Tag Archive for: talk

‘It’s not ideal’: Kansas lawmakers talk security incident that took down online court access


TOPEKA — A dragon spitting fire at the Kansas statehouse, depicted in a Vincent Van Goh style, illuminated the possibilities of Artificial Intelligence to lawmakers during a Wednesday meeting.

An overview of AI creative designs provided some levity before legislators turned to discussion of the state’s changing internet landscape — one that IT officials have repeatedly warned needs to be better secured.

“I’d like to improve our ability to respond and recover from cyber incidents, including testing, tracking and training for known unlikely eventualities,” said Michael Murphy, security engineer with the Kansas Legislative Office of Information Technology.

Murphy said he and other legislative IT staff would look into system security upgrades and improvements before the upcoming legislative session.

“The first priority right now is security awareness training,” Murphy said. “Like I said, the biggest point of failure is going to be the people. So we need to make sure everybody’s trained up on how to do things properly.”

The renewed discussion on internet security comes after a “security incident” that shut down online operations for most of the state’s courts. Kansas’ judicial branch publicly announced the issue on Oct. 12, later indicating that clerks in 104 counties were unable to receive online filings. The Johnson County District Court, which operates its own e-filing and case management system separately from the state, is the only state district court not affected.

While courts are still operating, all filings have to be submitted in paper. The investigation into the incident is ongoing, with little information publicly released.

“We also have to figure out how to stop these bad actors from doing things that screw everything up, like they’ve done in judiciary,” said committee lawmaker Rep. Barb Wasinger, R-Hays, before lawmakers withdrew to speak privately about judiciary IT security during an executive session.

Though last year’s risk assessment of the state’s court system has been earmarked as confidential, previous audits of several state agencies have shown several weaknesses. A cybersecurity…

Source…

ACLU’s Jennifer Stisa Granick and Google’s Maddie Stone talk security and surveillance at Disrupt • TechCrunch


In a world filled with bad actors and snooping governments, surveillance is the one factor that affects almost every business across the globe. While companies like Apple, Signal and LastPass fight against surveillance using end-to-end encryption and by shunning mass data collection — you can’t hand over data you don’t have — too many companies, big and small, remain unaware and deeply vulnerable to prying eyes.

The fast-changing surveillance landscape is why we’re thrilled that Jennifer Stisa Granick, ACLU’s surveillance and cybersecurity counsel, and Maddie Stone, a security researcher on Google’s Project Zero team, will join us onstage at TechCrunch Disrupt on October 18–20 in San Francisco.

In a panel discussion called “Surveillance in Startup Land,” Granick and Stone will join TechCrunch security editor Zack Whittaker to present a crash course on the surveillance state to inform, educate and inspire early-stage founders to think about how to protect their users and customers from threats they haven’t even thought of yet.

We’ll discuss the emerging threats today, like how spyware makers, like NSO Group, Cytrox and Candiru, which let governments secretly wiretap phones in real time, and data brokers — the companies that trade in people’s personal information and granular location — represent an ever increasing threat to privacy and civil liberties.

Surveillance isn’t just in the United States — it’s everywhere — and change can happen quickly and unexpectedly. Case in point: Fear over healthcare data tracking and privacy became a reality after the U.S. Supreme Court overturned Roe v. Wade, the landmark legal case that guaranteed a person’s constitutional right to abortion.

The decisions that founders and investors make today can and will affect millions tomorrow. We can’t wait to hear our panelists weigh in on how companies should think about what they’re building now — and in the future — so they don’t inadvertently become extensions of the surveillance state.

Jennifer Stisa Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the surveillance and cybersecurity counsel…

Source…

South Korean president to visit Canada, talk trade, energy and security with Trudeau


OTTAWA —
South Korean President Yoon Suk Yeol is set to discuss trade and security issues with Prime Minister Justin Trudeau during a scheduled visit to Canada next week.

Yoon is to visit Toronto and Ottawa on Sept. 22 and 23 in what Trudeau’s office says is his first bilateral visit abroad since he was elected in March.

A statement says Trudeau is to meet with Yoon while he is in Ottawa.

Trudeau plans to discuss ways the two countries can strengthen their trade relationship by working more closely on energy, including electric vehicle batteries and critical minerals, and supply chains.

The two are also set to talk about regional security issues on the Korean Peninsula, such as monitoring of North Korean maritime activities.

Also on the agenda are discussions that are expected to see the two leaders continue condemning the Russian invasion of Ukraine and reaffirming their support for the Ukrainian people.

This report by The Canadian Press was first published Sept. 17, 2022.

Source…

How to Talk About Ransomware So Leadership Will Listen


Chief information security officers are working to better engage the rest of government in cybersecurity resiliency and response planning, and several shared their tips during an RSA Conference panel last week.

CISOs need to talk with elected officials and different agencies to help them understand how a ransomware incident could affect them and their priorities, and to prepare them to talk with the public should an incident happen.

Mike Makstman cropped.JPG

“You don’t want it to be that the only time you engage with elected officials — or the only time they think about their role in the cybersecurity program — is during an incident,” said San Francisco CISO and Coalition of City CISOs co-chair Mike Makstman.

GETTING ELECTEDS ON BOARD

Boston CISO and Coalition of City CISOs co-chair Greg McCarthy said he watches budget hearings and elected officials’ speeches to see which parts of city operations have these officials’ attention. If he then explains how cybersecurity impacts those areas, the message is more likely to hit home.

“If we’re talking all technical, most of your elected officials’ … eyes are going to glaze over,” McCarthy said. “But if you say, for example, ‘All of our school systems went online over the pandemic, and they’re doing teaching on Zoom or Teams or Hangouts … if this is disrupted, we can’t teach our students anymore, and that’s a huge impact to our constituents that we serve, it’s a huge impact to their political views or political stances …,’ that was one thing that I found really, really effective,” McCarthy said.

There’s also another reason for non-IT officials to listen up: A city’s cybersecurity posture can have significant impact on government finances.

Municipalities’ cyber defenses can determine whether cyber insurers will offer them affordable plans and even impact their bond ratings. In Boston, for example, rating agencies have asked the city to explain its cybersecurity plan, incident history and security controls, McCarthy said.

“Cyber has been…

Source…