News Alerts and Breach Report for Week of January 30, 2023
Cybersecurity Market to Reach $403 Billion by 2027
ADCG’s report on 2023 privacy predictions noted a deficit in skilled privacy professionals. This week, Fortune confirms the lack, citing a global survey of 1,890 data privacy IT, audit, compliance, and risk management professionals. That might be why cybersecurity technology is poised to take off. That might be why the global cybersecurity corporate training market is expected to grow by $18.59 billion between 2021 and 2026. Meanwhile, the global cybersecurity is expected to reach a value of $403 billion by 2027, with a strong emphasis on gamification as a training strategy.
NIST Releases New AI Framework
The National Institute of Standards and Technology has released a new framework for guiding cybersecurity and data practices around AI. According to Bloomberg, “Developers of artificial intelligence should be cognizant of potential biases perpetuated by their systems and address risks of intellectual property infringement,” and, “The first version of the framework focuses on four “high-level functions:” govern, map, measure and manage. These broad categories include suggestions on how to evaluate AI for legal and regulatory compliance, collect information about how the technology uses third-party software and data, quantify and track AI risks over time, and allocate resources to mitigate any potential risks highlighted during the processing of assessing the technology.”
Google Enters Legal Gray Area
Google recently updated its terms of service with a provision that reserves the right of the search giant to scan the computers of Play Store users. Says Dark Reading, “In Google’s Play Store Terms of Service (ToS), Google notes that it scans for malware and reserves the right to remove it from a user’s computer if it deems it necessary.” That language is raising eyebrows among privacy advocates. Read more here.
FCC Releases New VoIP Rules
The Federal Communication Commission (FCC) has released a Notice of Proposed Rulemaking for telecommunications carriers and voice over internet protocol (VoIP) services that experience breaches. According to JD Supra, the rulemaking would, “Expand the definition of a covered “breach” to include inadvertent CPNI breaches; Require notification to the FCC, in addition to federal law enforcement; Require notification to the FCC and federal law enforcement ‘as soon as practicable,’ replacing the current requirement to notify within seven business days of discovery; Remove the existing seven-business-day waiting period for notifying customers or disclosing the breach following law enforcement notification; and Adopt minimum requirements for the contents of customer notifications.”
BREACH REPORT:
* * * * * * *
To read our latest article, Legislative Privacy and Cybersecurity Predictions for 2023 part 2, click here.
Our Podcasts will pick up next week as we have some of the industry’s best set to join. Jody Westby hosts our podcast, ADCG on Privacy & Cybersecurity, bringing together leaders in the privacy and cybersecurity arenas to discuss a wide range of issues ranging from the proposed federal and state regulations to best practices and standards for compliance. Episodes can be enjoyed on many platforms including Spotify and Apple Podcasts. Don’t forget to subscribe!
Our most recently released episodes:
84 | Internet Archive Project Related to Russia’s War with Ukraine (With guest Mark Graham)
83 | Geofence Warrants and January 6: Constitutional and Privacy Issues (with guest Matthew Esworthy)
82 | A Look at the Consequences of the Uber and Twitter CISO Cases (with guest Ron Raether)
To browse our previously published articles and news alerts, please visit our website, and don’t forget to subscribe to receive free weekly Data and Cyber Governance news and Breach Reports directly to your email.