ICD Brief 75.
19.02.2018.-25.02.2018.
Greetings from soggy Washington DC. This week’s Brief covers the costs of trade, espionage, vulnerabilities, politics, privacy and updates on laws, regulations and cyber centers from the US, Estonia, the EU, Germany, India, North Korea, the UK and the World Economic Forum. We feature The East West Institute’s New Report on Encryption: A Review . by Dr. Herb Lin in Lawfare.
Problems are BIG. See McAfee: Global Cybercrime Costs Hit $600bn . Check Handelsblatts Europe’s defense systems vulnerable to hacking from the annual Munich Security Conference last week.
Solutions differ: UK Cyber Security Agency Sticks with China’s Huawei Despite US Spy Fears
Size does not dominate solutions and governance as Estonia celebrates its 100th anniversary of independence: Read Independence, innovation, and online voting: How Estonia built itself into a digital paradise .
USA
Exclusive: U.S. official focused on election security will be replaced
Dustin Volz Reuters
The head of a federal commission who has helped U.S. states protect election systems from possible cyber attacks by Russia or others is being replaced at the behest of Republican House of Representatives Speaker Paul Ryan and the White House.
SEC moves to quash insider trading on cyber breach news
Derek B. Johnson fcw
“The Securities and Exchange Commission released new guidance on Feb. 21 that provides additional details for how publicly traded companies should be handling data breach disclosures.”
Xcerra is latest chip company to give up on Chinese acquisition after U.S. resistance
By Jeremy C. Owens MarketWatch
Xcerra Corp. XCRA, +0.10% called off its acquisition by a Chinese entity Thursday afternoon, the latest attempt at a Chinese purchase of a U.S. chip company to be scuttled amid resistance from the U.S. federal government.
WHATSAPP CO-FOUNDER PUTS $50M INTO SIGNAL TO SUPERCHARGE ENCRYPTED MESSAGING
MIKE BLAKE/REUTERS Wired
“On Wednesday, the creators of Signal announced the launch of the Signal Foundation, which will build and maintain Signal and potentially other privacy-focused apps to come, too. WhatsApp co-founder Brian Acton has also joined as the foundation’s executive chairman, his first new role since leaving WhatsApp last fall.”
McAfee: Global Cybercrime Costs Hit $600bn
Phil Muncaster Infosecurity
“Global cybercrime now costs nearly $600bn annually, with two-thirds of the world’s netizens having had their personal information stolen or compromised, according to a new McAfee report
The Economic Impact of Cybercrime – No Slowing Down report was compiled in partnership with non-profit the Centre for Strategic and International Studies (CSIS).”
Baltics/Estonia
Independence, innovation, and online voting: How Estonia built itself into a digital paradise
Karoli Hindriks City AM
“This Saturday, my native country, nestled in a remote corner of the Earth about 500 miles south of Santa’s village, celebrates its hundredth year of independence.
Today, Estonia is probably the most digitally advanced country in the world. As the New Yorker magazine recently put it: “Its government is virtual, borderless, blockchained, and secure. Has this tiny post-Soviet nation found the way of the future?”
Estonia Will Set Up Data Embassy in Luxembourg
Savannah Delgross Transitions Online TOL
“A bill to establish the world’s first data embassy in Luxembourg passed through the first reading in the Estonian parliament (Riigikogu) on Tuesday, reports ERR News, the news service of the Estonian public broadcaster, citing BNS. The document still needs to be ratified by the Estonian parliament, while lawmakers in Luxembourg have already approved it.”
EU
Eleven Member States Back EU Controls on Selling Spyware
By Catherine Stupp | EURACTIV.com
“Eleven EU countries have signalled their support for draft rules that would place export restrictions on companies selling surveillance technologies, a leaked working paper shows.”
Germany
Europe’s defense systems vulnerable to hacking
Torsten RieckeDonata Riedel Handelsblatt Global
“At this year’s Munich Security Conference, military experts discussed what they believe to be the biggest threat facing Europe’s NATO members: cyber attacks.”
India
Indian Firms Look for Cybersecurity Cover
By Sanghamitra P
“With the rise in cybersecurity attacks in the last few years, companies from across sectors like manufacturing, auto, IT, BFSI and other government bodies are now pouring millions into buying cyber insurances. In India, however, only a handful of companies have started selling the product including Bajaj Allianz, Marsh among others.”
India Inc Sees Rise in Talent Gap in Cybersecurity Skills
The Economic Times
“As companies tighten focus on containing cyber risks, they are witnessing a significant rise in digital talent gap, especially in terms of cybersecurity skills, says a report.”
North Korea
Study Reveals North Korean Cyber-Espionage Has Reached New Heights
David Taylor in New York The Guardian US Edition
“An increasingly sophisticated North Korean cyber-espionage unit is using its skills to widen spying operations to aerospace and defence industries, a new study has revealed.”
UK
UK Cyber Security Agency Sticks with China’s Huawei Despite US Spy Fears
Matthew Field Telegraph
“The UK’s top cyber security agency has reaffirmed its commitment to working with Chinese smartphone giant Huawei after US spy chiefs accused the company of presenting a national security risk
National Cyber Security Centre Releases NIS Directive Guidance
Latham & Watkins LLP Lexology
“The UK agency’s principles-based guidance on cybersecurity for OES adds important detail to NIS Directive obligations.”
World Economic Forum
World Economic Forum Centre for Cybersecurity Ready for Launch
Christopher Prawdzik Homeland411
“The World Economic Forum (WEF) is set to launch its new Global Centre for Cybersecurity (GCC) in March. It’s an effort to provide resources and guidance to WEF members and other partners on ever-pressing issues of global cybersecurity.”
Feature
The East West Institute’s New Report on Encryption: A Review
By Herb Lin Lawfare
“There is much to commend about the report. It provides a clear explanation of many issues that are clearly relevant—indeed, central—to the debate over encryption policy. It explicitly articulates tradeoffs. It describes a process to help formulate policy regimes based on three factors: techniques that law enforcement might use to obtain plain text; limitations that might be placed on these techniques; and specifics of the particular information technology environment in which these techniques might be applied.”