FBI Director Calls On Congress To 'Fix' Phone Encryption By Apple, Google

Ryan Reilly and Matt Sledge, Huffington Post,  Thursday, October 16, 2014

FBI Director James Comey called Thursday for "a regulatory or legislative fix" for technology companies' expanding use of encryption to protect user privacy, arguing that without such a fix, "homicide cases could be stalled, suspects could walk free, and child exploitation victims might not be identified or recovered."

Microsoft says NSA spying hit trust in the cloud

Doug Drinkwater, SC Magazine UK,  Friday, October 10, 2014

A senior Microsoft spokesman says that government surveillance has damaged trust in the cloud and in the company itself, pushing the latter to focus more on data privacy and security. The firm's principal cyber-security strategist Jeff Jones was presenting at the IP Expo Europe exhibition in London on Thursday, where he suggested that the leaks from NSA whistleblower Edward Snowden had impacted the Redmond technology giant and the cloud computing market as a whole. He then suggested that that the leaks had ‘affected' cloud in the enterprise, as well as the company's own ambitions in this area, before adding that the growing distrust in the cloud had come at a time where ‘perceptual concerns' around cloud security were dissipating on deployment.

Software group launches student privacy pledge

Julian Hattem, The Hill,  Tuesday, October 07, 2014

The software industry is making moves to beef up privacy protections for students. The Software and Information Industry Association (SIIA) joined with the Future of Privacy Forum, a think tank, to announce a new pledge for companies that make products for students in kindergarten through 12th grade. Under the pledge, a handful of companies have promised not to sell student information or target their ads based on students’ behavior. Companies will also only use data for specific educational purposes and will impose limits on how long that information is held.

Players picked for first federally-funded R&D center for cybersecurity

Aaron oyd, FederalTimes,  Tuesday, October 07, 2014

With cyber attacks being volleyed at U.S. infrastructure daily, the National Cybersecurity Center of Excellence (NCCoE) has awarded the first federally-funded research and development center (FFRDC) contract designed specifically to enhance the nation's cybersecurity. The new FFRDC — part of the National Institute of Standards and Technology’s (NIST) NCCoE — will be managed by non-profit MITRE Corp. with assistance from the University System of Maryland (USM), which includes campuses in College Park (UMCP) and Baltimore County (UMBC).

OMB changes security incident reporting procedures, tweaks FISMA metrics

Molly Bernhart Walker, FierceGovernmentIT,  Monday, October 06, 2014

The Office of Management and Budget said Oct. 3 that new guidelines issued to federal civilian agencies will improve the government's information security posture. The new guidelines update how agencies will report security incidents to the Homeland Security Department's computer emergency readiness team, or US-CERT, a process that will be tested for one year before a more permanent update is considered, an OMB memo (pdf) said. The new guidance – detailed in incident notification guidelines – establishes a standard set of data elements for reporting incidents, updated incident notification requirements, impact classifications and threat vectors used to categorize and address incidents, said OMB Director Shaun Donovan, in the Oct. 3 memo.

Microsoft will offer locally hosted cloud services in India

John Ribeiro, IDG News Service,  Monday, September 29, 2014

Microsoft CEO Satya Nadella wooed India's government and banks on Tuesday with an offer to host cloud services including Azure and Office 365 in the country. The Indian government has been pushing organizations to hold data locally, and Nadella's move could help drive business for the company from federal and state government customers, as well as banks.

Oracle opens two German data centres in wake of NSA snooping scandal

Madeline Bennett, V3,  Monday, September 29, 2014

Oracle has announced the opening of two data centres in Germany, along with teaming up with Vodafone to push the Internet of Things. The two new facilities, located in Frankfurt and Munich, will go live in the next few weeks and will be completely operational before the end of the year. They join the two other European countries that already have their own data centres, the UK and the Netherlands. The centers will provide cloud services to German organizations that want their data stored within German borders to prevent foreign authorities –notably the NSA – to access the information through their surveillance programs.

NIST floats mobile device security model

Molly Bernhart Walker, FierceMobile Government,  Wednesday, September 24, 2014

The National Institute of Standards and Technology issued the second draft of a "building block" document federal agencies or enterprises could use to secure mobile devices that connect to the organization's network. The guide is customizable, as it takes a layered approach to security, and also practical and repeatable because it offers standards-based solutions using commercially available technology.

U.S. Federal Cloud Forecast Shows Sustained Growth Through 2018, According to IDC Government Insights

IDC Press Release, BWW,  Tuesday, September 16, 2014

IDC Government Insights today announced the availability of a new report, Perspective: Looking Up – U.S. Federal Cloud Forecast Shows Sustain Growth Through 2018. The detailed report, a follow-up to IDC Government Insights' inaugural cloud spending forecast in July 2013, evaluates how the U.S. Federal Government is spending part of its IT budget on cloud-based solutions.

FNF 2014: Brussels privacy advocates summit to tackle surveillance, censorship, net discrimination

Kirsten Fiedler, EDRi,  Monday, September 15, 2014

Between 26 and 29 September, the annual Freedom not Fear (FNF) conference and barcamp will take place in Brussels. As every year, the action days are challenging the false dichotomy that better security comes at a price: the abandonment of our privacy rights.