The United States Congress made some significant progress this session when it comes to data privacy, but cybersecurity remains a blind spot for lawmakers. Congress currently is considering a national privacy law that mirrors legislation enacted in the European Union. It would allow people to access, correct and request the deletion of the personal information collected from them.

Sundar Pichai, CEO of Google and parent company Alphabet, called for government regulation of artificial intelligence technology in a speech at Bruegel, a think tank in Brussels, and in an op-ed. There is no question in Pichai's mind that AI should be regulated, he said. The question is what will be the best approach. Sensible regulation should balance potential harm with potential good.

Cybersecurity is a very serious issue for 2020 -- and the risks stretch far beyond the alarming spike in ransomware. In addition to the daily concerns of malware, stolen data and the cost of recovering from a business network intrusion, there is the very real danger of nefarious actors using cyberattacks to influence or directly impact the outcome of the 2020 U.S. general election.

After 10 years of fully supporting Windows 7, Microsoft ended its official support for the out-of-date Windows operating system on Tuesday. The popular classic Windows 7 OS still runs on some 200 million PCs around the globe, according to industry estimates. Users include small business owners, some larger companies, and hordes of consumers holding onto aging personal computers.

As most security pros know, application containers -- Docker, rkt, etc. -- and the orchestration elements employed to support them, such as Kubernetes, are used increasingly in many organizations. Often the security organization isn't exactly the first stop on the path to deployment of these tools. If it was in your shop, consider yourself one of the lucky ones.

Arduino announced a new low-code Internet of Things application development platform at CES 2020 in Las Vegas. It also introduced the low-power Arduino Portenta H7 module, a new family of Portenta chips for a variety of hardware applications. Arduino has achieved prominence as a go-to developer of an innovation platform for connecting IoT products.

Ransomware tops the list of cybersecurity threats for 2020. While there have been efforts to convince individuals, corporations and municipalities not to pay ransoms, the simple fact is that whenever one is paid, the attack becomes a success that encourages cyberthieves to try again. Ransomware attacks increased 18 percent in 2019, up from an average 12 percent increase over the past five years.

If you're turned off by the mere thought of talking heads vying to speak the loudest or the longest in a TV "discussion" of some pressing issue of the day, read on for a refreshing dose of sanity. ECT News Network recruited five smart people with plenty to say about the state of technology, and we gave them plenty of time to say it. The result is a far-ranging intercourse.

Amazon, Apple, Google and the Zigbee Alliance are teaming up on a new Internet Protocol-based standard for smart home device connectivity. Connected Home over IP will be an open source project. A working group will define a specific set of IP-based networking technologies for device certification. The goal is to enable communication across smart home devices, mobile apps and cloud services.

Cybersecurity incident response teams have choices when it comes to communication tools: Microsoft Teams, Slack, Zoom and numerous others. Some require a subscription or commercial license -- others are free. Some are niche tools specifically designed for incident response. Some are generic business communication tools that IR teams have adapted for use during a cybersecurity incident.

The technology one-upmanship between the United States and China is fast becoming the new space race. There's been a lot of talk in the press about the competition to reach 5G, but little traction outside of the tech community about something more momentous: the dangers of computing in a post-quantum world. The recent news from Google about its quantum capabilities is exciting.

If you're like most security pros, chances are you're starting to get frustrated with microservices a little -- or maybe a lot. Microservice architectures -- that is, architectures that leverage REST to build a number of small, distributed, modular components -- are powerful from a software architect's point of view. Want to make a change to a component quickly? Add new functionality?

Microsoft will end support for Windows 7 on Jan. 14, 2020. Windows 7 will continue to run on Jan. 14 as it did on Jan. 13. So why is it so important to upgrade to Windows 10? The answer: cybercrime. End of support means that Windows 7 no longer will receive the OS patches or security updates that keep your IT systems safe. Uusing an unpatched out-of-date system is like leaving the door wide open.

A few years ago, putting the words "mobile telecoms security" in the title of an article would be a license to write whatever you wanted below, because no one was likely to read any of the words after the title. Sprinkling the magic ingredient 5G has changed this, and "5G security" is a hot topic now. What has changed? There is a geopolitical aspect to 5G security, but it is not the full story.

Developers have patched a vulnerability in Sudo, a core command utility for Linux, that could allow a user to execute commands as a root user even if that root access was specifically disallowed. The patch prevents potential serious consequences within Linux systems. However, the Sudo vulnerability posed a threat only to a narrow segment of the Linux user base, according to Todd Miller, a maintainer of the open source Sudo project.

Online tech support scams have been on the rise for the past decade, as hackers found new ways to trick consumers into providing remote access to their computers in order to steal information. This tried-and-true scam currently relies on sophisticated social engineering, fueled by detailed user information that creates enough credibility to dupe even the most savvy and skeptical users.

Since the dawn of the Internet age, criminals have looked for ways to profit on unsuspecting people while they browse the Web. Viruses, malware and other schemes were invented to infect and infiltrate systems, both at the enterprise and consumer levels. One of the most successful forms of cybercrime is social engineering, also known as the con man of the Internet.

Stopping cyberattacks requires diligent behavior. One of the themes of this year's National Cyber Security Awareness Month, or NCSAM, is that all computer users should take steps to Secure IT. That means shaking up the passphrase protocol by using not just strong passwords but strong and unique passphrases. Everyone should double login protection through multifactor authentication.

If you've ever played chess, you know that each move you make has to be the best move. At one level, this is painfully obvious -- after all, who would choose to make a terrible move instead of a better one? -- but it's illustrative of an important concept. Specifically, the core reason it's true is that each individual move in a game like chess comes with an associated "opportunity cost."

Cybersecurity should be a concern for all businesses -- large and small. Cybersecurity also should be a concern for consumers, government agencies, and basically anyone who relies on the Internet in our increasingly connected world. Among efforts to focus attention on the threatscape is designating October as National Cyber Security Awareness Month.

Users of a multi-cloud storage strategy may be twice as likely to face a security breach as those that use hybrid or single clouds, suggests a report from UK-based security specialist Nominet. Fifty-two percent of survey respondents who adopted a multi-cloud approach suffered a data breach over the past 12 months, compared to 24 percent of hybrid cloud users, and 24 percent of single-cloud users.

Hackers affiliated with the Chinese government have been making a concerted effort to steal medical research, particularly cancer research, from U.S. institutions. The step-up in medical research theft by Chinese APT hacker groups appears to be linked to China's growing concern over cancer mortality rates and increasing healthcare costs. Cancer in the leading cause of death in China.

They say that the key to good security is constant vigilance. As a practical matter, this means that it's important for security and network pros to pay attention to two things: changes in the threat landscape, so they can be on the alert for how their systems might be attacked; and changes and developments in the technologies they employ. These consequences matter quite a bit.

Owners of iPhones looking for an extra measure of protection when using applications and logging into websites can get it with a new dongle from Yubico. Its new YubiKey 5Ci, which retails for $70, supports both USB-C and Apple's Lightning connectors on a single device. The dual connectors can give security-conscious consumers and enterprise users strong hardware-backed authentication.

Numerous driver design flaws by 20 different hardware vendors expose Microsoft Windows users to widespread security compromises that can cause persistent malware attacks. A report titled "Screwed Drivers," which Eclypsium security researchers presented at DEF CON, urges Microsoft to support solutions to better protect against this class of vulnerabilities.

Researchers associated with vpnMentor, which provides virtual private network reviews, discovered a data breach involving nearly 28 million records in a BioStar 2 biometric security database belonging to Suprema. "BioStar 2's database was left open, unprotected and unencrypted," vpnMentor said. "After we reached out to them, they were able to close the leak."

The Russian hacking group known for stealing sensitive emails from the Democratic National Committee during the 2016 presidential election season has been cracking into printers, phones and video decoders to gain access to corporate networks, the Microsoft Security Response Center Team reported. The group is known by a number of names including "Strontium," "Fancy Bear" and "APT 28."

Capital One Financial Corporation has announced a data breach affecting some 100 million people in the U.S. and another 6 million in Canada. The FBI arrested the alleged perpetrator of the breach in Seattle. Capital One on July 19 discovered someone had accessed its data stored online and obtained personal information of credit card customers and people who had applied for credit card products.

The United States Federal Trade Commission announced that Equifax has agreed to pay a minimum of $575 million as part of a global settlement of claims against it arising from a 2017 data breach that affected 147 million Americans. The settlement with the FTC, the Consumer Financial Protection Bureau, and 50 states and territories potentially could reach $700 million.

Every day we read stories about data breaches and cyberattacks on business and government websites, and the resulting the loss of personally identifiable information. Cybercrime is on the rise, and given the ever-evolving methods of attack, meaningful relief and reliable measures to fend off cybercriminals are unlikely in the foreseeable future. Companies need to insure against cybertheft.