Down the Security Rabbithole Podcast (DtSR)

DtSR Episode 141 - NewsCast for May 4th, 2015

May 4, 2015

46:24

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

Send the hosts a message - try it now!

In this episode...

A join Ponemon Institute & IBM Security study shows that, surprise surprise, developers are "neglecting security"
- The study only looked at mobile apps and app developers
- Less than half (of their study) test the mobile apps they build
- About 33% never test their apps
- http://www.eweek.com/developer/ibm-study-shows-mobile-app-developers-neglecting-security.html
Illinois Bill SB1833 expands the definition of PII to include almost everything
- Requires notification in the event of a breach of...
- Online browsing history, online search history, or purchasing history
- Is this absurd, or just protecting our privacy?
- http://www.eweek.com/developer/ibm-study-shows-mobile-app-developers-neglecting-security.html
The DOJ has jumped in and issued some sound fundamental breach guidance!
- 4 sections: what to do before, during and after a breach plus what NOT to do after a breach
- Fantastic fundamentals... great idea
- The push to fundamentals is critical!
- http://www.alstonprivacy.com/doj-issues-data-breach-guidance/
- http://www.justice.gov/sites/default/files/opa/speeches/attachments/2015/04/29/criminal_division_guidance_on_best_practices_for_victim_response_and_reporting_cyber_incidents.pdf
Mozilla is phasing out non-secure HTTP
- HTTPS only is the way forward, so Mozilla (champions of liberty and all that) are leading the way
- https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/
First foreign hacker is convicted in the US
- Canadian kid who hacked and stole trade secrets and other sensitive info from video game companies
- He pled guity in September 2014, maximum of 5yr prison sentence
- http://blogs.orrick.com/trade-secrets-watch/2015/04/30/first-foreign-hacker-is-convicted-in-the-united-states-of-hacking-crimes-involving-theft-of-trade-secrets-from-american-companies/

Support the show

>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

Home Top podcasts Popular guests