Is A Data Breach Lurking In Your Software Supply Chain?

Chief Product Officer at GrammaTech, where he leads product strategy for the company’s application security testing product portfolio.

Just as the manufacturing sector has adopted the use of third-party providers to build their products, software development has created an extensive supply chain to address cost and time to market pressures for faster delivery of new applications and services. Virtually every modern custom-developed software application contains third-party components. These can be open source (OSS), custom ordered or commercial off the shelf (COTS) components. Lack of visibility into these building blocks poses a significant, and often underestimated, security risk. 

Consider the supply chain analogy in aerospace manufacturing. Today, virtually every part of an airplane is provided by third-party suppliers to the manufacturer for final assembly. Unlike software, each airplane has a detailed bill of materials that contains an audit trail for each component, including the supplier, where it was produced,

Read More

Networking equipment vendor Belden discloses data breach

belden.jpg

American networking equipment vendor Belden said it was hacked in a press release published earlier this week.

Belden says the security breach took place after hackers gained access to a limited number of its file servers.

The intrusion was detected after the company’s IT personnel detected unusual activity involving the compromised servers. A subsequent investigation revealed that the intruders had copied data of some current and former employees, as well as limited company information regarding some business partners. 

Belden is now notifying customers and employees whose data it believes was exposed in the incident.

“Safety is always paramount at Belden and we take threats to the privacy of personal and company information very seriously,” said Roel Vestjens, President and Chief Executive Officer. “We regret any complications or inconvenience this incident may have caused and are offering assistance to those individuals who may have been impacted.”

The company, which makes networking,

Read More

Tech giants face fines or even break-up if they breach new rules: EU’s Breton

BRUSSELS (Reuters) – Tech giants that break new EU rules aimed at curbing their powers could face fines, be ordered to change their practices or even be forced to break up their European businesses, the bloc’s digital chief Thierry Breton said on Wednesday.

Breton’s comments come two weeks before he is due to present draft rules known as the Digital Services Act (DSA) and Digital Markets Act (DMA), which are likely to affect big U.S. players Google, Apple, Amazon, Facebook and Microsoft.

The DSA will force tech companies to explain how their algorithms work, open up their advertising archives to regulators and researchers, and do more to tackle hate speech, harmful content and counterfeit products on their platforms.

The DMA takes aim at online gatekeepers with a list of requirements, such as sharing certain kinds of data with rivals and regulators; and outlawed practices, such as favouring their own services.

Read More

Tech groups’ services could face bans if they breach rules, EU industry chief says

FRANKFURT (Reuters) – Technology companies’ services could be banned from the European market if they do not heed EU regulation, Europe’s industry chief Thierry Breton told German weekly Welt am Sonntag, as the European Commission finalizes rules on internet companies.

Breton will announce new draft rules known as the Digital Services Act and the Digital Markets Act together with European Competition Commissioner Margrethe Vestager on Dec. 2.

The rules will set out a list of do’s and don’ts for gatekeepers – online companies with market power – forcing them to share data with rivals and regulators and not to promote their services and products unfairly.

The new draft rules come as critics of U.S. tech giants, which include companies and industry bodies, question the EU’s rulings against Alphabet <GOOGL.O> unit Google, saying they have not curbed its allegedly anti-competitive behaviour. Some want EU enforcers to go further than just ordering

Read More