After the OPM Breach, It’s Time for IT Organizations to be Accountable

Jeff Gould by Jeff Gould, SafeGov.org
Thursday, July 02, 2015

It is time to change the rules, and hold federal IT organizations accountable for their missteps. The OPM breach, which the Obama administration says was the work of Chinese hackers, exposes every current and former federal employee to blackmail, identity theft, phishing attacks, espionage and untold other forms of harassment. While no lives have been lost, the OPM attack is undeniably a national catastrophe whose consequences will be felt for years to come.

Agencies are taking the right steps to protect data

Karen Evans by Karen Evans, KE&T Partners
Wednesday, July 01, 2015

The Office of Personnel Management's Electronic Questionnaires for Investigations Processing system is offline now after the agency says it found a security vulnerability. The site will be offline for four to six weeks. OPM hasn't said the discovery came out of the 30-day cyber sprint called for by federal CIO Tony Scott. Karen Evans, executive director of the U.S. Cyber Challenge and former e-gov administrator at the Office of Management and Budget, is watching the agencies respond to Tony Scott's call. She tells In Depth with Francis Rose, how the OPM breach is changing the way agencies protect their data.

CIO Scott seeks new framework for government cloud

Adam Mazmanian, FCW,  Tuesday, June 30, 2015

The devastating hacks of the legacy systems at the Office of Personnel Management are a reminder that government needs to move off of antiquated IT and into modern systems built with integrated security. Federal CIO Tony Scott is urging cloud vendors to come up with solutions that operate at the government scale.

Digital Customer Experience Expectations, IoT Extend Into City Government

Michael Tarbet, Business2Community,  Tuesday, June 30, 2015

Interview with Jonathan Reichental, Ph.D. who is CIO for the City of Palo Alto, California. He is an adjunct professor at the University of San Francisco, and previously the CIO at O’Reilly Media and the Director of IT Innovations at PricewaterhouseCoopers.

EU data protection regulation closer, your next headache?

Giulio Coraggio, GamingTechLaw,  Tuesday, June 30, 2015

The new EU Data Protection regulation is now closer with the EU Council of ministers reaching an agreement on a general approach which still leaves some room for negotiations and further headaches… Data protection experts might have lost any hope to see the final draft of the new EU Privacy Regulation during their life after that any step forward was followed by a number of steps backwards. But after 3 years from the first draft, commentators are quite confident to see the EU data protection regulation finally approved by the end of the year. The approval by the EU Council of the latest draft of the EU privacy regulation does NOT mean that the regulation is now approved. Further discussions with the EU Parliament and Commission shall take place and a number of points of discussion appear still open.

Study Suggests Google Harms Consumers by Skewing Search Results

Tom Fairless, Wall Street Journal,  Monday, June 29, 2015

New research by two U.S. academics suggests that Google Inc. is harming Internet users and violating competition laws by skewing search results to favor its own services, a potentially significant twist in Europe’s long-running antitrust investigation of the U.S. search company. The research combines statistical testing with detailed legal and economic analysis to examine the ramifications of Google’s practice of promoting its own specialized search services, such as for local restaurants or doctors, at the expense of rivals such as Yelp and TripAdvisor. It was sponsored by Yelp, which has filed a complaint with European Union antitrust authorities over Google’s search practices. It was presented to EU regulators on Friday.

When a Company Is Put Up for Sale, in Many Cases, Your Personal Data Is, Too

Natasha Singer and Jeremy Merrill, New York Times,  Monday, June 29, 2015

Of the 99 sites with English-language terms of service or privacy policies, 85 said they might transfer users’ information if a merger, acquisition, bankruptcy, asset sale or other transaction occurred, The Times’s analysis found.

Dealing With Data Privacy in the Cloud

Paul Trotter, CIO,  Monday, June 29, 2015

Our reliance on data and the potential pitfalls associated with managing it have given rise to the need for safeguards for the protection of information, particularly in Europe where the General Data Protection Regulation (GDPR) will soon come into force. GDPR is designed to harmonise the current data protection regulations across EU member states, with strict data compliance stipulations and the possibility of huge financial penalties for those who breach of the rules. While the regulation doesn’t deal specifically with cloud service providers, it does have implications for organisations that use cloud services to store data. And with many companies in need of guidelines on how to deal with new approaches to data management, it’s time to turn to the experts.

Cloud computing definition in constant flux

Jeff Kaplan, TechTarget,  Sunday, June 28, 2015

The proliferation of cloud services has created a double-edged sword. The stream of new cloud alternatives has produced a buyers' market, characterized by intensifying price competition. But it has also made it more difficult for IT and corporate decision makers to determine which cloud offerings are best suited to meet their particular business and technological requirements.

Forced Data Localization Hurts Businesses Economically, Google Says

Jaikumar Vijayan, eWeek,  Saturday, June 27, 2015

Laws that require organizations to store customer data in a specific country or geographic location undermine many of the economic benefits of cloud computing, Google said, quoting a new report from the Leviathan Security Group. Forced localization can also negatively affect data security and privacy, the company said. Large cloud services typically offer better resiliency and redundancy than locally hosted services. They also have access to more skilled security resources than organizations that host data locally.