If silos are a fact of life, governments can focus on developing people who can work across them and link up different teams. New research has identified the skills and attributes of an effective boundary spanner...
*Boundary spanners’ key to breaking organisational silos
Have your people call your people. An attorney for Prairie Meadows Racetrack and Casino, Marcus Owens, tells Tax Analysts (free link) that the IRS decision to revoke its Sec. 501(c)(4) tax exemption may be just because IRS people no longer talk to each other.
Cara Griffith, Off the Record, on Background, and Closed Events: A Bias Against Being on the Record? (Tax Analysts Blog). Cockroaches, politicians and bureaucrats all prefer to work in darkness.
Preventing bureaucrats from peddling public offices for private gain is worth the 'red tape'. The report recognises that this principle is important "to guard against patronage, bias and any other influence, through competitive entry". But it is very critical of how the principle is implemented. In particular, the report refers to a number of "myths" about the merit principle – for example, that it requires complex selection criteria, mandatory interviews and references criteria, and specification of classification levels. The Merit Principles (Currently, a denial is in order of any existing inner circle of resume boy and girl clubs of this category - You scratch my back ... ;-)
Speaking of Resume on The Merit Principles, Meryl Streep plays Donald Trump: Further proving she is an absolute goddess and there is nothing she cannot do, Meryl Streep just added Donald Trump to her acting resume Watch Meryl Streep play Donald Duck
If you like legal and political mysteries of the Sydney underbelly and lots and lots of questions, but don’t care about satisfying answers to those questions, ABC's Rake is basically the best drama of all time. Not so garden variety Rake features searing performances, a droll sense of parliamentary bear pit humor, slick MEdiaDragon exchanges pregnant with tripple meanings and brilliant writing, engrossing Phillip Street plot-lines, and Richard Shakespearean Richard chews the face off the scenery. Like earlier series the latest feast for the eyes on the viewing menu is phenomenal ... Rake Richard Roxburgh as Charles Waterstreet merit world wide viewing as both men have strong links to Albury, a border town filled with ghosts Down Under
An email message does not resemble a letter sent through the Post Office. The text is not enclosed in an envelope. It is more akin to a postcard, albeit much faster and cheaper, where the text is open for all who handle it to see and read. It is also similar to the old-fashioned telegram, the text of which passed through many operators’ hands. If the sender intends the content to be secret or private then it would be sensible to use a code or avoid email He Said-She Said Controversy Over Who Discovered the OPM Hack Is Apparently Solved
Mark Zuckerberg’s password was ‘dadada’. What hope do the rest of us have? Telegraph
IT Dashboard: Agencies Need to Fully Consider Risks When Rating Their Major Investments, GAO-16-494: Published: Jun 2, 2016. Publicly Released: Jun 2, 2016. “Agencies determined investments’ Chief Information Officer (CIO) ratings using a variety of processes, which included the Office of Management and Budget’s (OMB) six suggested factors (including risk management, requirements management, and historical performance). Specifically, all 17 selected agencies incorporated at least two of OMB’s factors into their risk rating processes and 9 used all of the factors. However, agencies’ interpretations of these factors varied. For example, most agencies considered active risks, such as funding cuts or staffing changes, when rating investments, but others only evaluated compliance with the agency’s risk management processes. Further, 13 agencies required monthly updates to CIO ratings as does OMB (as of June 2015), 1 agency scheduled its reviews based on risk, and 3 agencies required updates less often than on a monthly basis. GAO’s assessments generally showed more risk than the associated CIO ratings. In particular, of the 95 investments assessed, GAO’s assessments matched the CIO ratings 22 times, showed more risk 60 times, and showed less risk 13 times…”
I don’t think I’d sign up for the Yara Greyjoy School of Life Coaching. I’m not sure that “You’re Iron Born, I know you’ve had some bad years but …” and “If you’re really broken then you should kill yourself” counts as great advice:
I don’t think I’d sign up for the Yara Greyjoy School of Life Coaching. I’m not sure that “You’re Iron Born, I know you’ve had some bad years but …” and “If you’re really broken then you should kill yourself” counts as great advice:
“The real war isn’t between a few squabbling houses. It’s between the living and the dead and make no mistake, my lady, the dead are coming.” Via Cold River and Game of Thrones 7. 7
The two members of Congress with degrees in computer science are urging their fellow legislators to be a little more conscientious about their personal and professional cybersecurity. In a "dear colleagues" letter, Reps. Ted Lieu (D-Calif.) and Will Hurd (R-Texas) credited the House CIO with working "to protect our offices from millions of cyberattacks every year" but also noted that members could make the CIO's job easier with a little good cyber housekeeping. The pair asked lawmakers to create strong passwords, use two-factor authentication on web tools such as social media and email, take advantage of strong encryption on voice and data applications, beware of untrustworthy Wi-Fi networks and install antivirus software. Additionally, they urged members to routinely back up their data to render it less vulnerable to ransomware attacks.
New Attack Extracts Cryptographic Keys from a Computer’s Emanated Sounds Communications of the ACM
User
accounts for dating site Badoo are being traded in the digital underground,
including email address, cracked passwords, names, and dates of birth. Paid
subscription-based breach monitoring site 'Leaked Source' uploaded the dataset
on Thursday. Other sources known to Motherboard have also obtained the data.
“With over 313m users, Badoo is great for chatting, making friends, sharing
interests, and even dating!” reads Badoo's website. Leaked Source provided
three chunks of data to Motherboard, each containing 10,000 records. Out of 100
accounts tested across the three samples, 54 were linked to an active account
on Badoo, while 23 indicated that an account had been created, but that the user
had not completed registration by clicking the confirmation link emailed to
them.
The Secretive World of Selling Data About You Newsweek
Reddit on
Thursday alerted its community that it has sent out more than 100,000
password-reset notices over the past two weeks. Though Reddit itself hasn't
been hacked, it decided to act after seeing an uptick in account takeovers by
malicious or "(at best spammy) third parties," the company said in a
post. In the post, Reddit refers to millions of passwords being dumped on the
hacker market. That includes a Russian hacker who traded 272 million passwords
for social media "likes," and the fallout from the LinkedIn data
breach in 2012.
The head of
the Association of British Insurers has called on the government to create a
database where companies would have to record details of cyber attacks. Cyber
threats are a growing worry for UK business, and demand for insurance to cover
the costs is rising. But some insurers are nervous about offering cover because
of a lack of information about the attacks that are taking place. “We have 350
years of fire data and 100 years of motor and aviation data, but we have just a
few years of cyber data,” said Huw Evans, ABI director-general, speaking to the
Financial Times. “How do you build a business model in such a data light
environment? Nothing scares an insurer more than a lack of data.” A database,
he argued, would solve the problem. “If it is not mandatory to report these
things, then insurers are not going to have the data they need to provide the
right cover. It would have to be mandated by parliament, but it would need to
be proportionate and manageable.”
UK government details plans for National Cyber Security Centre
Imagine a
criminal breaks into your home but doesn't steal anything or cause any damage.
Instead, they photograph your personal belongings and valuables and later that
day hand-deliver a letter with those pictures and a message: "Pay me a
large sum of cash now, and I will tell you how I got in.” Cybercriminals are
doing the equivalent of just that: Hacking into corporations to shake down
businesses for upward of $30,000 when they find vulnerabilities, a new report
from IBM Security revealed. The firm has traced more than 30 cases over the
past year across all industries, and at least one company has paid up. One case
involved a large retailer with an e-commerce presence, said John Kuhn, senior
threat researcher at IBM Security.
Several
state officials came to Capitol Hill on May 24 to discuss their cybersecurity
challenges and provide Congress with insights into their practices and
successes. Like their federal counterparts, state cybersecurity teams are
challenged by the velocity and variety of threats, which are growing in
sophistication, Connecticut CIO Mark Raymond told a joint House Homeland
Security subcommittee panel. “The top three are malicious code, hacktivism and
zero-day attacks.” One way to address those threats is through automated
cybersecurity solutions, which can help in two ways, said Raymond, who also
serves as the vice president of the National Association of State CIOs. They
can act on threat data at machine speed, and they can help reduce demands on
government security staff, which are already in short supply. Uneven
software quality also puts strain on cybersecurity teams, according to retired
Brig. Gen. Steven Spano, who now runs the Center for Internet Security.
Acknowledging that for software vendors “ to get the speed and agility”
they need to compete, beta releases are inevitable. Yet “ many of the software
products are coming out of the box with inherent vulnerabilities… and require a
lot of lift” to sustain them, he said.
Federal
Chief Information Officer Tony Scott used a congressional hearing Wednesday on
the government’s outdated technology to argue for legislation that would create
a $3.1 billion modernization fund agencies could borrow against to upgrade
their most critical systems. Some of the government’s oldest technology,
revealed in a Government Accountability Office investigation and first reported
by Nextgov, clearly flummoxed committee members and appeared to bolster Scott’s
arguments for the fund. House Oversight and Government Reform Committee
Chairman Jason Chaffetz, R-Utah, displayed an 8-inch floppy disk before the
committee, marveling that 1970s era hardware is still used in the Defense
Department systems that coordinate operations of the United States nuclear
forces. The dismay at the age of some of the critical systems that house
everything from taxpayer data to benefits claims was bipartisan, with members of
both parties, including Gerry Connolly, D-Va., acknowledging the government’s
current technology trajectory is risky at best. Scott said he believes the IT
modernization fund is the answer. “This is the best we can think of moving
forward,” Scott told members of the committee.
The head of
Austrian aerospace parts maker FACC has been fired after the company was hit by
a cyber fraud that cost it 42 million euros ($47 million). The firm's
supervisory board decided at a 14-hour meeting on Tuesday to dismiss CEO Walter
Stephan with "immediate effect", the company said on Wednesday. FACC,
whose customers include Airbus and Boeing, said on Jan. 19 it had been hit by a
cyber fraud in which hackers stole around 50 million euros by posing as Stephan
in an email. The hoax email asked an employee to transfer money to an account
for a fake acquisition project - a kind of scam known as a "fake president
incident". "The supervisory board came to the conclusion that Mr.
Walter Stephan has severely violated his duties, in particular in relation to
the 'fake president incident'," FACC said.
FBI
officials are warning private industry partners to be on the lookout for highly
stealthy keystroke loggers that surreptitiously sniff passwords and other input
typed into wireless keyboards. The FBI's Private Industry Notification is dated
April 29, more than 15 months after whitehat hacker Samy Kamkar released a
KeySweeper, a proof-of-concept attack platform that covertly logged and
decrypted keystrokes from many Microsoft-branded wireless keyboards and
transmitted the data over cellular networks. To lower the chances that the
sniffing device might be discovered by a target, Kamkar designed it to look
almost identical to USB phone chargers that are nearly ubiquitous in homes and
offices. "If placed strategically in an office or other location where
individuals might use wireless devices, a malicious cyber actor could
potentially harvest personally identifiable information, intellectual property,
trade secrets, passwords, or other sensitive information," FBI officials
wrote in last month's advisory. "Since the data is intercepted prior to
reaching the CPU, security managers may not have insight into how sensitive
information is being stolen."
UK government details plans for National Cyber Security Centre
Australia,
New Zealand Still Mulling Data Breach Laws Gov Info
Security
Neither
Australia nor New Zealand has laws requiring organizations to notify people
affected by data breaches, but officials in both countries are reviewing
proposals and plan to introduce related legislation. Regulators in both
countries now generally encourage organizations to report breaches depending on
the type of information released and the potential impact. But what constitutes
a serious breach could be open to interpretation - a gap that both nations hope
to close with new legislation.
In an age
when spies carefully hide their tracks through layers of obfuscation and proxy
servers, locating the perpetrators of online surveillance is often nearly
impossible. But the victims of these spying campaigns can sometimes be easier
to place. And one open-source initiative has set out to map cases where
state-sponsored malware campaigns target members of civil society, in an effort
to show how governments use digital intrusions to control and disrupt their
enemies around the globe. An informal group of security researchers calling
themselves the Digital Freedom Alliance this week launched a collaborative
software project to aggregate and map out government hackers’ attacks against
journalists, activists, lawyers and NGOs around the world. The project, whose
code is hosted on Github, collects data about state-sponsored malware
infections from public sources like the University of Toronto’s Citizen Lab,
TargetedThreats.net, and security firms’ research. It then organizes that data
into a map that breaks down the attacks by date, target type, the family of
malware used, as well as the location of the command and control server used to
coordinate each malware campaign.
Panama Papers inquiry expected to call George Osborne as witness
Beyond Panama: Making the fight against tax avoidance more than a name and shame game
Spanish police ask Santander for documents in HSBC tax probe
Spanish court investigates 40 cases in HSBC tax probe
Police search Santander's Madrid HQ in money-laundering inquiry
Political Tax Avoidance Chokes Off Infrastructure Investment
The Tiny Malaysian Island of Labuan That Wants to Be a Tax Haven
CEO: Pfizer unlikely to pursue another offshore tax deal
Two Former Deutsche Bank Employees Indicted on Fraud Charges in Connection with Long-Running Manipulation of Libor
Another Regressive Idea: A Flat Tax And A Fair Tax -- Together
The false promise of tax haven blacklists
The British Empire's European Union: A Monstrosity Created By The City of London
Tax evasion and weapon production
European Commission says Belgium is tax haven
What you need to know about the Swiss basic income vote
UK To Close Property Developer Offshore Tax Loophole
Messi tax fraud trial: 'I knew nothing' Barcelona star says
Q&A: Why is Lionel Messi on trial over tax fraud accusations?
Introduction of secondary adjustments into the UK’s domestic transfer pricing legislation
HM Revenue and Customs Brief 12 (2016): Senior Accounting Officer guidance
France seeks €356m in unpaid tax from Booking.com
Cutting corporate tax won't create jobs. It's yesterday's solution to our problems
Panama Papers inquiry expected to call George Osborne as witness
Nearly a
year after its inspector general issued a warning about the increased risk of
failure of a major IT project, the Office of Personnel Management is struggling
to demonstrate it’s on the right track. The IG issued a third report May 18 on
the agency’s “shell” project, highlighting why auditors are “even more
concerned about the lack of disciplined capital planning processes” today than
they were in June 2015. Auditors say OPM’s “shell” project, which now is
referred to as infrastructure-as-a-service (IaaS), to modernize and better
secure its networks still doesn’t have a full compliant Circular A-11 business
case, is missing a documented analysis of alternatives and its overall funding
is at risk. The IG’s report comes soon after the contractor hired to upgrade
and secure its systems under the “shell” project recently went out of business.
OPM terminated its contract with Imperatis May 9.
Panama Papers inquiry expected to call George Osborne as witness
Beyond Panama: Making the fight against tax avoidance more than a name and shame game
Spanish police ask Santander for documents in HSBC tax probe
Spanish court investigates 40 cases in HSBC tax probe
Police search Santander's Madrid HQ in money-laundering inquiry
Political Tax Avoidance Chokes Off Infrastructure Investment
The Tiny Malaysian Island of Labuan That Wants to Be a Tax Haven
CEO: Pfizer unlikely to pursue another offshore tax deal
Two Former Deutsche Bank Employees Indicted on Fraud Charges in Connection with Long-Running Manipulation of Libor
Another Regressive Idea: A Flat Tax And A Fair Tax -- Together
The false promise of tax haven blacklists
The British Empire's European Union: A Monstrosity Created By The City of London
Tax evasion and weapon production
European Commission says Belgium is tax haven
What you need to know about the Swiss basic income vote
UK To Close Property Developer Offshore Tax Loophole
Messi tax fraud trial: 'I knew nothing' Barcelona star says
Q&A: Why is Lionel Messi on trial over tax fraud accusations?
Introduction of secondary adjustments into the UK’s domestic transfer pricing legislation
HM Revenue and Customs Brief 12 (2016): Senior Accounting Officer guidance
France seeks €356m in unpaid tax from Booking.com
Cutting corporate tax won't create jobs. It's yesterday's solution to our problems
Panama Papers inquiry expected to call George Osborne as witness