The global smart speaker market will top 56.3 million shipments this year on accelerated adoption in the consumer market, with the U.S. the main consumer for a few more years, Canalys Research reported. Amazon and Google will continue to lead amid increased competition from new entrants, it said Thursday. Smart speaker technology has grown faster than any recent consumer technology, the firm said. Analyst Lucio Chen sees opportunities in advertising, content subscription bundles, premium services and enterprise solutions.

Google remedied across its entire suite of products vulnerabilities that were uncovered last year the company blogged Thursday. Products include Google Cloud Platform, G Suite applications, and Google Chrome and Chrome OS items. Intel said something similar. It's "rapidly issuing updates for all types of Intel-based computer systems -- including personal computers and servers -- that render those systems immune from both exploits (referred to as 'Spectre' and 'Meltdown') reported by Google Project Zero," the chipmaker said. Wednesday, it said it's addressing vulnerabilities (see 1801030053).

At least one large-scale data breach will occur in 2018 and a major botnet attack can be expected, blogged Paul Rosenzweig, founder of Red Branch Consulting. DOJ is likely to find a case where encryption was used to protect a terrorist, which will prompt Congress to take up legislation mandating back-door decryption capabilities, Rosenzweig said. Rollout of Europe's general data protection regulation in May "will have substantial negative impacts on cross-Atlantic data flows" and could trigger a "full-scale data trade war," exacerbated by the Supreme Court's U.S. v Microsoft overseas data storage case (see 1710160009), in which he expects the court will force Microsoft to repatriate data held in Ireland, with Europeans adopting reciprocal restrictions. The court is likely to decide "Americans have a privacy interest in their locational information in Carpenter v U.S. (see 1711290043), he said. Rosenzweig doesn't see any major cybersecurity legislation this Congress: "They may fiddle a bit, but Rome will continue to burn."

Control4 bought intellectual property and key operating assets of remote management services company Ihiji to give a broad view into health of connected homes, Control4 Senior Vice President-Marketing Susan Cashen told us. Ihiji Invision device management gives Control4 dealers the “right tools and skill set to make sure that everything they’re building in the connected home -- whether it includes Control4 automation or not -- is stable,” said Cashen. Network and device management capabilities are crucial to integrators to ensure good service for connected homes, Ihiji CEO Stuart Rench told us; he's taking a new job at the combined firm (see personals section of this publication's current issue).

Despite more awareness of cybersecurity risks, only 37 percent of people use identity theft services and 28 percent have no plans to sign up, said a McAfee survey released Tuesday. McAfee surveyed 6,400 people globally, finding 61 percent are more worried about data security than five years ago. Thirty-three percent rank protecting identity as their No. 1 cybersecurity priority ahead of protecting privacy, connected devices, data and connected home devices.

Intel is "aware" of new security analysis revealing some software inspection methods pose security risks, it said in a Wednesday statement. The software analysis "when used for malicious purposes" has potential to improperly gather sensitive data from computing devices that are operating as designed. Intel said it believes these exploits lack potential to corrupt, modify or delete data, and it's working with other systems operators to develop an industrywide approach to resolve this issue "promptly and constructively."

The U.S. economy could benefit significantly from stronger intellectual property protections, blogged Free State Foundation researcher Michael Horney, citing a 2017 Frontier Economics report that estimated a one percentage point reduction in piracy would add up to $54 billion in economic activity for Organisation for Economic Cooperation and Development countries. IP theft hurts job creation and economic growth because it discourages artists and innovators from creating new products and services, Horney wrote, urging a stronger U.S. focus to encourage innovation and economic activity.

U.S. cybersecurity policy isn't yet equipped to meet the “immense” challenge of protecting valuable data, though there has been progress, blogged Internet Security Alliance President Larry Clinton Tuesday. Clinton praised work to improve the National Institute of Standards and Technology’s cybersecurity framework, which is headed for another update this spring. He also said corporate boards now rank cybersecurity among their top challenges, whereas a few years ago it was less of a priority. But nation-state attacks (see 1801020027) that have evolved beyond espionage to “straight out cyber crime" make it seem “no one is safe" and may soon “pose serious risk to critical infrastructure,” he said. Policymakers have yet to develop an approach that focuses on the entire cybersecurity system instead of “incremental assets," he said, and is complicated by a system that looks for scapegoats after major cyber breaches rather than developing systemic solutions. “We are all on the same side. We need to act like it,” Clinton said. In historic security models, each entity was expected to secure itself. But the internet demands a different, integrated response that's developed through a “conscious partnership” like the one NIST used to create the framework, he said.

The FTC gave final approval to a settlement with Lenovo over complaints that preinstalled software compromised security protections in order to deliver ads to consumers, the agency announced Tuesday. Commissioners voted 2-0 to approve the 20-year consent decree reached in September (see 1709050020), settling charges brought by the FTC and 32 states that Lenovo's preinstalled software program, Visual Discovery, created serious security vulnerabilities on laptops sold in the U.S. Lenovo agreed to no longer misrepresent any features of preloaded software “that will inject advertising into consumers’ Internet browsing sessions or transmit sensitive consumer information to third parties,” the FTC said. If the company does install such software, the FTC order requires Lenovo to obtain consumers’ affirmative consent before the software runs on laptops. The company is required for 20 years to implement a comprehensive software security program that will be subject to third-party audits “for most consumer software preloaded on its laptops,” the FTC said. Lenovo said the FTC informed the company of the final settlement, "which now brings this matter to a close,” a spokeswoman said.

The number of nation-state cyberattacks will grow in 2018 and will demand collective action among global governments to fend off bad actors, Microsoft President Brad Smith said in a report released Tuesday, co-authored by Carol Ann Browne, director-executive communications. Recent WannaCry and Not-Petya attacks were “akin to military assaults” that demand a “new generation of arms control discussions to address them,” the executives wrote. Microsoft praised the White House for joining with other countries publicly blaming North Korea for WannaCry (see 1712190043) as a “step in the right direction towards addressing growing nation-state cyberattacks.” Global technology leaders should adopt a cybersecurity tech sector accord to enable tech companies to act as “internet first responders,” the report said: “Look for progress over the next six months.” Microsoft also hopes governments will clarify international law in the digital space, an issue of particular significance as the company prepares for oral argument Feb. 27 in the U.S. v. Microsoft case (see 1710160009) on warrants issued for data stored overseas. The case has significant international implications as companies increasingly store data overseas so it’s closer to customers, Microsoft said. “Rather than rely on or improve existing treaties to obtain information located in other countries, the DOJ prefers to exercise jurisdiction over cloud service providers and compel them unilaterally to fetch emails in other countries and bring them to the U.S.,” the report said, arguing the government is trying to “stretch the statute in ways that Congress didn’t anticipate.” Microsoft holds out some hope that DOJ and the tech sector could craft a “late compromise” for new legislation that would “bring agreement on a more modern and international approach.” Barring that, the Supreme Court will need to decide by June on the basis of a law “not written with the 21st century in mind,” the report said. Microsoft flagged privacy and surveillance as related priority 2018 issues, citing the May 25 implementation of the European Union’s General Data Protection Regulation, which will add new requirements for companies that store personal information of European consumers no matter where the company is located. It will be up to the tech sector largely to manage the new requirements, which are still subject to “continuing deliberations” that will continue through 2018 and beyond, the report said. Net neutrality also made Microsoft's top 10 list, with the company praising ISP pledges to avoid discrimination in the absence of binding net neutrality rules. If those promises prove false, it could be the impetus for Congress to create "lasting and bipartisan" regulation that has "so far proved elusive," Microsoft said.