At a glance.
- Nordic countries establish a shared cybersecurity plan.
- Remedying the US’s cybersecurity regulatory issues.
- TikTok prepares for congressional hearing.
Nordic countries establish a shared cybersecurity plan.
Computer Weekly reports that the Nordic countries have agreed to implement a common cyberdefense strategy. At the Nordic Council’s Presidium in December, leaders decided to expand the purview of the Nordic Defence Cooperation, or NORDEFCO, the inter-state military-led joint action coordination agency, to include the establishment of unified cybersecurity measures. As part of the Nordic Defence Cooperation’s Defence Vision for 2025, the alliance will analyze existing cooperation models in order to determine a framework that will support the sharing of deep intelligence and joint responses to cyberthreats. The Nordic Council will serve in a support role, with Norway in the chair as rotating head. Since October 2022, there’s been a rise in both the number and the strength of cyberattacks targeting Nordic countries. In January 2023 a series of attacks impacting government departments and banks led Sweden, Norway, and Finland to raise their cyber threat levels to amber, and Denmark placed its threat level at high. Áslaug Arna Sigurbjörnsdóttir, Iceland’s minister of higher education, science and innovation, stated, “It is important that Nordic countries, neighbours and partners strengthen joint cooperation on cyber security. Aside from the security aspect, we can use cyber security as a cornerstone to drive innovation and boost development of the Nordic region’s competitiveness.”
Remedying the US’s cybersecurity regulatory issues.
There were over seventeen hundred organizational data breaches last year alone, exposing the data of more than 392 million individuals worldwide. Because breach notification and privacy laws in the US are established at state level, there is a lack of consistency in data handling requirements as well as reporting. The World Economic Forum discusses potential solutions to the US’s patchy regulation system. For one, the adoption of a nationwide regulatory framework like the EU’s General Data Protection Regulation would standardize reporting rules as well as breach response protocols. As well, increased collaboration between regulators and insurers could result in cyber insurance risk assessment models that more accurately reflect the current threat landscape. And finally, rewarding the implementation of data protections would incentivize smart security practices, providing organizations with the motivation to take the necessary steps to secure sensitive data.
TikTok prepares for congressional hearing.
In the latest addition to the wave of TikTok bans across the globe, the Dutch Interior ministry announced yesterday that Dutch civil servants will be prohibited from using the popular Chinese-owned video streaming app on their work devices, Reuters reports. The ministry stated that it discourages the use of apps from “countries with an aggressive cyberprogram targeted at the Netherlands or Dutch interests” on all government devices.
TikTok CEO Shou Zi Chew is set to speak before US Congress tomorrow to defend the trustworthiness of the app, and in advance of the hearing, the company has launched a campaign informing users about the threat of a US ban and asking them to defend the app. In a minute-long video posted on TikTok's official account, Chew offers a preview of the points he’ll likely make at the Congressional hearing, and he points out that TikTok has 150 million American users: “That’s almost half of the US coming to TikTok…The majority of these are small and medium businesses.” He goes on to ask users to “let me know in the comments what you want your elected representatives to know about what you love about TikTok.”
The Verge notes that the move is unusual for TikTok, which has historically maintained a relatively low profile, focusing instead on convincing lawmakers of the app’s security and credibility and updating its content moderation policies. For instance, as the Verge reports, earlier this week TikTok expanded its content rules on posting “synthetic and manipulated media.” This is referring to the growing popularity of sharing AI deepfakes on the platform, which TikTok had previously addressed with a short warning banning content that could “mislead users by distorting the truth of events [or] cause significant harm to the subject of the video.” The update states that all realistic AI-generated or -edited content must be “clearly disclosed” as such, and any synthetic media “that contains the likeness of any real private figure” or that shows a public figure endorsing a product or violating the app’s other policies is prohibited. Lawmakers have also been asking TikTok for more up-front about its content moderation rules, and the policy update reiterates the company’s desire to be more transparent, even and sharing a list of “Community Principles” that “shape our day-to-day work and guide how we approach difficult enforcement decisions.”