The Canadian Chamber of Commerce endorses a cyber certification program for business, Australia goes after encryption and Android update is coming.
Welcome to Cyber Security Today. It’s Friday December 7th. To hear the podcast, click on the arrow below:
Business these days want to give customers an idea that the personal data they’re holding is protected. There’s a way they can: Being certified under the Cyber Essentials program run by an arm of the New Brunswick government. The Canadian Chamber of Commerce thinks the program is good enough that yesterday it endorsed it. Now the roughly 200,000 business across the country who are members of chambers of commerce and boards of trade will get a discount on the cost of being certified. Certification involves proving to an independent auditor that the company has implemented five cyber security controls. Then they get to display the Cyber Essentials logo on their website and marketing materials. Certification doesn’t guarantee a company won’t suffer a data breach. But it should give consumers assurance a company is at least taking basic steps
For more on this click here to see my full story on ITWorldCanada.com.
For several years police and intelligence agencies in democratic countries have complained encryption in consumer email and text products and smart phones could imperil criminal investigations. Privacy advocates have been fighting pressures for tech and communications companies to put back doors into products so police can unscramble messages, either with or without a court order. Now Australia has passed a law giving the government the power to compel companies to help access suspect devices or services. Companies won’t have to install back doors, but they will have to help try to decyrpt communications. A number of other countries are looking at the problem and trying to figure out solutions. In Britain, two members of an intelligence agency have suggested laws be changed to allow Internet providers and cellphone companies to silently add a law enforcement agency to join a private communication. The communication would still be encrypted, but people wouldn’t know someone else is listening in.
Presumably this would be done with a court order. Expect to hear more ideas from governments in the near future.
Finally, if you have a recent Android phone be on the lookout for security updates to the operating system. If you have a Google Pixel or Nexus device they should be installed automatically. Otherwise, you may have to wait until the updates are cleared by your phone manufacturer and your cellular provider.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.
Sponsor: Micro Focus
How GDPR can be a strategic driver for your business