Monday, March 28, 2022

 March 29, 2022 - What. A Gan? [Fraudulently] Monetizing Fake (GAN) Faces.

Think you can tell the difference? Try this test first: https://www.whichfaceisreal.com/

Then, read the Register about how business are using artificially generated faces:

Excerpt from the article:

NPR looked into DiRestra and Goldstein's claims and found more than 70 businesses linked to the fake profiles. Several of the businesses said they had hired outside marketers, but expressed surprise when told about the fake LinkedIn profiles. The businesses also denied authorizing the campaigns. 

Accounts like Ramsey's are used by companies to pitch software to potential new customers, and whenever a target responds they're redirected to a real person. With this technique, companies are able to greatly broaden their reach without having to hire new people, NPR said.

Wednesday, March 09, 2022

2022-03-09 - President Biden issues executive order on protection of crypto-based assets. From the Fact Sheet issued today:

Outlines First Whole-of-Government Strategy to Protect Consumers, Financial Stability, National Security, and Address Climate Risks

Digital assets, including cryptocurrencies, have seen explosive growth in recent years, surpassing a $3 trillion market cap last November and up from $14 billion just five years prior. Surveys suggest that around 16 percent of adult Americans – approximately 40 million people – have invested in, traded, or used cryptocurrencies. Over 100 countries are exploring or piloting Central Bank Digital Currencies (CBDCs), a digital form of a country’s sovereign currency.

The rise in digital assets creates an opportunity to reinforce American leadership in the global financial system and at the technological frontier, but also has substantial implications for consumer protection, financial stability, national security, and climate risk. The United States must maintain technological leadership in this rapidly growing space, supporting innovation while mitigating the risks for consumers, businesses, the broader financial system, and the climate. And, it must play a leading role in international engagement and global governance of digital assets consistent with democratic values and U.S. global competitiveness.

That is why today, President Biden will sign an Executive Order outlining the first ever, whole-of-government approach to addressing the risks and harnessing the potential benefits of digital assets and their underlying technology. The Order lays out a national policy for digital assets across six key priorities: consumer and investor protection; financial stability; illicit finance; U.S. leadership in the global financial system and economic competitiveness; financial inclusion; and responsible innovation.

Specifically, the Executive Order calls for measures to:

  • Protect U.S. Consumers, Investors, and Businesses by directing the Department of the Treasury and other agency partners to assess and develop policy recommendations to address the implications of the growing digital asset sector and changes in financial markets for consumers, investors, businesses, and equitable economic growth. The Order also encourages regulators to ensure sufficient oversight and safeguard against any systemic financial risks posed by digital assets.
  • Protect U.S. and Global Financial Stability and Mitigate Systemic Risk by encouraging the Financial Stability Oversight Council to identify and mitigate economy-wide (i.e., systemic) financial risks posed by digital assets and to develop appropriate policy recommendations to address any regulatory gaps.
  • Mitigate the Illicit Finance and National Security Risks Posed by the Illicit Use of Digital Assets by directing an unprecedented focus of coordinated action across all relevant U.S. Government agencies to mitigate these risks. It also directs agencies to work with our allies and partners to ensure international frameworks, capabilities, and partnerships are aligned and responsive to risks.
  • Promote U.S. Leadership in Technology and Economic Competitiveness to Reinforce U.S. Leadership in the Global Financial System by directing the Department of Commerce to work across the U.S. Government in establishing a framework to drive U.S. competitiveness and leadership in, and leveraging of digital asset technologies. This framework will serve as a foundation for agencies and integrate this as a priority into their policy, research and development, and operational approaches to digital assets.
  • Promote Equitable Access to Safe and Affordable Financial Services by affirming the critical need for safe, affordable, and accessible financial services as a U.S. national interest that must inform our approach to digital asset innovation, including disparate impact risk. Such safe access is especially important for communities that have long had insufficient access to financial services.  The Secretary of the Treasury, working with all relevant agencies, will produce a report on the future of money and payment systems, to include implications for economic growth, financial growth and inclusion, national security, and the extent to which technological innovation may influence that future.
  • Support Technological Advances and Ensure Responsible Development and Use of Digital Assets by directing the U.S. Government to take concrete steps to study and support technological advances in the responsible development, design, and implementation of digital asset systems while prioritizing privacy, security, combating illicit exploitation, and reducing negative climate impacts.
  • Explore a U.S. Central Bank Digital Currency (CBDC) by placing urgency on research and development of a potential United States CBDC, should issuance be deemed in the national interest. The Order directs the U.S. Government to assess the technological infrastructure and capacity needs for a potential U.S. CBDC in a manner that protects Americans’ interests. The Order also encourages the Federal Reserve to continue its research, development, and assessment efforts for a U.S. CBDC, including development of a plan for broader U.S. Government action in support of their work. This effort prioritizes U.S. participation in multi-country experimentation, and ensures U.S. leadership internationally to promote CBDC development that is consistent with U.S. priorities and democratic values.

The Administration will continue work across agencies and with Congress to establish policies that guard against risks and guide responsible innovation, with our allies and partners to develop aligned international capabilities that respond to national security risks, and with the private sector to study and support technological advances in digital assets.

 

 

 

https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/09/fact-sheet-president-biden-to-sign-executive-order-on-ensuring-responsible-innovation-in-digital-assets/?utm_source=link

 

Friday, February 25, 2022

 2022-02-25

Cyberwar is Kinetic War - A warning from a contributor to CNN Reliable Sources - Relevant to any individual or enterprise:

"This is an evergreen but currently relevant tip for journalists as well as others who may be involved in sharing information about the conflict, from Harvard Shorenstein fellow Jane Lytvynenko: "Make sure your reporters, [editors], photographers, admin staff, and anyone else involved in covering this war has strong cybersecurity hygiene. Vet sources. Check documents. Be aware of phishing attack potential. 2fa everywhere via an app. Password variation. Everything." #cybersecurity #cybervigilance

Wednesday, February 23, 2022

2022-02-23

It's so...2022: New ISO 27002-2022 Published:002:2022

ISO 27002:2022 Considerations for certifiers-in-process (and the certified) for 2022 and beyond:

1. The standard now aggregates information security, cybersecurity into a unitary document
2. Four "Controls" Themes - People, physical, technological and organizational.
3. Relevant new controls are directed to data loss prevention, IoT, and, introducing: threat intelligence.
4. Handy Annex A to 27002:2022 provides means to demonstrate cyber/information, etc. postures

The standard will likely require currently certified entities to update or create new policies.

Important Note: Annex A to ISO27001 is in the final steps of being updated (perhaps as early as Q2 2022) to put it accordance with ISO27002:2022. For re-certifying entities, this will mean a two year compressed certification time frame. Newly certifying entities should become aware of and address their activities to incorporate relevant additional, modified requirements. #cybersecurity #iot #ISO27002


Threat intelligence now includes litigation intelligence.


 
Actions