Cybersecurity

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.

Voting system data breach notifications – National Academies of Science recommendations for securing voting systems

The National Academies of Science have released Securing the Vote: Protecting American Democracy. The consensus report richly documents how, during the 2016 presidential election, actors sponsored by the Russian government attacked the US voting and election infrastructure. The report assesses the web of technology infrastructures related to voting, and gives detailed recommendations for strengthening these

Privacy News: Historic Data Broker Regulation in the US Welcomed by World Privacy Forum

PDF Version of Release here 24 May 2018  For Immediate Release Historic Data Broker Regulation in the United States Welcomed by World Privacy Forum Vermont: First state to adopt modern rules for unregulated data brokers WPF call for data broker protections to be elevated to national level and provided for consumers in all states in

Comments Due on India’s Data Protection White Paper; Info, resources, & draft comments

  The government of India has published an important white paper discussing its approach to data protection legislation, White Paper of the Committee of Experts on Data Protection Framework for India. The government of India is accepting comments on its white paper until January 31, 2018. This paper is particularly important because of its future impact