The Cyberspace Administration of China (CAC) recently issued draft “Security Assessment Measures for the Cross-Border Transfer of Personal Information and Important Data.” The draft comes in the context of the Chinese Cybersecurity Law, which is scheduled to be implemented on June 1, 2017.  The National Security Law of China likely also influenced this draft. 

With rapidly evolving cyber threats, cybersecurity is an ongoing priority for the U.S. Government. In a major announcement this week, the General Services Administration (GSA) hailed a new, government-wide enterprise software acquisition agreement for best-in-class, data-centric security, and electronic signature solutions with Adobe. The agreement will help agencies better meet compliance requirements with current information security and electronic government policy recommendations, and it is focused on driving strategic IT resourcing across the government. In the wake of the high-profile hack of federal IT systems and the theft of data on millions of Americans last year, SIIA hosted an event on Capitol Hill featuring Members of Congress, Hill staff, and industry who all discussed how data-centric security measures could be used to better protect federal information and information systems.  This announcement demonstrates that the Government recognizes the need to implement c ...

Last week, the U.S. Chamber of Commerce released a report entitled, Preventing Deglobalization: An Economic and Security Argument for Free Trade and Investment in ICT.  Given the Brexit vote earlier this year, the G-20 Summit earlier this week, and both major U.S. Presidential candidates’ vocal disapproval of trade deals, this report comes at an excellent time to counteract the public’s declining faith in globalization.   Concerns stemming from the results of a globalized ICT economy are not unjustified.  Some countries have adopted protectionist policies in an attempt to foster their own competitive economies in the global marketplace, and others have done it with national security in mind to ensure that globalized products do not contain malware inserted by a foreign country or company to conduct cyber theft or espionage.  These are both fair reasons for wanting to adjust policy to remedy these concerns.  However, as the Chamber’s report ...

For educational agencies, institutions, and third-party service providers, protecting student information from unauthorized use or access is paramount. SIIA believes that every party handling student data should implement and maintain strong administrative, physical, and technical safeguards reasonably designed to protect the types of information they hold. For years, third-party service providers have been maintaining strong security measures for two big reasons. First, it is in the best interest of an education service provider to act in the best interest of students and schools, including by using information only for the educational purposes tasked with and maintaining strong security measures. The digital instructional materials and educational software industry is highly reputational. Success and failure is built not just on product efficacy and improving student outcomes but trust between providers and the students, schools, and parents they serve. Second, school service p ...

On Tuesday, November 17th, SIIA hosted an event on Capitol Hill that featured Members of Congress, Hill Staff, and Industry who were all charged with the task of explaining how data-centric security measures could be used to protect federal information and information systems.  In light of recent attacks on federal IT systems and the data theft of millions of Americans, this subject is of heavy importance for citizens and national security.