Congress needs to enact a federal data privacy law this year, write Ashley Johnson and Daniel Castro of the Information Technology and Innovation Foundation. "Federal legislation is necessary to prevent the United States from becoming a patchwork of 50 different state laws, which would make enforcement more costly and impose unnecessary barriers to innovation in the digital economy, which runs on personal data," they note.

While a few states are addressing students' data privacy, many school districts are not doing enough to protect them, writes Charlie Sander, chairman and CEO at ManagedMethods, which assists schools with cybersecurity. A survey of school district administrators found that 77% were not very concerned about data breaches and 79% were not very concerned about compliance with data privacy regulation.

Companies such as Hume AI are developing algorithms that read voice, facial and verbal expressions to improve user interaction with technology. "I see generative models being able to generate synthetic voices with emotion and with contextually appropriate emotions as models grow in size and complexity, or as we make new breakthroughs in the field of deep learning," says Ryan Monsurate, AI Dynamics' chief technology officer.

The Securities and Exchange Commission is looking to improve cybersecurity in the financial system and could consider expanding the scope of its Regulation Systems Compliance and Integrity rule to broker-dealers and others, SEC Chair Gary Gensler says.

Last week's Global Affairs Canada hack left some services unavailable, and the hacker's identity isn't known. The breach occurred around when the Canadian Centre for Cyber Security was warning critical infrastructure operators to protect themselves from Russia-backed cyberthreats.

A Biden administration memorandum grants new powers to the National Security Agency, including the ability to issue binding operational directives compelling government agencies to take additional measures against cyberthreats, such as patching systems right away or taking them offline. The memorandum also includes other cybersecurity standards that must be met.

A 2021 survey by SITA, the aviation industry's primary IT provider, finds most airlines and airports will have a cybersecurity program in place by 2024. Cloud services also are a tech priority, with 95% of airlines reporting that they would be investing in cloud computing.

So-called "purple" teams in a cyberattack exercise should take on both red "attacker" and blue "defender" mindsets. Walmart's purple team comprises internal experts and consultants, says vice president of security operations Jason O'Dell, who notes that "[blue and red team members] meet several times per month to help drive constant improvement for both teams, and we have seen fantastic collaboration."

The rise in remote work creates new vulnerabilities for organizations and new challenges for information technology departments seeking to safeguard company and customer data. Employee training and cloud technology that emphasizes cybersecurity are the key elements, writes Tom Goodmanson,
president and CEO at Calabrio.

Nvidia is reportedly getting ready to call off its proposed $40 billion acquisition of Arm, Bloomberg News reports, although Nvidia is not commenting. The purchase found resistance by antitrust regulators in the UK, where Arm is based, and in the US.