The True Cost of a Security Breach
In this research paper, I look at the total costs of six major data breaches, including the impact on income and stock prices.
I'm a veteran journalist with more than 20 years of experience writing about technology and the intersection of technology and public policy. My stories have appeared on the websites of PCWorld, Computerworld, the New York Times, the Washington Post, ABC News, and in CIO magazine.
I've worked as a tech-focused freelance writer and editor for much of the last seven years. I've written stories for Dark Reading, for HPE's Enterprise.nxt tech trends website, for IBM's SecurityIntelligence.com, for the Washington Examiner, and for ServiceNow's new Workflow magazine. As a freelancer, I've written extensively about artificial intelligence, cybersecurity, and tech policy.
I've also written white papers, op-ed pieces, marketing materials, and blog posts for several other organizations, including the Internet Society and the Internet Engineering Task Force.
Previously, I worked as senior editor at IDG News Service, the internal wire service at IDG, publishers of PCWorld, MacWorld, Computerworld, and many other prominent tech news websites. I served as the Washington, D.C., correspondent there for nearly 13 years.
I've covered net neutrality fights in the U.S. Congress and the Federal Communications Commission, revelations of mass surveillance programs at the National Security Agency, and huge online protests over a controversial online copyright enforcement bill.
As a tech policy expert, I've appeared on C-SPAN and the giant NTN24 Spanish-language cable news network.
From someone who has edited hundreds of my stories: Grant is "an exceptional reporter, an especially strong writer, both on impossible deadlines and with analysis and other long-form stories, and a talented editor. His long-time direct supervisor refers to him as 'unflappable,' and I can think of no better way to describe his demeanor. We should all aspire to be so cool. Harried editors take note: Grant is a dream to edit, the sort of reporter you will wish again and again that you could clone."
From another editor: "Grant is one of the top journalists I’ve worked with in my career. He’s a total pro and can do it all: reporting, writing, and editing. As a reporter and writer, he is fast, accurate and has a knack for quickly digging up sources on just about any topic. Over the years, as the IDG News Service’s Washington correspondent, he developed a deep understanding of the technology policy issues that have risen to the top of the national consciousness. He is unflappable, thoughtful and conscientious ... It’s been a godsend to work with a journalist like Grant, who seems to have had the uncanny ability to anticipate the needs of the news team on a daily basis."
My other interests include video gaming, music and bass guitar, baseball and the Baltimore Orioles.
Contact me: [email protected].
In this research paper, I look at the total costs of six major data breaches, including the impact on income and stock prices.
A group of Chinese researchers has claimed to be able to break a widely used encryption scheme with a quantum computer that already exists, creating a possible boon for surveillance and a crisis for data protection.
In December 2020, the U.S. Cybersecurity & Infrastructure Security Agency to U.S.
OpenAI's ChatGPT conversational artificial intelligence tool is capable of doing many things, with users demonstrating how it can write essays for students and cover letters for job seekers. Cybersecurity researchers have now shown it can also be used to write malware.
The contentious debate about net neutrality in the U.S. has sparked controversy over a lack of funding transparency for advocacy groups and think tanks, which critics say subverts the political process. News stories from a handful of publications in recent months have accused some think tanks and advocacy groups of "astroturfing" -- quietly shilling for large broadband carriers.
After a spate of news stories about alleged "astroturf" advocacy in a contentious U.S. net neutrality debate, the IDG News Service looked into the funding transparency of several think tanks and advocacy groups involved in the issue. Several disclose limited or no information about their funding.
Hackers could target e-voting machines' software update systems or simply try to delegitimatize the election
After the criminal prosecution and sentencing of former Uber CSO Joe Sullivan, some security leaders express concerns about the implications for their roles.
As with many other aspects of life and business, 2022 held fewer overall surprises in cybersecurity than in recent years - thank goodness. Instead, many trends brewing over the past few years began to take clearer form. Some were unexpected,...
A debate in the U.S. about whether the National Security Agency should end its bulk collection of U.S. telephone and business records has come down to an argument over the meaning of the word "bulk." A year after the first leaks by former NSA contractor Edward Snowden were published, it appears that already scaled-back proposals to limit the NSA's bulk collection of U.S.
For Internet activists, last week's Web protests against two controversial copyright enforcement bills were a huge victory against three powerful and well-funded trade groups that pushed hard for passage of the Stop Online Piracy Act and the Protect IP Act.
More than 2,000 U.S. companies would be forced to stop handling EU residents' data, at least temporarily, if the EU scraps Privacy Shield. Privacy Shield, the year-old agreement that allows U.S. companies to handle the personal data of people living in the European Union, may be in jeopardy as Congress debates an extension of a controversial surveillance law.
Fake news doesn't seem to be going away anytime soon, and some entrepreneurs are targeting false news reports with new services designed to alert readers. Some countries have pushed for new laws to criminalize the creation of fake news - raising questions about government censorship - but these new fake news fighters take a different ...
Clubhouse, the invitation-only audio chat app launched nearly a year ago, has run into a security problem, with one user sharing audio chats outside the user base. Clubhouse hasn't offered details of the privacy breach, although it has said that recording or streaming audio without the speaker's permission is against the app's terms of service.
There's a joke that goes something like this: How do you make a little money in the online news business? The punchline: Start with a huge pile of money, and work your way down from there. It seems the same joke would work for the online comedy business, judging by the layoff news coming out ...
15 Jul 2022 As the world slowly recovers from COVID-19, in-person meetings at IETF and other organizations are coming back. "When being asked how Internet is designed, I say a lot of thinking is done in a pub," he wrote on LinkedIn.
Businesses will soon face new limits on how they use applications and services powered by artificial intelligence. They can thank European Union regulators who will require them, starting in May, to justify decisions made by artificial intelligence that impact European residents. The EU's General Data Protection Regulation takes effect May 25, 2018.
Surveillance programs deemed by supporters as the "crown jewels" of the intelligence community rely on a U.S. law that expires in December. As some lawmakers push for a permanent extension that overrides the law's year-end sunsetting, others are pushing for a revamp, arguing that it authorizes Internet-based surveillance that violates the privacy of millions of people.
Recently, President Trump threatened to ban the Chinese-owned social media platform TikTok, saying the popular short-form video app presents a security threat. Trump hasn't detailed his security concerns about the app, which is owned by Chinese company ByteDance, and some users say it doesn't collect more personal information than many other mobile apps.
Privacy advocates fear that a new Senate proposal aimed at combating the exploitation of children would lead to new government rules that weaken encryption protections for internet users. The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act, draft legislation circulated by Sens.
With the right to privacy the subject of significant regulation, AI analytics will be under increasing scrutiny. Experts say companies using AI with personal data must focus on GDPR and HIPAA, but long term, companies can expect governments and people affected to increasingly push for audits and explanations of AI decisions.
Last month, as the federal government halted operations for the second time in five years , you may have wondered whether federal cybersecurity workers tasked with fighting global computer threats like WannaCry , NotPetya , and Mirai were told to stay home. Many certainly were in 2013, when the government closed shop for 17 days .
How will the Internet of Things be impacted by the recent repeal of 2015's net neutrality rules? Explore both sides of the debate. The U.S. Federal Communications Commission's recent repeal of its 2015 net neutrality rules could spur the growth of the Internet of Things (IoT), at least according to some critics of the regulations.
Privacy and civil-liberties advocates were dealt a big hit last week, when the U.S. Congress reauthorized a set of controversial NSA surveillance practices for six years and added provisions to expand them.
Cybersecurity experts and privacy advocates have spent the summer under attack from a policy zombie that just won't go away. Government officials from Australia, the United Kingdom, France, and Germany have called for technology vendors to build work-arounds into their end-to-end encryption services , despite strong opposition.
A contentious piece of U.S. law giving the National Security Agency broad authority to spy on people overseas expires at the end of the year. Expect heated debate about the scope of U.S. surveillance law leading up to Dec. 31. One major issue to watch involves the way the surveillance treats communications from U.S.
Aaron Gach wasn't expecting U.S. Customs and Border Protection agents to demand to search his smartphone when he returned to San Fransisco from Belgium in February. The artist and magician, a U.S. citizen, had just attended an art event near Brussels and was targeted for advanced screening by CBP after his flight landed in the U.S.
Weeks before the FBI sought a court order forcing Apple to help it break into an iPhone used by one of the San Bernardino gunmen, a sister agency in the Department of Justice was already using an Israeli security firm's technology to attempt to crack a similar device.
Can an organization really cut development time more than 70 percent by embracing the agile philosophy and open architecture? The intelligence-gathering arm of the U.S. Air Force says it's done just that.
It looks good on paper: A bill under consideration in the U.S. Senate would encourage businesses and government agencies to share information about cyberattacks. But critics of the Cybersecurity Information Sharing Act argue that it would allow the NSA and FBI to get their hands on personal information held by businesses.
Repealing the U.S. Federal Communications Commission's less than two-year-old net neutrality rules appears to be a top tech priority for President-elect Donald Trump, but it may not be an easy road. Trump blasted net neutrality rules in a November 2014 tweet, saying it was a "top-down power grab" that would apparently require broadband providers to give equal time to liberal and conservative media.
Most election prediction shops and public polls in recent days foresaw Republican Donald Trump losing the U.S. presidential race to Democrat Hillary Clinton. They got it wrong, bigly. And the failed predictions could cast doubts on some hot technology sectors, including big data and customer relationship management.
As the U.S. heads toward an especially contentious national election in November, 15 states are still clinging to outdated electronic voting machines that don't support paper printouts used to audit their internal vote counts. E-voting machines without attached printers are still being used in a handful of presidential swing states, leading some voting security advocates to worry about the potential of a hacked election.
Smart guns may not prevent many mass shootings, but advocates say they could cut into the 20,000-plus gun-assisted suicides the United States counts each year, as well as limit the black market for stolen firearms. Gun owners can already buy gun safes or mechanical trigger locks, Stokes says.
No middle ground seems to exist in the ongoing debate over how law enforcement access to encrypted communications would play out in the United States and other countries. On one side of the debate, the FBI and other law enforcement agencies want better access to the digital communications of suspected criminals.
Opponents of the controversial Cybersecurity Information Sharing Act are divided on how to proceed, after Congress on Friday approved the measure, which encourages U.S. businesses to share customer information with government agencies. Some privacy and digital-rights groups called on President Barack Obama to veto the $1.15 trillion, 2,000-page spending bill that CISA was tacked on to this week, even though a veto could lead to a government shutdown.
Donald Trump, the Republican nominee for U.S. president, has antagonized much of the tech industry by opposing free trade and immigration but has otherwise nearly ignored this vital segment of the nation's economy. As Republicans meet in Cleveland this week to officially declare Trump as their presidential candidate, several tech groups have called on him to release a tech agenda.
Although the National Security Agency, in complying with USA Freedom Act, scaled back its practice of collecting bulk telephone records at the end of November, many privacy advocates remain concerned.
WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016. Some of the Android exploits were developed by the CIA, while others came from the U.S.
One of the most contentious disagreements in the net neutrality debate in the U.S. over the past year has been over whether the new rules adopted by the Federal Communications Commission amount to regulation of the Internet. Critics have blasted the new rules, saying they amount to "unprecedented" regulations and a government takeover of the Internet.
The U.S. Senate voted overwhelmingly to approve CISA, but privacy advocates say there's still time to change the bill before President Barack Obama signs it. Even as the U.S. Senate passed the controversial Cybersecurity Information Sharing Act this week, privacy advocates were plotting how to limit the amount of customer information companies will be able to share.
The U.S. Federal Communications Commission's new net neutrality rules allow the agency to police future network management practices and business models rolled out by broadband providers, raising concerns among critics that an activist commission will inject itself into ISP board rooms. The so-called future conduct standard in the FCC's new rules leave questions about what ISP practices the agency will allow, critics say.
U.S. tech companies should retain access to the encrypted information of their customers, instead of providing end-to-end encryption, in order to give police the tools they need to investigate crimes and terrorist activity, two senior law enforcement officials said. The U.S.
The net neutrality debate in the U.S. over the past year has been filled with hyperbole, speculation and questionable claims, coming from both sides of the debate. Let's look at some of the hype and compare it to what we know from the U.S.
When the U.S. Federal Communications Commission announced its proposal to reinstate new net neutrality regulations that would allow broadband providers to engage in commercially reasonable traffic management, the agency set off a firestorm of protest from digital rights groups, Internet commentators and bloggers. One problem, though: People freaking out about the proposal haven't actually seen it yet.
A spate of recent news stories have revealed that a wide variety of lobby groups have financial ties to broadband carriers and trade associations, accusing them of faking grassroots opposition to strong net neutrality rules. The recent coverage from news organizations has overwhelmingly targeted a lack of funding transparency in groups opposed to strong net neutrality regulations.
The U.S. Federal Communications Commission's net neutrality rules violate the free speech rights of broadband providers because the regulations take away their ability to block Web traffic they disagree with, one ISP has argued. The FCC's net neutrality rules take away broadband providers' First Amendment rights to block Web content and services, ISP Alamo Broadband argued to an appeals court this week.
The chief sponsor of the Cyber Intelligence Sharing and Protection Act (CISPA) in the U.S. Congress has ignited a Twitter storm by suggesting many opponents of the proposed cyberthreat sharing bill are 14-year-olds in basements.
Nine privacy groups plan to withdraw from U.S. government-hosted negotiations to develop voluntary facial-recognition privacy standards because the groups feel the process won't lead to adequate privacy protections. Industry representatives at the talks have been pushing to limit consumer control over the facial recognition data collected, the groups said in a letter to be released Tuesday.
The punishment AT&T received this week from the U.S. government for its sloppy protection of customer data is peanuts and won't scare other companies into taking stronger security measures, some cybersecurity experts said. The $25 million settlement with the U.S.
After the U.S. Congress approved what critics have called modest limits on the National Security Agency's collection of domestic telephone records, many lawmakers may be reluctant to further change the government's surveillance programs. The Senate this week passed the USA Freedom Act, which aims to end the NSA's mass collection of domestic phone records, and President Barack Obama signed the bill hours later.
Advocates trying to speak for regular Internet users were basically told to sit down and shut up during a "public" workshop on digital rights management dominated by IT heavyweights and Big Hollywood at the U.S. Department of Commerce Wednesday.
It started with a reader asking what the heck has happened to LinuxOne, the mysterious company that many in the Open Source community accused of trying to cash in on the Linux IPO craze of late 1999.
Passport is Microsoft's online wallet service, to which you're supposed to sign in once and shop online feeling all secure forever after. Except, perhaps, in Maryland, where the local version of the UCITA law, which Microsoft itself worked to pass, conflicts with Passport's terms of use so heavily that Maryland residents are apparently not eligible to use Passport.
Linux users can choose among a distribution-specific hands-on training and certification program ( Red Hat), a test-and-training combo ( Sair Linux and GNU Certification), or a community-driven test where you choose your own training (Linux Professional Institute). Another cottage industry of Linux training companies has sprung up around the certifications.