Securing the IoT Ecosystem for Medical Devices
Industry experts discuss ways to increase security in medical devices, followed by a fully-catered networking reception.
Watch the Event Video >UCI Researchers Draft Legislation to Incentivize Better Cybersecurity
March 9, 2022
by Shani Murray
This vision of critical energy infrastructure crippled from a series of cyberattacks might read like a Hollywood screenplay, but it’s actually pulled from the Connecticut Insurance Law Journal. This scenario sets the stage for the article, “Uncle Sam RE: Improving Cyber Hygiene and Increasing Confidence in the Cyber Insurance Ecosystem via Government Backstopping,” written by Bryan Cunningham, executive director of UCI’s Cybersecurity Policy and Research Institute (CPRI), and Shauhin Talesh, a UCI law professor and director of UCI’s Law and Graduate Studies Program.
Uncle Sam Re: Improving Cyber Hygiene and Increasing Confidence in the Cyber Insurance Ecosystem via Government Backstopping
H. Bryan Cunningham and Shauhin A. Talesh
Published in the Connecticut Insurance Law Journal.
The year 2020 was a wake-up call, for the world and specifically for the cyber insurance ecosystem. The COVID-19 global pandemic reminded insurers, observers, and policymakers that actual or newly plausible attacks—including catastrophic cyberattacks—could pose existential threats to the cyber insurance ecosystem. This article examines this risk through a hypothetical catastrophic cyberattack, interviews with sixty participants across the cyber insurance ecosystem, and recent scholarly work. We find that the risk of a catastrophic cyberattack to the solvency of the global insurance ecosystem is real and that cyber insurers have not, as yet, fulfilled their promise to meaningfully improve our collective cyber hygiene. We examine several key reasons for these findings, including both a lack of data and of stability in the cyber insurance market, problems of attribution in cyberspace, and increasing uncertainty about the enforcement of war exclusions in cyber insurance coverage disputes. We offer a prioritized and interconnected set of proposals to shore up the cyber insurance ecosystem and incentivize needed improvements to our overall cyber hygiene.
(more…)ICS Students Train for Embedded Capture the Flag Competition
A team of students from UCI’s Donald Bren School of Information and Computer Sciences (ICS) spent the fall quarter preparing for battle. Computer Science Professor Ian Harris has been training the students, who will participate from January to April 2022 in the MITRE Embedded Capture the Flag (eCTF) competition. The team will spend the first two months designing and implementing a secure system, and they will spend the final month analyzing and attacking the other teams’ designs.
(more…)9/11 and Government Changes
Spectrum News 1
from Brian Calfano
Nirvana members sued for ‘sexual exploitation’ over naked baby album art
Posted August 25, 2021
A man who appeared as a naked baby on the cover of Nirvana’s 1991 “Nevermind” album has filed a lawsuit against the surviving members of the influential band, alleging the image was child sexual exploitation.
Watch video at Reuters.com
Does Spencer Elden, the ‘Nevermind’ baby suing Nirvana for alleged child pornography, have a case? Legal experts weigh in
Lyndsey Parker·Editor in Chief, Yahoo Music
August 25, 2021
Nirvana fans could be forgiven for thinking they were reading The Onion this week when the news broke that Spencer Elden, who as an infant was photographed naked in a swimming pool for Nirvana’s iconic Nevermind album cover, is suing the band, claiming that the famous image constitutes child pornography.
Read the full story on Yahoo Music.
Computer Tips From UCI’s Cybersecurity Institute
By Kevin Costelloe
August 23, 2021
Working from home has become the norm for many firms over the past year and a half; it’s also provided a wealth of opportunities for hackers and other criminals to carry out ransomware, corporate espionage, and other forms of havoc on employees and employers who aren’t on top of their virtual security game.
Read the full story in Orange County Business Journal
TikTok insiders say social media company is tightly controlled by Chinese parent ByteDance
Andrew Harrer | Bloomberg | Getty Images
PUBLISHED FRI, JUN 25 20214:31 PM EDT | UPDATED FRI, JUN 25 20218:09 PM EDT
by Salvador Rodriguez
One cybersecurity expert said it could expose users to information requests by the Chinese government. “If the legal authorities in China or their parent company demands the data, users have already given them the legal right to turn it over,” said Bryan Cunningham, executive director of the Cybersecurity Policy & Research Institute at the University of California, Irvine.
Read the full story at CNBC
Fighting Insider Abuse After Van Buren
By Bryan Cunningham, John Grant, Chris Jay Hoofnagle
Friday, June 11, 2021, 12:53 PM
The U.S. Supreme Court’s decision in Van Buren v. United States on June 3 was a significant victory for civil liberties groups, researchers, the defense bar and others troubled by the broad reading of the Computer Fraud and Abuse Act (CFAA) urged by the government. Writing for the majority, Justice Amy Coney Barrett correctly, in our view, struck down the “broad” view of the CFAA in a 6-3 vote. The majority rejected the government’s expansive interpretation of the statute that would have empowered private companies, simply by the way they drafted employee policies or terms of service, to criminalize “a breathtaking amount of commonplace computer activity.” The Van Buren decision established that, going forward, to violate the CFAA, a user must access data from part of a device or network to which the user is not permitted access. This is a far steeper bar than the government’s preferred reading of the CFAA, which would have criminalized “misuse” of data—to which the user had authorized access—under policies dictated by the data owner.
(more…)