Blog

CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

Forget it, Google tells France

Forget it, Google tells France
August 4, 2015

By Byron Acohido, ThirdCertainty

In a move that could set a precedent for service providers, Google pushed back against the expansion of what’s become known as the Right to be Forgotten ruling, and refused to comply with a notice issued by French data protection agency Commission Nationale de l’Informatique et des Libertes mandating the company remove links from its domains worldwide (as opposed to removal by country only). “We respectfully disagree with the CNIL’s assertion of global authority on this issue,” said Google Global Privacy Counsel Peter Fleischer. The order, issued by a Parisian court in 2014 and escalated by CNIL in June, contended that Google’s approach of removing links from only country-specific versions of Google’s websites (such as google.fr) did not sufficiently protect the right to be forgotten. “CNIL considers that in order to be effective, delisting must be carried out on all extensions of the search engine and that the service provided by Google search constitutes a single processing,” it said in a statement. Source: Electronic Frontier Foundation

sh_visa application_400

She fought the law, and the law won

An immigration lawyer accused of forging visa applications for unauthorized immigrants agreed to plead guilty in federal court to one of the seven counts against her, court records show. Sherin Thawer, of Coppell, Texas, faced charges of conspiracy to commit fraud in connection with immigration documents, one count of mail fraud, one count of transfer or use of the means of identification of another person and four counts of aggravated identity theft. Under the plea agreement, she faces a maximum of two years in federal prison. Thawer represented immigrants applying for visas to enter or remain in the United States, officials said. Those included petitions for U Nonimmigrant Status, known as a U-Visa. Source: The Dallas Morning News

Don’t give it a pass, DHS says

The Department of Homeland Security is arguing that a new cybersecurity bill could slow responses to cyber attacks and endanger citizens’ rights. In a letter to Sen. Al Franken (D-Minn.), the department said the Cybersecurity Information Sharing Act, set to hit the Senate floor this week, would create logistical and privacy challenges. The DHS is particularly worried about provisions in the bill that would allow companies to share cyber threat data with agencies other than Homeland Security. The DHS fears the bill’s “expansive definitions of cyber threat indicators” also would permit companies to share data unrelated to cyber threats, Mayorkas added. Under the legislation, the DHS would receive a greater amount of data about hackers from the private sector. Source: The Hill

sh_drug infusion pump_400

More than a minor medical problem

Federal regulators are warning that a pump used to deliver medicine to patients is at risk of being breached. The Symbiq Infusion System from medical device-maker Hospira, can be hacked by someone who gains access to a hospital’s computer network. “This could allow an unauthorized user to control the device and change the dosage the pump delivers, which could lead to over- or under-infusion of critical patient therapies,” the Food and Drug Administration said in guidance posted online. Source: The Washington Post

It’s a growth industry

Cloud security group Zscaler is joining the ranks of cybersecurity startups getting large influxes of cash, as private investors bet on solutions to help organizations defend against hackers. The company, which provides security-as-a-service, has raised $100 million in a round led by TPG, the private-equity group, with contributions from existing investors EMC, the storage company, and Lightspeed Ventures. Jay Chaudhry, CEO of Zscaler, said he would use the funds to “aggressively” expand the business beyond its 5,000 existing customers in 185 countries. Customers include the U.K.’s National Health Service, NBC and United Airlines. Source: The Financial Times

sh_clinton china cyber threat_750

China says backing off would be best

If the United States implements retaliatory measures against China in cyber space, it “will have to shoulder responsibility for escalating confrontation,” said a commentary by Xinhua news agency, warning that any form of political or economic retaliation will be met with countermeasures. The commentary said that the U.S. is on the brink of making a mistake under the name of protecting cybersecurity, as it is reportedly considering retaliatory measures against China for unfounded hacking accusations. There have been media reports saying that President Obama’s administration is determined to retaliate against China for its alleged theft of personnel information of more than 32 million Americans from the database of the Office of Personnel Management. Source: NDTV Gadgets

That stinger can hurt

Members of Congress are trying to rein in a federal law enforcement program that uses devices known as Stingrays to capture cell phone data. “They are spying on law-abiding citizens as we speak,” said Rep. Darrell Issa (R-Calif.), who recently won House approval of a measure to end the program. The Stingray devices are the size of small suitcases, cost about $400,000 to buy and operate, and are usually attached to the cars of federal, state or local law enforcement agents. They mimic cell phone towers, tricking phones within a certain radius to connect to and feed data to police about users’ locations, text messages, calls and emails. Federal agencies such as the FBI, the Drug Enforcement Administration, and Immigration and Customs Enforcement use the technology, which can penetrate the walls of a building. Source: USA TODAY

sh_medical records hack_400

Can’t find a cure for this

A medical software company says the private information of 3.9 million people nationwide was exposed when its networks were hacked, the Department of Health and Human Services said. Medical Informatics Engineering announced June 10 that the attack on its main network and its NoMoreClipboard network began May 7 and was detected May 26. The company said the exposed information includes names, addresses, birth dates, Social Security numbers and health records. The hack affected patients of 11 health care providers. They include Concentra, which operates more than 300 medical centers in 38 states; Franciscan St. Francis Health Indianapolis; and Rochester Medical Group in the Detroit area. The hack also affected patients served by 44 hospitals and other radiology centers in Indiana, Ohio and Michigan, the notice said. Source: The Associated Press via ABC News

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started