Tired of manually punching links into the Wayback Machine? As part of its newest update, the Brave desktop browser will automatically look up archived web pages when it encounters a broken or deleted website.
A Model for Interoperability? Open Cybersecurity Alliance Unveils First Open Source Language to Connect Security Tools
Governed under the auspices of OASIS, which offers projects a path to standardization and de jure approval for reference in international policy and procurement, the Open Cybersecurity Alliance (OCA) has announced the availability of the first open-source language for connecting cybersecurity tools through a common messaging framework, OpenDXL Ontology. Given the challenges of interoperability in the field of eDiscovery, data discovery and legal discovery professionals may benefit from this example of coordination, collaboration, and standardization.
From Strategy to the X-Road®: Considering Cybersecurity Through the Lens of Estonia
Provided in this post is a compilation of informational article extracts that may be helpful for those seeking to learn more about cybersecurity and how it is approached from strategy and vision to interoperability and architecture by one of the most digitally-advanced and cybersecurity-savvy countries in the world, Estonia.
The Intersection of International Law and Cyber Operations: An Interactive Cyber Law Toolkit
The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. At its heart, the Toolkit currently consists of 14 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. The Toolkit was formally launched on 28 May 2019 in Tallinn, Estonia.
Chinese Military Personnel Charged with Equifax Hacking
“This was a deliberate and sweeping intrusion into the private information of the American people,” said Attorney General William P. Barr, who made the announcement. “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”
Securing the Cloud? Guidance from the NSA on Mitigating Cloud Vulnerabilities
According to the National Security Agency, managing risk in the cloud requires that customers fully consider exposure to threats and vulnerabilities, not only during procurement but also as an on-going process. Clouds can provide a number of security advantages over traditional, on-premises technology, such as the ability to thoroughly automate security-relevant processes, including threat and incident response. With careful implementation and management, cloud capabilities can minimize risks associated with cloud adoption, and empower customers to take advantage of cloud security enhancements.
Challenged by Privacy? The NIST Privacy Framework
The NIST Privacy Framework is a voluntary tool intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.
Estonia and the United States to Build a Joint Cyber Threat Intelligence Platform
“The goal is to develop an automized cyber threat intelligence system between the US and Estonian defense forces, tailored to the specific needs of the two nations to enhance the cyber defense capabilities of the two parties. Regular exchange of threat intelligence between actors is one of the core principles of cyber defense today,” said Kusti Salm, Director General of the Estonian Centre for Defence Investment.
Conscious Unclouding? A Hard Look at Data Security and the Cloud
The security of data is fast becoming one of the most prominent and visible areas of concern in the selection of eDiscovery software solutions. With public examples of data security failures increasing in regularity and impact, it behooves any discovery solution decision-maker to carefully consider how they manage this important risk factor as they make on and off-premise enterprise software selection decisions.
From Tech to Reality: Deep Truths About Deepfakes
As shared by Steve McNew, an MIT trained blockchain/cryptocurrency expert and senior managing director at FTI Consulting, “Online videos are exploding as a mainstream source of information. Imagine social media and news outlets frantically and perhaps unknowingly sharing altered clips — of police bodycam video, politicians in unsavory situations or world leaders delivering inflammatory speeches — to create an alternate truth. The possibilities for deepfakes to create malicious propaganda and other forms of fraud are significant.”
