NTSC Blog

Weekly News Roundup: May 27, 2019

Congressional Cybersecurity Legislation Roundup

Last week saw a lot of cybersecurity-related activity on the Hill…

• Senate Passes Bill That Would Slap Robocallers With Fine of Up to $10,000 Per Call: According to Gizmodo, “In a nearly unanimous vote [last Thursday], the Senate approved a bill that would hinder robocalls and ramp up penalties for scammers who make illegal robocalls. The TRACED (Telephone Robocall Abuse Criminal Enforcement and Deterrence) Act was introduced in November by Massachusetts Senator John Thune, a South Dakota Republican and Massachusetts Senator Ed Markey, a Democrat. In keeping with the bipartisan spirit of everyone loathing robocalls, the bill passed today with a 97-1 vote.”
• Senators offer bipartisan bill to help US firms remove Huawei equipment from networks: According to The Hill, “A bipartisan group of senators introduced legislation [last] Wednesday to help U.S. firms remove Chinese telecom equipment from companies like Huawei if it's deemed a national security threat. The legislation would require fifth generation, or 5G, wireless networks be free of equipment or services provided by Chinese telecommunications companies Huawei and ZTE. It also would establish a ‘supply chain trust fund’ program to help U.S. firms remove Huawei equipment from their networks.”
• Democrats Seek Expansion of Corporate Liability in Privacy Bill: According to Bloomberg, “Three Democratic senators helping write a privacy bill are seeking to allow individuals to sue companies for mishandling their data, according to Republican Senator John Thune. The measure would raise the burden on businesses and could imperil Congress’s ability to pass the legislation. A so-called private right of action, which several consumer groups have advocated, would likely spur opposition from Republicans and regulated businesses facing a litany of consumer lawsuits.”
• Congress agrees: It's time to regulate facial recognition technology: According to Mashable, “The first in a series of congressional hearings on facial recognition technology took place on Wednesday, and it brought about a rare occurrence in Washington: agreement between Democrats and Republicans. The House Oversight Committee’s hearing was focused on the impact facial recognition has had on civil rights and liberties from its use among law enforcement. A panel of experts, including face recognition researchers, legal professionals, and former law enforcement, spoke of the threat of mass surveillance. The panel was nearly in full agreement that the use of facial recognition technology in the field must be halted immediately.”
• Lawmakers Propose $2.2 Billion to Advance AI Over the Next Five Years: According to NextGov, “Sens. Martin Heinrich, D-N.M., Rob Portman, R-Ohio, and Brian Schatz, D-Hawaii, on Tuesday proposed a bill that would create a national artificial intelligence strategy and invest some $2.2 billion in advancing the tech over the next five years. The Artificial Intelligence Initiative Act aims to help the U.S. stay ahead of global competitors like China that are vying to dominate the international AI market.”
• Momentum grows to create 'Do Not Track' registry: According to The Hill, “[Last] Tuesday, Sen. Josh Hawley (R-Mo.) unveiled a “Do Not Track” bill with tough penalties for companies who break its protections, reviving a debate over whether users should be allowed to opt out of the tracking and data collection that comprise the core of many top tech companies’ business models.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

• Ransomware Attacks Skyrocketed in Q1: Reported in Insurance Journal, “Ransomware attacks skyrocketed in the first quarter of 2019, according to the Beazley Breach Response (BBR) Services team, which reported a 105% increase in the number of ransomware attack notifications against clients compared to Q1 2018.”
• Survey: Security is top worry as IT container use accelerates: Reported in ZDNet, “There has been a large rise in the number of enterprises running container technologies in production environments over the past two years—from 67% to 90% according to the 2019 Container Adoption Survey, which polled over 500 IT professionals across different industries and company size.”
• IBM Security: Cybersecurity Threats Growing In Travel and Transportation Industries: According to a press release, “Attacks in the travel and transportation industry are becoming more frequent, opening already unwary travelers to cybersecurity threats during their journeys. According to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry has become a priority target for cybercriminals as the second-most attacked industry—up from tenth in 2017— attracting 13% of observed attacks. Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.”
• Most security pros have considered quitting due to a lack of resources: Reported in Help Net Security, “Companies are suffering from a lack of resources, both in terms of people and technology (79 percent), and 72 percent have considered leaving their jobs for this reason, Censornet research reveals.”
• Expanding IoT Results in Increased Security Breaches: Reported in Design News, “A new study shows that cyber attacks against companies with IoT deployment has grown to 26% per year, up from 15% per year two years ago.”