Openly tracking third-party code in software products is a “well-understood best practice” that not all software vendors follow, said Administrator David Redl Thursday at NTIA’s third cybersecurity-related multistakeholder meeting (see 1806060036). Vendors, civil society and representatives from the telecom, healthcare, finance, auto, medical device and information security sectors attended. Redl said the multistakeholder process helps NTIA reach consensus from different viewpoints and develop “nimble” solutions “in the face of a constantly evolving risk environment.”

North American enterprises canvassed for an IHS Markit study expect nearly half their employees will use Wi-Fi exclusively to access company networks by 2020, said the research firm Wednesday. “Businesses are transforming their workplaces into environments that are flexible and enable employee mobility,” said IHS. “A key foundational element of these new workplaces is ubiquitous network connectivity.” Respondents ranked online security as their top worry “by a wide margin and the top reason to invest in new infrastructure,” said IHS. Other survey findings: (1) Tablets are the No. 1 type of device new to the network over the next year; (2) 77 percent of new access point deployments will be based on the new 802.11ax standard.

U.S. District Court in Washington should block enforcement of anti-sex trafficking legislation while a lawsuit (see 1806290044) against the new federal law is decided, the Electronic Frontier Foundation argued Thursday. The Stop Enabling Sex Traffickers-Allow States and Victims to Fight Online Sex Trafficking package “is unconstitutional because it muzzles constitutionally protected speech that protects and advocates for sex workers and forces speakers and platforms to censor themselves,” EFF said.

Though 95 percent of global chief information officers say they expect cyberthreats to increase in the next three years, only 65 percent of their organizations have a cybersecurity expert on the payroll, a Gartner survey found. Gartner canvassed 3,160 CIOs in 98 countries, finding 35 percent said their organizations deploy some “aspect of digital security,” and another 36 percent are “actively experimenting” or planning to implement a security plan “in the short term,” it said. "In a twisted way, many cybercriminals are digital pioneers, finding ways to leverage big data and web-scale techniques to stage attacks and steal data," said Gartner Tuesday. "CIOs can't protect their organizations from everything, so they need to create a sustainable set of controls that balances their need to protect their business with their need to run it."

Amazon acknowledged a “ruff start” to Prime Day Tuesday in an e-mailed statement after it resorted to cute puppy graphics when it was unable to handle the onslaught of traffic at launch Monday afternoon. “Some customers are having difficulty shopping, and we’re working to resolve this issue quickly,” a spokeswoman emailed us. In the first hour and first 10 hours of Prime Day, U.S. customers ordered more items than at the equivalent points in 2017, she said. “We know some customers were temporarily unable to make purchases,” the company said, promising “hundreds of thousands of new deals today.” Amazon tried to reward Prime members with a “special thank you,” sending a Tuesday afternoon email offering a chance to download all six Amazon First Reads Kindle books for free through midnight. When we attempted to order, we encountered an error message akin to the fail messages reported Monday: “We're sorry! We had a problem processing your order. If you don't receive your book, please call our customer service line.” Other Prime users reported ordering glitches. Marist College promoted a June poll with NPR on Prime ownership in a Tuesday tweet: “44% of adults told @NPR/@MaristPoll they use Amazon Prime. They must have been pretty upset yesterday when @amazon site crashed on Prime Day!"

NTIA said as part of its BroadbandUSA program, it will host monthly webinars “to engage the public and stakeholders with information to accelerate broadband connectivity, improve digital inclusion, strengthen policies and support local priorities.” The series will address topics including “best practices for improving broadband deployment, digital inclusion, workforce skills, and e-government,” says an NTIA Federal Register notice Tuesday. The webinars will be from 2 to 3 p.m. Eastern time on the third Wednesday of every month, beginning Oct. 17 and continuing through Sept. 18, 2019.

A federal grand jury in Washington, D.C., charged 12 Russian intelligence officers with federal crimes for hacking into Democratic Party computer networks in an effort to interfere with the 2016 U.S. presidential election, said DOJ Friday. The defendants are members of the GRU, a Russian Federation intelligence agency within the Main Intelligence Directorate of the Russian military, said DOJ. They allegedly hacked into networks for the Democratic Congressional Campaign Committee, the Democratic National Committee and the presidential campaign of Hillary Clinton, and leaked information on the internet, identifying themselves as "DCLeaks" and "Guccifer 2.0.”

Facial recognition technology deserves “thoughtful government regulation,” blogged Microsoft President Brad Smith Friday. Computers identifying faces through cameras and photos raises “issues that go to the heart of fundamental human rights protections like privacy and freedom of expression,” said Smith. Government and industry should determine acceptable uses, he said, with policymakers balancing public safety and democratic freedoms. Smith listed benefits: efficient photo cataloging; authorities identifying missing people and criminal suspects; and smart device security. He listed drawbacks: potential for continuous, nonconsensual government surveillance; mass unauthorized data gathering from events; commercial exploitation of surveillance systems to sell products; and racial bias. He recommended policymakers launch a “bipartisan and expert commission” to guide legislative efforts. Industry deciding alone is “an inadequate substitute for decision making by the public and its representatives,” Smith said. “A world with vigorous regulation of products that are useful but potentially troubling is better than a world devoid of legal standards.”

Voxx Automotive partnered with UniKey Technologies to bring keyless products and vehicle access systems to the automotive market, said the companies Thursday. Voxx brings its phone-as-a-key technology that lets drivers use a smartphone as a key fob; UniKey’s contributions are Bluetooth location capability, communications and secure cloud services expertise, and a digital key sharing platform. The companies received a contract from an electric vehicle maker for a keyless solution to be delivered next year, they said. Target use cases are family key-sharing and car-sharing services and similar uses by car rental firms and auto fleet operators.

The departments of Justice, Energy and Homeland Security have mostly complied with eight recommendations “to develop and document policies, procedures and monitoring capabilities” addressing IT supply chain risk, said GAO Thursday. Energy and Justice fully implemented the recommendations, but DHS implemented two recommendations and “could not demonstrate that it had fully implemented the recommendation to develop and implement a monitoring capability to assess the effectiveness of the security measures,” said GAO.