Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

China tightens control over cybersecurity in data crackdown

Friday, July 16, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: https://www.c4isrnet.com/cyber/2021/07/13/china-tightens-control-over-cybersecurity-in-data-crackdown/

In this 2017 file photo, attendees walk past an electronic display showing recent cyberattacks in China at the China Internet Security Conference in Beijing. Tech experts in China who find a weakness in computer security would be required to tell the government instead of publicizing it under rules announced July 13, 2021, as part of the ruling Communist Party’s sweeping effort to tighten control over information. (Mark Schiefelbein/AP) (AP)

BEIJING — Tech experts in China who find a weakness in computer security would be required to tell the government and couldn’t sell that knowledge under rules further tightening the Communist Party’s control over information.

The rules would ban private sector experts who find “zero day,” or previously unknown security weaknesses, and sell the information to police, spy agencies or companies. Such vulnerabilities have been a feature of major hacking attacks including one this month blamed on a Russian-linked group that infected thousands of companies in at least 17 countries.

Beijing is increasingly sensitive about control over information about its people and economy. Companies are barred from storing data about Chinese customers outside China. Companies including ride-hailing service Didi Global Inc., which recently made its U.S. stock market debut, have been publicly warned to tighten data security.

Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make. No information can be given to “overseas organizations or individuals” other than the product’s manufacturer.

No one may “collect, sell or publish information on network product security vulnerabilities,” say the rules issued by the Cyberspace Administration of China and the police and industry ministries. They take effect Sept. 1.

The ruling party’s military wing, the People’s Liberation Army, is a leader along with the United States and Russia in cyber warfare technology. PLA officers have been charged by U.S. prosecutors with hacking American companies to steal technology and trade secrets.

Consultants that find “zero day” weaknesses say their work is legitimate because they serve police or intelligence agencies. Some have been accused of aiding governments accused of human rights abuses or groups that spy on activists.

There is no indication such private sector researchers work in China, but the decision to ban the field suggests Beijing sees it as a potential threat.

China has steadily tightened control over information and computer security over the past two decades.

Banks and other entities that are deemed sensitive are required to use only Chinese-made security products wherever possible. Foreign vendors that sell routers and some other network products in China are required to disclose to regulators how any encryption features work.

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search