The Department of Homeland Security’s National Cybersecurity Protection System (NCPS) "only partially" has met its objectives of detecting, analyzing and preventing malicious activity on federal networks, the Government Accountability Office said Thursday in a report. NCPS gives DHS a “limited ability” to detect malicious activity via known malicious data pattern “signatures” but doesn’t detect deviations from baseline network behavior, GAO said. NCPS also doesn’t monitor some types of network traffic and the signatures it monitors don’t address threats exploiting common security vulnerabilities, GAO said. NCPS’ analytical tools include a centralized platform for aggregating data and the capability for analyzing malicious code characteristics, GAO said. NCPS’ capability to prevent intrusions onto federal networks is limited to only the types of traffic it monitors, including email. NCPS doesn’t have the ability to address malicious content transmitted via Web traffic but plans to have this capability at some point this year, GAO said. DHS plans to further enhance its analytics capabilities by 2018, GAO said. DHS hasn’t developed most of the functionality of NCPS’ information sharing capability, and its current threat notifications have garnered mixed results, GAO said. The office recommended that DHS’ Office of Cybersecurity and Communications develop metrics for measuring NCPS’ effectiveness and “clearly defined requirements” for detecting threats on federal networks. GAO also recommended developing other enhancements to NCPS’ detection and prevention capabilities.

ICANN believes there's “only a LOW risk” that terrorist activity could occur during its March 5-10 meeting in Marrakech, Morocco, but ICANN is taking new security precautions for the meeting and all future ICANN meetings, said ICANN Vice President-Meetings and International Real Estate Operations Nick Tomasso in a blog post Wednesday. Tomasso cited recent terrorist attacks in Paris and San Bernardino, California, as the reason for the security changes. ICANN is “in constant and on-going communication with our hosts and the Moroccan government, to assess any security concerns surrounding the upcoming meeting,” Tomasso said. “We are working with a highly respected global security-consulting firm, which gives us on-going updates of potential risks. This firm has also assigned a senior level analyst to work with ICANN.” All delegates to ICANN meetings will now need a government-issued ID to pick up their badge at the registration desk, and there will be additional security screenings at ICANN meeting venues, including metal detectors and bag checks, Tomasso said. Moroccan authorities will do advanced verification of delegate registration information at the Marrakech meeting and security will be increased at hotels where meeting delegates are staying, Tomasso said.

The U.S. should "work with the new Canadian government to improve cross border trade opportunities," EBay Senior Vice President-North America Hal Lawton said in a letter to Bruce Heyman, U.S. ambassador to Canada, eBay said in a news release Tuesday. In the letter, Lawton urged Heyman to work with the Canadian government to increase Canada's "de minimis threshold" of $20 on the value of imported goods allowed before customs duties are applied and paperwork must be processed. "The inequity between the U.S. and Canadian de minimis is a major source of friction for eBay customers in these two countries -- an inequity that eBay is committed to improving," the release said. It said the U.S. figure is $200, and legislators are considering upping it to $800.

The global healthcare IoT market is expected to grow at a nearly 38 percent compound annual growth rate (CAGR) from 2015 to 2020, P&S Market Research said in a report released Tuesday. The global healthcare IoT market was valued at $24.67 billion in 2014, said P&S, and the "system and software" segment is expected to have the fastest growth through 2020, with a projected CAGR of almost 41 percent. "The global IoT in healthcare market is growing at a significant rate, due to increasing demand for advanced healthcare information system[s], and a growing prevalence of chronic and lifestyle associated diseases," P&S said in a news release. North America "dominated" the global healthcare IoT market in 2014, while the Asian market is expected to have the fastest growth during the forecast period, with a CAGR of nearly 42 percent, P&S said.

GOP presidential candidate Ben Carson proposed creating a National Cyber Security Administration (NCSA) Monday as part of a campaign position paper on protecting U.S. interests online. “Just as we established the National Aeronautics and Space Administration to coordinate and focus the U.S. space program, we must create a national initiative to organize and streamline our efforts to secure America’s online presence,” Carson said. The NCSA wouldn’t be a “new federal bureaucracy” but “a consolidation and unification of the countless and often redundant programs, initiatives and offices which operate disjointedly throughout the government,” Carson said. “Such an agency must be kept separate from the military, but work with them when national security demands it. The NCSA will create a unity of purpose, not just across federal agencies, but in cooperation with ‘We the People.’ This will be America’s venue to bring together experts and lay persons towards a common goal of securing the country, from the individual user at home to the highest government official.” Other GOP presidential hopefuls previously released campaign proposals on cybersecurity. Jeb Bush’s proposal, released in September, emphasized the need for now-passed cybersecurity information sharing legislation and the end of information sequestration at the Department of Defense, NSA and other U.S. intelligence agencies. Bush also pushed for NTIA to retain its oversight of the Internet Assigned Numbers Authority rather than transitioning oversight to ICANN as proposed. Carly Fiorina pushed for a centralized command for protecting federal networks and systems in response to data breaches at the Office of Personnel Management.

TCL wasted little time unveiling the appliances it alluded to at its CES news conference (see 1601060012). In its North American appliance launch Monday at the International Air Conditioning, Heating, Refrigerating Exposition (AHR Expo) in Orlando, TCL bowed a split air conditioner, mobile air conditioner and dehumidifier based on the Ayla Networks IoT platform. Ayla’s over-the-air (OTA) communications services allow for remote upgrading of firmware after the products have been installed at customer sites, said the companies. The TCL products can push information to end users’ mobile applications to match the language of each user’s mobile phone, said TCL. Frank Wang, TCL deputy general manager-overseas marketing center, praised IoT for its ability to help manufacturers serve customers better. The company can “repair our smart connected products in the field and perform preventive maintenance using Ayla’s OTA technology, which saves time and money for both us and our customers,” said Wang. Another benefit is energy savings. The new TCL split air conditioner saves up to 25 percent energy versus “pre-IoT versions,” he said. TCL is taking pre-orders at AHR, with shipping due later this year. The move into appliances in North America is part of TCL’s globalization strategy, and its partnership with Ayla will help it achieve its expansion goals through Ayla’s connected data centers in North America, Europe and China, said the company.

The outcome of ICANN's ongoing planning for the Internet Assigned Numbers Authority (IANA) transition will be a top Internet governance issue of 2016, said NTIA Administrator Larry Strickling during the State of the Net conference Monday. ICANN has said it's nearly ready to submit the IANA transition plan to NTIA for final approval, but ongoing disputes over an associated proposal for changing ICANN's accountability mechanisms continue to delay that process. “We're basically waiting on [the Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability)] to finish” its proposal before final submission can occur because the CCWG-Accountability proposal affects aspects of the IANA transition plan, said IANA Transition Coordination Group Chairwoman Alissa Cooper, a Cisco engineer. There's “a lot riding on” a successful conclusion to the IANA transition process, because it's one of the “largest multistakeholder Internet governance processes” undertaken, Strickling said. A successful IANA transition “will serve as a powerful example” of what multistakeholder processes can accomplish, he said.

ICANN said it’s extending the deadline to Jan. 28 for parties to submit proposals for an independent examiner to do ICANN’s periodic review of the At-Large Advisory Committee (ALAC). The submission deadline was previously Friday. All ICANN advisory committees except the Governmental Advisory Committee, all supporting organizations and the ICANN Nominating Committee go through similar period reviews, ICANN said in a Friday news release. The independent examiner for the ALAC review will assess the extent of ALAC’s implementation of recommendations from the committee’s previous review, along with all components of ICANN’s At-Large Community. The review is to run from April through March 2017, ICANN said.

IBM said it acquired Ustream, which provides cloud-based live and on-demand video streaming services to 80 million viewers every month, for an undisclosed sum. Ustream, whose customers include The Discovery Channel, Facebook, NASA, Nike and Samsung, will become part of IBM's Cloud Video Services unit, the company said in a Thursday news release. IBM said the new unit will target the estimated $105 billion cloud-based video services and software market, which includes webcasts, conference keynotes, training and education, webinars and how-to videos. IBM said it will provide a portfolio of "video services that spans open API [application programming interface] development, digital and visual analytics, simplified management and consistent delivery across global industries."

FTC Commissioner Julie Brill will open the Feb. 9 "Start with Security" event in Seattle, with speakers from Belkin, DocuSign, Facebook, Intel, Microsoft and others, the commission said Thursday. The daylong event will have panels on how startups can build a culture of security within their organizations, integrate security testing and review in their development processes, make a business case for incorporating security, and address security in IoT products and services, said the agenda. It's part of FTC's ongoing initiative to help companies, especially startups and early stage businesses, build security into their products, services and culture. The commission held similar workshops in Austin (see 1511050042) and San Francisco (see 1509090045) last year.