Top 10 Stories

Daftblogger: The proposed reforms to the EU data protection rules moved on in March (2014) with the European Parliament proposing a series of amendments under a process begun two years ago by the European Commission. The next step is for the EU Council of Ministers to consider the proposed amendments. Once finally agreed, the new rules are not expected to be applicable until 2016. These reforms are not without controversy, to say the least. Although...

Daily Mail: MI5 has warned large corporations that foreign spy agencies may be secretly recruiting their IT workers in the hope of gathering sensitive information for use in cyber attacks, it has been claimed. The security service is said to have conducted talks with senior figures at a number of leading British businesses in recent months, with the infiltration of IT departments understood to be a top priority. Even the most junior IT worker could...

SC Magazine: Security and tech executives like Target's former CIO won't be the only ones in the cross-hairs after a data breach — corporate board members and other executives may soon bear some of the liability if a lawsuit filed by a Wyndham Worldwide Corporation shareholder sets a precedent. Wyndham shareholder Dennis Palkon filed a derivative suit against the hotel chain in U.S. District Court, District of New Jersey, on February 2, accusing Wyndham Worldwide...

SC Magazine: By appointing a CISO, breached organizations stand to fare better in their response efforts, lessening their costs by $10 per compromised record, an annual study found. On Monday, the “2014 Cost of Data Breach Study: United States” was released, offering insight on management efforts which can improve incident response at companies. The ninth annual study, which was sponsored by IBM and conducted by the Ponemon Institute, polled 61 U.S. companies across 16 industries, after...

FireEye: Today, I’m excited to announce that we’ve entered an agreement to acquire nPulse Technologies, the performance leader in network forensics. The acquisition is expected to close during the second quarter of 2014, subject to standard closing conditions. nPulse has the fastest solution available for high-speed full packet capture and indexing. By combining the nPulse products with the FireEye platform, we’re building enterprise forensics capabilities that will enable incident investigation and remediation that no other security vendor can match....

Arstechnica: Mere days after the fitness-tracking app Moves assured users about their privacy after its acquisition by Facebook, the company has changed its privacy policy to allow itself to share data with third parties. The Wall Street Journal reported the changes late Monday, which were pushed as an app update to Moves users. Moves uses a smartphone's accelerometer (or the M7 processor in the case of the iPhone 5S) to passively track a user's walking, cycling, running, or driving activity....

Threatpost:The House Judiciary Committee has added a variety of new language to a bill that would rein in much of the government’s surveillance operations as permitted under the USA PATRIOT Act. While some of the revisions have received praise, certain phrases repeated throughout the bill have drawn negative attention for their lack of clarity or definition. First made public in late October of last year, the USA FREEDOM Act was designed to counteract “the dragnet collection of...

The Hill: The United States Government must rethink its domestic cyber defense strategy. Even though the Departments of Homeland Security (DHS) and Defense (DOD) have the nominal lead in defending America from cyber-attack, no federal agency has been tasked to protect key infrastructure during a significant cyber incident. Treating cyber disasters far differently from physical ones is a mistake because it deprives the country of a powerful resource, the National Guard. The upcoming National Defense Authorization Act...

ZDNet: Heartbleed is a great example of how spectacular security failures grab the popular imagination. There is another set of problems much less sexy and harder to fix: keeping standards progressing. As it happens, Heartbleed creates an opportunity to advance one of these standards: cryptographic hashes. Because of their importance, a great deal of research, both black- and white-hat, is done on the important crypto functions. Over time, weaknesses will appear in even the state-of-the-art...

Arstechnica: he FCC's Michael O’Rielly, one of two Republican commissioners since being sworn into office last November, today warned against the commission using what he called "newly invented authority to regulate the Internet." FCC Chairman Tom Wheeler has declined to reclassify broadband as a telecommunications service, which would open Internet Service providers up to the same type of common carriage rules that apply to the country's phone system. But he's continuing to use Section 706 of the Telecommunications Act...