses continue to embrace the core/context mindset and division of labor. The more you outsource, ... Read More
Security Boulevard
Fick memo US cybersecurity

Fick Nominated to Lead Bureau of Cyberspace and Digital Policy

The Senate Foreign Relations Committee held a hearing on the nomination of Nathaniel Fick for the role of U.S. Ambassador-at-Large for Cyberspace and Digital Policy. The committee will now vote on sending the nomination forward to the Senate for confirmation. Cyberspace Solarium Commission Fick was introduced to the committee by ... Read More
Security Boulevard
Caliptra semiconductor Ukraine cybersecurity Windows remote code printers Bugcrowd

CHIPS for America Act Brings Big Bucks to Semiconductor Industry

To ease the pressure of the semiconductur shortage, the U.S. Senate last week passed the Creating Helpful Incentives to Produce Semiconductors (CHIPS) Act on July 27, 2022 and the House of Representatives passed the bill on July 28. President Biden highlighted his strong support for the bipartisan legislation in both ... Read More
Security Boulevard

Uber’s Latest Shenanigans

The International Consortium of Investigative Journalists (ICIJ), in conjunction with a number of worldwide publications, jointly released an ICIJ investigation, “The Uber Files” which detailed the back room deals and access enjoyed by the company as it went about its “chaotic global expansion.” The source of the Uber Files has ... Read More
Security Boulevard
CISA risk CMMC Understanding the Power of SOAR for Government

House Passes ICS Cybersecurity Training Act

In a predominantly bipartisan vote, the Industrial Control Systems Cybersecurity Training Act was passed by the House of Representatives on the evening of June 21, 2022. The bill, sponsored by Representative Eric Swalwell (D-CA) establishes within the Cybersecurity and Infrastructure Security Agency (CISA) an initiative to provide the cybersecurity workforce ... Read More
Security Boulevard

Invasion of Privacy, Anomaly or New Ethical Abnormal Norm?

Recent events threw into stark relief companies’ abilities to invade your privacy with a few lines of code—and outcomes that raise our eyebrows. Tim Hortons Tracked Users 24×7 In the case of Tim Hortons of Canada, the company ran afoul of the Canadian privacy authorities at both the national and ... Read More
Security Boulevard