The “great resignation” phenomenon among skilled labor that’s plaguing all industries is hitting the cybersecurity field “especially hard,” an Information Systems Audit and Control Association survey found. ISACA canvassed 2,031 security professionals, finding 63% reporting they have unfilled cybersecurity positions, up 8 points from the 2021 survey, it said Wednesday. One in five respondents said it takes more than six months on average “to find qualified cybersecurity candidates for open positions,” it said. More than six in 10 reported difficulties retaining qualified cybersecurity professionals, up 7 points from 2021, it said. Recruitment by other companies is the top reason (59%) for cybersecurity professionals leaving their jobs, followed by insufficient salary or bonus (48%); limited advancement opportunities (47%); high stress on the job (45%); and poor management support (34%).
DOJ’s claim that Google is hiding documents is “baseless,” the company argued Thursday before the U.S. District Court in Washington in docket 1:20-cv-03010 (see 2203210054). “Accusing an adversary of engaging in a systematic, bad-faith scheme to falsify and hide documents is a serious matter,” Google attorneys wrote. “A charge of that magnitude should be accompanied by unassailable proof,” and DOJ provided none. The company claimed DOJ misread three slides from internal presentations included with more than 4.5 million documents. With proper context, the slides show legitimate “guidance to Google employees about how to communicate with in-house counsel to request legal advice on subjects with obvious legal implications,” Google said.
The U.S. began formal negotiations with Canada on a bilateral agreement for law enforcement to share cross-border data in investigations, DOJ announced Tuesday. The agreement would be authorized under the Clarifying Lawful Overseas Use of Data (CLOUD) Act (see 1803220057). An agreement “would pave the way for more efficient cross-border disclosures of data” so governments can “more effectively fight serious crime, including terrorism, while safeguarding the privacy and civil liberties values,” said Attorney General Merrick Garland.
States have sufficiently argued Google is violating antitrust law through its online advertising agreement with Facebook, Texas Attorney General Ken Paxton (R) argued Tuesday in docket 1:21-md-03010 before the U.S. District Court in Manhattan. Google asked the court to toss out the multistate lawsuit in January, arguing the state’s lawsuit is “untimely” and fails to “plausibly” allege the agreement with Facebook violates antitrust law. Paxton noted the European Commission and the Competition and Markets Authority launched probes into the Jedi Blue agreement between the two companies, “solidifying the effort to end Google’s monopolization of the internet.” Google “demonstrably diminished publishers’ ability to monetize content, increased advertisers’ costs, and directly harmed consumers,” Paxton said.
Government regulation “along viewpoint lines” is “generally impermissible” under the First Amendment, Supreme Court nominee Ketanji Brown Jackson told the Senate Judiciary Committee on Tuesday (see 2203210067). Sen. Mike Lee, R-Utah, asked Jackson if it’s within Congress’ authority to condition Communications Decency Act Section 230 immunity on online public forums not discriminating against certain viewpoints. “I can’t comment on a particular issue” about whether it’s constitutional, she said. The criteria depend on whether the government is seeking to regulate along viewpoint lines, which is “generally impermissible” under the First Amendment, she said. Concerning antitrust law, there’s a lot of precedent for the Supreme Court to consider, Jackson told Sen. Amy Klobuchar, D-Minn. Antitrust laws protect competition, consumers, competitors and the economy, and the Sherman and Clayton acts have broad protections, said Jackson. If confirmed, she said, she would look at precedent to ensure legislation is interpreted to reflect Congress’ intent. The text of the statute is what the court uses to interpret, Jackson said. Tech and telecom issues largely didn’t come up during Jackson’s second confirmation hearing of the week.
“Evolving intelligence” shows Russia is exploring potential cyberattacks against the U.S., President Joe Biden said Monday. He urged private sector entities to implement best practices to strengthen cyber defense, noting most U.S. critical infrastructure is owned and operated by the private sector. Best practices include multifactor authentication, patches against the newest and known vulnerabilities, data backup, emergency drills, encrypted data and employee education, the White House said.
Google is misusing attorney-client privilege to hide business documents relevant to DOJ’s antitrust lawsuit against Google, DOJ argued Monday in a filing before the U.S. District Court in Washington in docket 1:20-cv-03010. DOJ asked the court to sanction Google for its “extensive and intentional efforts.” Google “explicitly and repeatedly instructed" employees to "shield important business communications from discovery by using false requests for legal advice,” the department claimed. Employees routinely added “in-house counsel to business communications” and other privilege labels when no legal advice was actually needed, sought or received, DOJ said. The court should order full production of withheld and redacted emails where “in-house counsel was included in a communication between non-attorneys and did not respond,” DOJ said. Or the court could rule the emails aren’t privileged, DOJ said.
The FTC and DOJ will host a series of listening sessions about the effects of mergers and acquisitions through May 12, the FTC announced Thursday. The agencies will host a session on media and entertainment April 27 and another on technology May 12. The first two sessions will be on agriculture and healthcare. FTC Chair Lina Khan and DOJ Antitrust Division Chief Jonathan Kanter will give opening remarks and attend each event with staff. The sessions tie into the agencies’ review of merger guidelines (see 2203100069).
Sony joined as a steering committee member of the Coalition for Content Provenance and Authenticity, said the coalition Wednesday. C2PA, as the coalition calls itself, works to “address the prevalence of mis/disinformation and to scale transparency and trust in online content,” it said. Adobe, Arm, BBC, Intel, Microsoft, Truepic and Twitter are its founding members.
E-commerce platform CafePress must pay $500,000 to small businesses and “bolster” its data security practices after it allegedly failed to “secure consumers’ sensitive personal data and covered up a major breach” in 2019, the FTC said Tuesday. The commission voted 4-0 to approve the agency’s complaint. It alleged CafePress, an online customized merchandise platform, “failed to implement reasonable security measures to protect sensitive information stored on its network, including plain text Social Security numbers, inadequately encrypted passwords, and answers to password reset questions.” The complaint was filed against former owner Residual Pumpkin Entity and PlanetArt, which bought the company in 2020. Future violations against the FTC’s order carry civil penalties of up to $46,517 each. The company didn’t comment.