At a glance.
- Singapore is on alert for potential electoral interference.
- The US CFPB will regulate data brokers.
- CISA works toward guidance for cloud providers.
Singapore is on alert for potential electoral interference.
According to Channel News Asia, government agencies in Singapore are urging presidential candidates and their campaigns to be alert for foreign attempts to influence the elections scheduled for September 1st. The Ministry of Home Affairs (MHA), Cyber Security Agency of Singapore (CSA), and the Elections Department (ELD) said in a joint news release that Singapore wasn't immune from foreign attempts to "manipulate domestic politics through covert and deceptive means." The threats envisioned extend to both disinformation and cyberattacks proper.
The US CFPB will regulate data brokers.
Reuters reports that the U.S. Consumer Financial Protection Bureau (CFPB) will begin regulating data brokers. The Bureau's director, Rohit Chopra, said, "The CFPB will be taking steps to ensure that modern-day data brokers in the surveillance industry know that they cannot engage in illegal collection and sharing of our data." The new regulatory system will bring more companies under the scrutiny of the Fair Credit Reporting Act. The CFPB's decision is informed by a study finished in March, which concluded that data brokers gave information about consumers "in financial distress" to other companies who then pushed "predatory debt products" at vulnerable debtors.
CNBC explains that the CFPB also sees the growing capabilities of artificial intelligence as lending urgency to more effective consumer protection. Chopra said, at a White House roundtable devoted to the issue, "Artificial intelligence — or the technologies that market themselves as that — and other predictive decision making, is relying on even more massive amounts of data to feed those algorithms and that’s creating financial incentives for even more surveillance and more intrusive data collection.” A final rule will be proposed for public comment soon, after incorporation of feedback from businesses.
CISA works toward guidance for cloud providers.
CISA is close to issuing guidance on configuration baselines for selected, widely used cloud products, including Microsoft 365 and Google Workspace. The effort has been long in progress, antedating incidents like the Chinese cyberespionage campaign recently discovered. Grant Dasher, the architecture branch chief for the Office of the Technical Director for Cybersecurity at CISA, said guidance would soon be issued for Microsoft 365 in particular. The overarching effort is CISA's Secure Cloud Business Applications (SCuBA) project. “The other thing that the SCuBA project includes, and I think probably the most valuable in my opinion, are the baselines and the tool that we developed for assessing compliance with those baselines,” Dasher said yesterday, as quoted by Meritalk. “These baselines are very prescriptive, very specific, and we released a version for feedback to the community last fall, and I’m happy to say we’re nearing in the next short period of time releasing an updated finalized version one of those SCuBA baselines.”