They say hindsight is 20/20, but what about foresight? We’re not ones to prognosticate, but a look at notable FTC cases and initiatives from the past year suggests some topics likely to be top of mind in months to come. Here is a non-exhaustive list of issues in our 2019 rearview mirror and likely visible through the 2020 windshield.
Blog Posts Tagged with Data Security
When Chairman Simons and I arrived at the FTC, one of our first priorities was to strengthen the FTC’s orders in data security cases. We’ve already made three major changes that improve data security practices and provide greater deterrence, within the bounds of our existing authority.
You know the importance of strong cybersecurity, but have you heard about free vulnerability testing? As part of its mission to protect the nation’s cyber infrastructure, the Department of Homeland Security’s Cyber-Infrastructure Security Agency (CISA) offers free vulnerability scanning to government, critical infrastructure, and private businesses.
Entrepreneurs wear a lot of hats. In addition to marketing their products, they’re responsible for operational functions like inventory, ordering, and the protection of customer data. Rather than managing all that millinery, some businesses turn to third-party service providers to run things behind the scenes. But what steps are those companies taking to secure the confidential consumer information in their possession?
As Veterans Day reminds us, no one knows better than members of the military why it’s critical to maintain a vigilant defense. The more than 2.5 million veterans who own small businesses can apply that principle at their companies, too. Hackers are looking to exploit weaknesses in data perimeters, and business owners can’t afford to lose time, money, and customer goodwill to a compromised network. Knowing some cybersecurity basics and putting them in practice will help you protect sensitive employee and consumer information and reduce the risk of a cyber attack.
You know that eerie feeling that someone is following your every move? If someone secretly installed a “stalking app” or “stalkerware” sold by Retina-X Studios, LLC, onto your mobile device, that strange sensation could be way more than a feeling. A complaint against the developer and marketer alleges violations of the FTC Act and the Children’s Online Privacy Protection Act Rule.
It’s International Charity Fraud Awareness Week, a global effort to help charities and donors avoid charity fraud. The FTC has united with state charities regulators, the National Association of State Charities Officials, and international partners in the campaign. By joining forces, we can reach more charities with information and advice. This year, the focus is on what charities can do to help defend against cyber threats.
How would we describe PrivacyCon 2020? Is it Burning Man without the flames? The New Orleans Jazz Festival – minus the jazz and the festival? The best way to know what PrivacyCon is all about is to mark your calendar for July 21, 2020, and attend the FTC’s fifth annual gathering of leading privacy researchers. And check out our Call for Presentations to see if PrivacyCon would be a good forum for your recent research.
Wondering what small and midsize businesses (SMBs) think about cybersecurity? Or maybe you work for a small or midsize business that would like to tell someone what you think. Here’s your chance. The Information Technology Sector Coordinating Council (IT SCC) and Department of Homeland Security (DHS) just released a voluntary survey about SMB cybersecurity practices – and they asked us to help get the word out.
According to musical legend, a buddy of songwriter Jim Weatherly commented that his girlfriend was leaving on the “midnight plane to Houston.” The buddy was Lee Majors of Six Million Dollar Man fame and his girlfriend (and later wife) was actress Farrah Fawcett. Mr. Weatherly filed the phrase away and later used it as inspiration for his megahit, Midnight Train to Georgia.
Patch your software. Segment your network. Monitor for intruders. According to tech experts, those are security basics for businesses of any size. But when you’re industry giant Equifax – a company in possession of staggering amounts of highly confidential information about more than 200 million Americans – it’s almost unthinkable not to implement those fundamental protections.
The FTC has been keeping a close watch on the Internet of Things since the Internet of Things became a thing to watch. That includes law enforcement actions against companies alleged to have sold vulnerable connected devices that put consumers’ sensitive information at risk. Affected devices could even become – in effect – zombies that do the bidding of malicious botnets that threaten the Internet.
Whether you’re taking the midnight train to Georgia, a quick trip on MARTA, or a drive around the Perimeter on your way to one of the many Peachtree Streets, meet us in Atlanta on Thursday, August 15, 2019, for Green Lights & Red Flags: FTC Rules of the Road for Business.
The stars are aligning – the privacy and security stars, that is. The FTC’s fourth PrivacyCon convenes today, June 27, 2019. Experts from around the globe will discuss their latest research into privacy and data security, and the consumer protection implications of their findings. Minutes before FTC Chairman Simons convenes PrivacyCon at 9:15 ET this morning, visit the event page to watch the webcast live. Join the discussion on Twitter, using the hashtag #PrivacyCon19.
In just a few years, the FTC’s PrivacyCon has become an Information All-Star Game, complete with panels as high-flying or power-hitting as the Slam Dunk Contest or Home Run Derby. (OK. High-flying and power-hitting if you’re a researcher, academic, or advocate interested in data security and consumer privacy.) The FTC just announced the agenda for the fourth annual PrivacyCon on June 27, 2019. Consult your calendar and save the date.
The domino principle. The ripple effect. The butterfly phenomenon. Apply the analogy of your choice to describe what happens when one software developer’s allegedly lax security practices result in the breach of confidential customer information maintained by multiple businesses that use the software.
Racing to finish your comment about proposed changes to the Safeguards Rule by the impending deadline? You can take a breather because the FTC has extended the deadline by 60 days.
It’s National Small Business Week, a time when we celebrate the businesses that make our communities thrive. For the FTC, it’s an opportunity to let business owners know that when it comes to protecting your business from cyber threats, you’re not alone. The federal government has resources to help you address common cyber threats and create a culture of cybersecurity at your company. The materials at FTC.gov/Cybersecurity were introduced last year in cooperation with DHS, NIST, and the SBA.
Kids love to play dress-up, but parents wouldn’t want them rummaging through the attic or climbing to the top shelf of the wardrobe without permission and proper supervision. The i-Dressup.com website offered users – including children – a virtual way to play dress-up and design clothes without those potential dangers.
Suppose a lunch companion says, “I think there’s something wrong with this tuna salad.” To determine if the problem is tuna not to their taste vs. tuna gone bad, would you scarf it down? Probably not. Now remove tuna salad from the example and substitute a web browser extension. (Stay with us here.) Let’s say you’ve been warned that an unknown extension could be used for fraud. Should you download it and let it marinate in your company’s network?