Passkeys — a secure way to login to accounts without passwords — are back in the news as a bevy of companies lend their support to the cryptographic technology. Windows 11, GitHub and Nintendo are among the latest to go passwordless. The standard, which began gaining momentum last year, has also been embraced by companies including Apple, Google, the FIDO Alliance and the World Wide Web Consortium. Each passkey involves two keys — one public and registered with an online service or app, and one private and stored on individual devices, like smartphones or computers. Continue reading Windows 11, GitHub, Nintendo Are Latest to Support Passkeys

Cisco is poised to make its biggest acquisition ever, with an agreement in place to buy cybersecurity firm Splunk for $28 billion. Cisco, which turns 30 next year, is a global leader in the manufacture of computer networking equipment. Splunk is a 20-year-old company with more than 1,100 patents and a business built around keeping systems and data safe, resolving technical issues and minimizing the risk of hacks, most recently introducing new AI-based services. The companies expect the deal to close in late 2024. Cisco CEO Chuck Robbins says the deal will be financed with a combination of cash and debt. Continue reading Cisco to Acquire Cybersecurity Firm Splunk in $28 Billion Deal

California lawmakers have put data brokers on notice. A bill known as the Delete Act would allow consumers to require all such information peddlers to delete their personal information with a single request. The bill defines “data brokers” as any number of businesses that collect and sell people’s personal information, including residential address, marital status and purchases. Both houses last week passed the proposed legislation — Senate Bill 362 — and it now heads to Governor Newsom’s desk. If he signs it, the new law will go into effect in January 2026. Continue reading California Plans to Protect Consumer Privacy with Delete Act

Ireland’s Data Protection Commission (DPC) announced a TikTok fine of about $368 million today based on how the popular social platform processes data of younger users. DPC announced in 2021 that it was investigating TikTok’s compliance with the European Union’s General Data Protection Regulation (GDPR) privacy and security laws. The investigation identified specific problems with TikTok’s default account settings, the Family Pairing settings, and its age verification process (although the age verification model did not violate GDPR, the probe found that TikTok did not sufficiently protect the privacy of children under 13 who were able to create an account). Continue reading Ireland Fines TikTok $368 Million for Mishandling of User Data

U.S. consumers are consolidating their devices, eliminating outdated ones to make room for new ones that better serve their needs, according to the fourth annual Deloitte Connected Consumer survey. The study found that while 48 percent of consumers purchased a minimum of one new connected device this year, the average number of devices per household fell to 21 in 2023 from 25 in 2021, “when many loaded up on technology during the COVID-19 pandemic.” Although many consumers may be attempting to streamline their digital lives, they remain very interested in virtual experiences and tech innovation. Continue reading Deloitte: Consumer Views of Connected Devices Are Changing

Google has unveiled a spate of security enhancements to products in its Google Workspace collection including Gmail and Drive. Artificial intelligence is helping to steer some of the changes, automating specific tasks. The upgrades take a new approach, combining the idea of zero trust with the concept of data loss prevention (DLP). Under zero trust, all users, devices and components are considered untrustworthy at all times — even those within an organization’s network. These Workspace tools are in development or at various stages of testing, but Google says they will begin going live in general release later this year and into Q1 2024. Continue reading Google Is Using AI to Bring Zero Trust Security to Workspace

The Federal Communications Commission has issued a formal Notice of Proposed Rulemaking (NPRM) for the U.S. Cyber Trust Mark labeling program for smart devices announced in July with the Biden administration. The voluntary program to provide certification for baseline cybersecurity standards is designed to help consumers make informed purchase decisions regarding Internet of Things (IoT) products. The FCC, which proposes to own the new Cyber Trust trademark and administer it in conjunction with third parties, is now officially soliciting comments from industries and the public on the scope of the proposed program. Continue reading FCC Advances ‘U.S. Cyber Trust Mark’ to Foster IoT Security

VMware and Nvidia have joined forces on “VMware Private AI Foundation with Nvidia,” a fully-integrated solution designed to bring generative AI training and deployment to enterprise clients running on VMware’s hybrid cloud infrastructure. The full-stack product will provide software, compute power and everything needed to fine-tune large language models using proprietary data. “Together with Nvidia, we’ll empower enterprises to run their generative AI workloads adjacent to their data with confidence while addressing their corporate data privacy, security and control concerns,” said VMware CEO Raghu Raghuram. Continue reading VMware and Nvidia Are Bringing Generative AI to Enterprises

A draft agreement said to have been presented by the U.S. government to ByteDance that would let TikTok avoid a federal ban seeks “near unfettered access” to company data and “unprecedented control” over platform functions. The nearly 100-page document, reported on this week, seeks control federal officials don’t have over other media outlets — social or otherwise — raising domestic concerns about government overreach. The draft dates to summer 2022. It is not known whether it has been updated or if the secretive negotiations between ByteDance and the Committee on Foreign Investment in the United States (CFIUS) have since continued. Continue reading Plans for TikTok Containment Would Give Feds Broad Power

Amazon plans to enable palm-scan payments at the company’s 500-plus U.S. Whole Foods stores by year’s end with enrollment in Amazon One. Amazon Fresh grocery stores, select Panera restaurants, some stadiums and concert venues, and even a few Starbucks locations are said to be participating in the rollout. Amazon introduced hand-scanning sensor technology in 2020 in a bid to rival Google and Apple in the digital wallet sector. The e-retail giant now has the scanners installed in about 400 locations, some 150 of which are third-party owned, like the Hudson Group airport stores and Coors Field in Denver. Continue reading Amazon Palm-Scan Payment Plan to Challenge Apple, Google

Ransomware attacks have surged in the 12 months ending in June 2023, with the United States accounting for 43 percent of the 1,900 attacks reported — 7x greater than that of the second most popular target, the United Kingdom, at 196. The period marked a 75 percent increase in U.S. ransomware attacks, which were perpetrated by 48 different groups including CL0P, a gang believed to have ties to Russia. U.S. companies, governmental organizations and individual consumers were targeted during the period, with healthcare and educational institutions disproportionately impacted, according to a study by cybersecurity firm Malwarebytes. Continue reading U.S. Impacted by Significant Increase in Ransomware Attacks

The cost of a data breach can run as high as $4.54 million today, up from $3.86 million in 2020, according to an IBM study that says the fastest-growing — and costliest — type of cyberattack is ransomware. That’s why more companies are turning to cyber insurance to hedge their bets. Last year, the global market for such policies was estimated to be in the $13.33 billion range, and projected to reach $84.62 billion by 2030. Because the increased frequency of attacks has resulted in increased payouts, insurance providers now often require proof of adequate security measures. Continue reading Companies Turn to Cyber Insurance as Global Threats Surge

Hundreds of amendments are queued up for possible addition to the vast annual defense policy bill. Among those that senators are considering include regulations that address artificial intelligence, cybersecurity and proposals to test election systems for vulnerabilities. Adding cyber measures to the National Defense Authorization Act (NDAA) has become a tradition in recent years because it is “must-pass” legislation and renewed annually. Senate Majority Leader Chuck Schumer (D-New York) hopes to have the Senate’s version of the bill prior to the August recess that commences at the end of this week. Continue reading U.S. Senate Aims to Add Cyber Amendments to Defense Bill

President Biden has secured voluntary commitments from seven leading AI companies who say they will support the executive branch goal of advancing safe, secure and transparent development of artificial intelligence. Executives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI convened at the White House on Friday to support the accord, which some criticized as a half measure, claiming the companies have already embraced independent security testing and a commitment to collaborating with each other and the government. Biden stressed the need to deploy AI altruistically, “to help address society’s greatest challenges.” Continue reading Top Tech Firms Support Government’s Planned AI Safeguards

Apple is reportedly developing tools it could use to enter the artificial intelligence space, joining rivals such as Microsoft and Google, which have already released popular products. In Cupertino, the company is said to have built a framework for large language models, which power AI-based chatbot offerings similar to Google’s Bard and OpenAI’s ChatGPT. Called Ajax, the platform is the basis for what is referred to inside the company as Apple GPT. Though Apple has built automation into its products for some time, it could now be preparing to make a direct play for the generative AI market. Continue reading Apple Chatbot ‘Ajax’ Could Be Next Major Player in AI Space