Data Breaches & The Internet of Things

Uploaded on 2017-05-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law, TECHNOLOGY-Key Areas-Internet of Things, TECHNOLOGY--Developments

The explosive growth of Internet-connected devices, the Internet of Things (IoT), creates new pathways for attack for hackers, and expands the possibilities of the kinds of data that can be compromised. The question before policymakers is whether new laws are needed to protect consumers and to govern disclosure of data breaches.

At a May 10 American Bar Association event, Federal Trade Commission Associate Director for Privacy and Identity Protection Maneesha Mithal said that, on the consumer side, the "ubiquitous data collection" creates new risks for consumers, and the voluminous data creates "treasure troves for hackers." 

Naomi Lefkowitz, a senior privacy policy advisor at the National Institute of Standards and Technology, said, "there will be no perfect privacy," adding that communication and disclosure, based on standards, can help address privacy and security concerns.

Mithal said the new risks posed by IOT, such as companies' not fully informing consumers about their data collection practices and not adequately securing consumer information, require legislative solutions.
"I do believe we need additional legislation to perform federal data security and data breach notification legislation that would apply across-the-board to all companies, including IOT," she said.

Currently, there is no single data breach notification standard that applies nationwide. US states create their own laws that cover their residents and businesses. Under the Obama administration, several efforts were initiated by the White House and in Congress to push a federal standard, but no new law resulted.

Ruth Hill Bro, former chair of the American Bar Association section of science and technology law, added that industry would likely support such legislation.
"A lot of companies would welcome having one federal benchmark," for security and data breach notification rather than having to analyse 50 different ones for each state.

FCW:

You Might Also Read: 

Internet of Things Is The Next Big Security Risk:

Internet of Things Will Drive The Digital Revolution of Industry:

Internet of Insecure Things:

 

 

 

« US Reduces Crime Rates Using Effective IT
Industrial Robots Are A Security Weak Link »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Privacy Professor

Privacy Professor

Privacy Professor provides information privacy, security and compliance services, tools and products to organizations in a wide range of industries.

BGD E-GOV CIRT

BGD E-GOV CIRT

BGD e-GOV CIRT's mission is to support government efforts to develop ICT programs by establishing incident management capabilities within Bangladesh.

Engineering Group

Engineering Group

Engineering is the Digital Transformation Company, a leader in Italy and with over 80 offices across Europe, the United States, and South America.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

Jenson Knight

Jenson Knight

Jenson Knight is a global cyber security, cloud and IT infrastructure staffing specialist.

International Data Sanitization Consortium (IDSC)

International Data Sanitization Consortium (IDSC)

IDSC is a group composed of individuals and companies dedicated to standardizing terminology and practices across the data sanitization industry.

Rentalworks

Rentalworks

Rentalworks is a leading provider of Internet-of-Things (IoT) Asset Lifecycle Management Services including secure data erasure and disposal.

Cyber Security Cloud (CSC)

Cyber Security Cloud (CSC)

Cyber Security Cloud provides web application security services worldwide using world's leading cyber threat intelligence and AI technology.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

ISMAC

ISMAC

ISMAC was founded to create a security solution that would work for smaller to medium as well as bigger corporations at an affordable price.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

HEAL Security

HEAL Security

HEAL Security is the global authority for cybersecurity data, research and insights across the healthcare sector.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.