At a glance.
- A tension between innovation and regulation.
- The power sector's disclosure of cyber incidents rises.
- Securities and Exchange Commission's interest in disclosure.
National security vs. consumer interests, innovation vs. regulation?
A Dallas News editorial highlights the role of industry and innovation in cybersecurity and national security, warning that “elected leaders must be wary of the unintended consequences that may result from anti-competition policies.” Texas is a top state for tech, the piece contends, with 1 million cyber jobs, and plays a crucial role in sustaining the nation’s strategic advantage.
Wired examines the Federal Trade Commission’s (FTC’s) revised account of Facebook’s alleged monopoly power in the body’s amended complaint filed last week. The initial filing was tossed in June for presenting overly flimsy parameters. Facebook boasts a dominant market share according to industry analytics, the FTC now reasons, with “70 percent of daily active users.” The market is “personal social networking services,” where users can search for and connect with personal relations in a common space. This definition encompasses Snapchat but excludes TikTok, Twitter, Pinterest, and LinkedIn. Facebook also claims unusual profit margins, which weren’t tanked by scandals like Cambridge Analytica. When a company “can do things…customers don’t like without losing any business,” Wired explains, that’s market power. Wired thinks the new complaint will survive the first round of adjudication but “faces a long road.”
Mobile Dev Memo refers to the FTC’s amended definition of a social network as “intellectual acrobatics” while arguing that the FTC misunderstands the ad market in its assertions of “unnaturally high ‘advertising prices.’” Ad bids are made according to the value they deliver, Mobile Dev maintains, so weakening Facebook’s market capture would not benefit advertisers.
An increase in the power sector’s disclosure of cyber incidents.
The North American Electric Reliability Corporation’s (NERC’s) 2021 State of Reliability report found a ninety-six percent increase in cybersecurity incidents disclosed by utilities to the Electricity Information Sharing and Analysis Center (E-ISAC) in 2020, according to Star Phoenix. Ransomware reports went up one-hundred-seventy percent. As in many sectors, last year’s remote work trend expanded bulk power providers’ attack surfaces, and Holiday Bear’s attack shook up industry priorities.
SEC’s focus on disclosure of cybersecurity incidents.
Cooley evaluates the US Securities and Exchange Commission’s (SEC’s) new enforcement emphasis on transparent cybersecurity disclosures. In recent weeks, the SEC took action against First American Financial Corporation for inadequate communication between cybersecurity staff and company leadership, and against Pearson for misleading statements to the public about a breach and to investors about firm cyber risks. Both public announcements and risk disclosures, Cooley says, should be drafted with care to avoid the SEC’s ire.