Washington — The Federal Motor Carrier Safety Administration has granted a petition to preempt Washington state’s rules on meals and rest breaks for commercial truck drivers, determining that federal hours-of-service regulations supersede the state’s rules.

Washington — The Federal Motor Carrier Safety Administration is asking for input on an interim final rule that clarifies the definitions of the terms “any agricultural commodity” and “livestock” in the agency’s hours-of-service regulations for commercial truck drivers.

Washington — The Federal Motor Carrier Safety Administration is seeking public comment on a proposal to revise the agency’s guidance on “yard moves” and commercial motor vehicle drivers’ hours of service.

Washington — The Federal Motor Carrier Safety Administration says temporary hours-of-service exemptions and other “regulatory relief” will continue for commercial motor vehicle drivers transporting items intended to assist in COVID-19 pandemic relief efforts.

Washington — The Federal Motor Carrier Safety Administration has announced temporary relief from hours-of-service requirements for commercial motor vehicle drivers delivering “direct assistance” to emergency efforts in states affected by severe winter weather.

Washington — Prompted by a reported cyberattack that has resulted in a disruption of service along a major petroleum pipeline, the Federal Motor Carrier Safety Administration on May 9 issued a temporary hours-of-service exemption to commercial motor vehicle operators transporting gasoline, diesel, jet fuel and other refined petroleum products to 17 states and the District of Columbia, as part of emergency relief efforts.

Washington — The Federal Motor Carrier Safety Administration once again is extending temporary hours-of-service exemptions and other “regulatory relief” for commercial motor vehicle drivers transporting items intended to assist with COVID-19 pandemic relief efforts.

East Lansing, MI — The Federal Motor Carrier Safety Administration’s mandate on the use of electronic logging devices to record commercial motor vehicle driver hours of service “did not immediately achieve its goal of reducing accidents,” and may be linked to increases in unsafe driving behaviors and crashes, results of a recent study suggest.

Washington — The Federal Motor Carrier Safety Administration is asking industry stakeholders for input on “ways to improve the clarity of current regulations on the use of electronic logging devices and address certain concerns about the technical specifications.”

Washington — The Federal Motor Carrier Safety Administration is requesting public comment on a proposed rule that would “narrow the scope” of temporary hours-of-service exemptions and other regulatory relief for truckers during emergency declarations.

Washington — Temporary hours-of-service exemptions and other regulatory relief for truckers during regional emergency declarations will be limited under a recently published Federal Motor Carrier Safety Administration final rule.

Washington — The Federal Motor Carrier Safety Administration has denied a petition calling on the agency to recognize hair samples as an alternative drug-testing method for truckers, reasserting a long-standing position that it lacks the statutory authority to do so.

Wholesale Monitoring executives give an overview of the modern central station landscape.

Washington — The Federal Motor Carrier Safety Administration wants input from truckers as it shapes a study to analyze how common sexual assault and harassment are in the trucking industry.

Washington — A coalition of roadway safety advocacy groups, in conjunction with the International Brotherhood of Teamsters, has filed a lawsuit against the Federal Motor Carrier Safety Administration and the Department of Transportation challenging a controversial final rule FMCSA claims will add flexibility to hours-of-service regulations for commercial truck drivers.

Washington — The Commercial Vehicle Safety Alliance is evaluating its next course of action after the Federal Motor Carrier Safety Administration on Sept. 18 denied a CVSA petition requesting that the agency update its definition of “personal conveyance” and clarify a mileage limit.

Washington — The Federal Motor Carrier Safety Administration has eased restrictions on a pilot program that allows commercial truck drivers younger than 21 to operate interstate.

Washington — As the Federal Motor Carrier Safety Administration considers updating the methodology it uses to determine if truck and bus companies are fit to operate safely, the agency has scheduled a public listening session.

Washington — Vinn White is the acting administrator of the Federal Motor Carrier Safety Administration after being appointed deputy administrator by Transportation Secretary Pete Buttigieg on June 25.

Washington — The Federal Motor Carrier Safety Administration has awarded almost $480 million in grants for safety initiatives related to large trucks and buses.

Washington — The Federal Motor Carrier Safety Administration is cautioning truck drivers about a “very convincing” fraudulent email requesting various personal information not required on agency forms.

Nashville, TN — A lack of safe places for truck drivers to stop and rest continues to trouble the transportation industry, with the issue coming in near the top of the American Transportation Research Institute’s annual list of top trucking industry concerns.

[Domestic] :
Ahead of the College Scholastic Ability Test(CSAT), several companies have been caught illegally distributing medications to treat attention deficit hyperactivity disorder(ADHD) and posting misleading advertisements for the pills.  According to the Ministry of Food and Drug Safety on Monday, an intensive ...

[more...]

While the Federal Motor Carrier Safety Administration’s (FMCSA) Safety Measurement System (SMS) used to identify commercial motor vehicle carriers at high risk for future crashes is conceptually sound, several features of its implementation need improvement, says a new congressionally mandated report from the National Academies of Sciences, Engineering, and Medicine.

Fonts from Graphicsauce.co will make your business to look more attractive and independent

CEO Satnam Gambhir honored with Lifetime Achievement Award; company recognized for Industry Innovation in Technology

This document is only available in PDF format.

This document is only available in PDF format.

This document is only available as a PDF.

This document is only available in PDF format.

Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.

Dive into six things that are top of mind for the week ending Nov. 1.

1 - Securing OT/ICS in critical infrastructure with zero trust

As their operational technology (OT) computing environments become more digitized, converged with IT systems and cloud-based, critical infrastructure organizations should beef up their cybersecurity by adopting zero trust principles.

That’s the key message of the Cloud Security Alliance’s “Zero Trust Guidance for Critical Infrastructure,” which focuses on applying zero trust methods to OT and industrial control system (ICS) systems.

While OT/ICS environments were historically air gapped, that’s rarely the case anymore. “Modern systems are often interconnected via embedded wireless access, cloud and other internet-connected services, and software-as-a-service (SaaS) applications,” reads the 64-page white paper, which was published this week.

The CSA hopes the document will help cybersecurity teams and OT/ICS operators enhance the way they communicate and collaborate.

Among the topics covered are:

• Critical infrastructure’s unique threat vectors
• The convergence of IT/OT with digital transformation
• Architecture and technology differences between OT and IT

The guide also outlines this five-step process for implementing zero trust in OT/ICS environments:

• Define the surface to be protected
• Map operational flows
• Build a zero trust architecture
• Draft a zero trust policy
• Monitor and maintain the environment

A zero trust strategy boosts the security of critical OT/ICS systems by helping teams “keep pace with rapid technological advancements and the evolving threat landscape,” Jennifer Minella, the paper’s lead author, said in a statement.

To get more details, read:

• The report’s announcement “New Paper from Cloud Security Alliance Examines Considerations and Application of Zero Trust Principles for Critical Infrastructure”
• The full report “Zero Trust Guidance for Critical Infrastructure”
• A complementary slide presentation

For more information about OT systems cybersecurity, check out these Tenable resources: 

• “What is operational technology (OT)?” (guide)
• “Discover, Measure, and Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments” (on-demand webinar)
• “How To Secure All of Your Assets - IT, OT and IoT - With an Exposure Management Platform” (blog)
• “Blackbox to blueprint: The security leader’s guidebook to managing OT and IT risk” (white paper)
• “Tenable Cloud Risk Report 2024” (white paper)

2 - Five Eyes publish cyber guidance for tech startups

Startup tech companies can be attractive targets for hackers, especially if they have weak cybersecurity and valuable intellectual property (IP).

To help startups prevent cyberattacks, the Five Eyes countries this week published cybersecurity guides tailored for these companies and their investors.

“This guidance is designed to help tech startups protect their innovation, reputation, and growth, while also helping tech investors fortify their portfolio companies against security risks," Mike Casey, U.S. National Counterintelligence and Security Center Director, said in a statement.

These are the top five cybersecurity recommendations from Australia, Canada, New Zealand, the U.S. and the U.K. for tech startups:

• Be aware of threat vectors, including malicious insiders, insecure IT and supply chain risk.
• Identify your most critical assets and conduct a risk assessment to pinpoint vulnerabilities.
• Build security into your products by managing intellectual assets and IP; monitoring who has access to sensitive information; and ensuring this information’s protection.
• Conduct due diligence when choosing partners and make sure they’re equipped to protect the data you share with them.
• Before you expand abroad, prepare and become informed about these new markets by, for example, understanding local laws in areas such as IP protection and data protection.

“Sophisticated nation-state adversaries, like China, are working hard to steal the intellectual property held by some of our countries’ most innovative and exciting startups,” Ken McCallum, Director General of the U.K.’s MI5, said in a statement.

To get more details, check out these Five Eyes’ cybersecurity resources for tech startups:

• The announcement “Five Eyes Launch Shared Security Advice Campaign for Tech Startups”
• The main guides: 
  • “Secure Innovation: Security Advice for Emerging Technology Companies”
  • “Secure Innovation: Security Advice for Emerging Technology Investors”
• These complementary documents:
  • “Secure Innovation: Scenarios and Mitigations”
  • “Secure Innovation: Travel Security Guidance”
  • “Secure Innovation: Due Diligence Guidance”
  • “Secure Innovation: Companies Summary”

3 - Survey: Unapproved AI use impacting data governance

Employees’ use of unauthorized AI tools is creating compliance issues in a majority of organizations. Specifically, it makes it harder to control data governance and compliance, according to almost 60% of organizations surveyed by market researcher Vanson Bourne.

“Amid all the investment and adoption enthusiasm, many organisations are struggling for control and visibility over its use,” reads the firm’s “AI Barometer: October 2024” publication. Vanson Bourne polls 100 IT and business executives each month about their AI investment plans.

To what extent do you think the unsanctioned use of AI tools is impacting your organisation's ability to maintain control over data governance and compliance?

^{(Source: Vanson Bourne’s “AI Barometer: October 2024”)}

Close to half of organizations surveyed (44%) believe that at least 10% of their employees are using unapproved AI tools.

On a related front, organizations are also grappling with the issue of software vendors that unilaterally and silently add AI features to their products, especially to their SaaS applications.

While surveyed organizations say they’re reaping advantages from their AI usage, “such benefits are dependent on IT teams having the tools to address the control and visibility challenges they face,” the publication reads.

For more information about the use of unapproved AI tools, an issue also known as “shadow AI,” check out:

• “Do You Think You Have No AI Exposures? Think Again” (Tenable)
• “Shadow AI poses new generation of threats to enterprise IT” (TechTarget)
• “10 ways to prevent shadow AI disaster” (CIO)
• “Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach” (Tenable)
• “Shadow AI in the ‘dark corners’ of work is becoming a big problem for companies” (CNBC)

VIDEO

Shadow AI Risks in Your Company

4 - NCSC explains nuances of multi-factor authentication

Multi-factor authentication (MFA) comes in a variety of flavors, and understanding the differences is critical for choosing the right option for each use case in your organization.

To help cybersecurity teams better understand the different MFA types and their pluses and minuses, the U.K. National Cyber Security Centre (NCSC) has updated its MFA guidance.

“The new guidance explains the benefits that come with strong authentication, while also minimising the friction that some users associate with MFA,” reads an NCSC blog.

In other words, what type of MFA method to use depends on people’s roles, how they work, the devices they use, the applications or services they’re accessing and so on.

Topics covered include:

• Recommended types of MFA, such as FIDO2 credentials, app-based and hardware-based code generators and message-based methods
• The importance of using strong MFA to secure users’ access to sensitive data
• The role of trusted devices in boosting and simplifying MFA
• Bad practices that weaken MFA’s effectiveness, such as:
  • Retaining weaker, password-only authentication protocols for legacy services
  • Excluding certain accounts from MFA requirements because their users, usually high-ranking officials, find MFA inconvenient

To get more details, read:

• The NCSC blog “Not all types of MFA are created equal”
• The NCSC guide “Multi-factor authentication for your corporate online services”

For more information about MFA:

• “Multifactor Authentication Cheat Sheet” (OWASP)
• “Deploying Multi Factor Authentication – The What, How, and Why” (SANS Institute)
• “How MFA gets hacked — and strategies to prevent it” (CSO)
• “How Multifactor Authentication Supports Growth for Businesses Focused on Zero Trust” (BizTech)
• “What is multi-factor authentication?” (TechTarget)

5 - U.S. gov’t outlines AI strategy, ties it to national security 

The White House has laid out its expectations for how the federal government ought to promote the development of AI in order to safeguard U.S. national security.

In the country’s first-ever National Security Memorandum (NSM) on AI, the Biden administration said the federal government must accomplish the following:

• Ensure the U.S. is the leader in the development of safe, secure and trustworthy AI
• Leverage advanced AI technologies to boost national security
• Advance global AI consensus and governance

“The NSM’s fundamental premise is that advances at the frontier of AI will have significant implications for national security and foreign policy in the near future,” reads a White House statement.

The NSM’s directives to federal agencies include:

• Help improve the security of chips and support the development of powerful supercomputers to be used by AI systems.
• Help AI developers protect their work against foreign spies by providing them with cybersecurity and counterintelligence information.
• Collaborate with international partners to create a governance framework for using AI in a way that is ethical, responsible and respects human rights. 

The White House also published a complementary document titled “Framework To Advance AI Governance and Risk Management in National Security,” which adds implementation details and guidance for the NSM.

6 - State CISOs on the frontlines of AI security

As the cybersecurity risks and benefits of AI multiply, most U.S. state CISOs find themselves at the center of their governments' efforts to craft AI security strategies and policies.

That’s according to the “2024 Deloitte-NASCIO Cybersecurity Study,” which surveyed CISOs from all 50 states and the District of Columbia.

Specifically, 88% of state CISOs reported being involved in the development of a generative AI strategy, while 96% are involved with creating a generative AI security policy.

However, their involvement in AI cybersecurity matters isn’t necessarily making them optimistic about their states’ ability to fend off AI-boosted attacks.

None said they feel “extremely confident” that their state can prevent AI-boosted attacks, while only 10% reported feeling “very confident.” The majority (43%) said they feel “somewhat confident” while the rest said they are either “not very confident” or “not confident at all.”

Naturally, most state CISOs see AI-enabled cyberthreats as significant, with 71% categorizing them as either “very high threat” (18%) or “somewhat high threat” (53%).

At the same time, state CISOs see the potential for AI to help their cybersecurity efforts, as 41% are already using generative AI for cybersecurity, and another 43% have plans to do so by mid-2025.

Other findings from the "2024 Deloitte-NASCIO Cybersecurity Study" include:

• 4 in 10 state CISOs feel their budget is insufficient.
• Almost half of respondents rank cybersecurity staffing as one of the top challenges.
• In the past two years, 23 states have hired new CISOs, as the median tenure of a state CISO has dropped to 23 months, down from 30 months in 2022.
• More state CISOs are taking on privacy protection duties — 86% are responsible for privacy protection, up from 60% two years ago.

For more information about CISO trends:

• “What’s important to CISOs in 2024” (PwC)
• “The CISO’s Tightrope: Balancing Security, Business, and Legal Risks in 2024” (The National CIO Review)
• “State of CISO Leadership: 2024” (SC World)
• “4 Trends That Will Define the CISO's Role in 2024” (SANS Institute)

TORONTO – The Canadian Securities Administrators (CSA) is providing an update to interested parties on the status of its work to introduce binding authority for an independent dispute resolution service.

SAINT JOHN, NB - In recognition of Financial Literacy Month’s theme “Money on your Mind?

Toronto – The Canadian Securities Administrators (CSA) is warning the public about scammers claiming to represent large, well-known financial companies.  Recently, the CSA has noted an increase in the number of scams involving the use of professional looking electronic broch

Montreal - The Canadian Securities Administrators (CSA) is warning the public to be vigilant for unsolicited communications that come from scammers posing as CSA staff or staff of CSA members.

TORONTO – The Canadian Securities Administrators (CSA), the Canadian Investment Regulatory Organization (CIRO), and the Ombudsman for Banking Services and Investments (OBSI) remind investors that they all offer investors services related to claims or complaints free of charge.

This document is only available in PDF format.

This document is available as PDF only. The following links go to sections in the PDF. 

IntroductionThe members of the Canadian Securities Administrators (the CSA or we) are publishing for comment proposed amendments to National Instrument 94-101 Mandatory Central Counterparty Clearing of Derivatives (National Instrument 94

Event Begins: Wednesday, November 13, 2024 7:00pm
Location: Off Campus Location
Organized By: Center for South Asian Studies

Continuing our Spotlight On Women Directors series, Nocturnes is a 2024 documentary on how moths convey a mysterious message.

In the dense forests of the Eastern Himalayas, moths are whispering something to us. In the dark of night, two curious observers shine a light on this secret universe. Together, they are on an expedition to decode these nocturnal creatures in a remote ecological “hot spot” on the border of India and Bhutan. The result is a deeply immersive film that transports audiences to a rarely-seen place and urges us all to look more closely at the hidden interconnections of the natural world. From directors Anirban Dutta and Anupama Srinivasan.

This screening is FREE and open to the public (must reserve free tickets/RSVP in advance)

Tickets: https://marquee-arts.org/event-page/tickets/?showingId=892704

Film website: https://www.sandboxfilms.org/films/nocturnes/

*Made possible with the generous support of the Title VI grant from the U.S. Department of Education.*

Antares Vision Group becomes first DSCSA solution provider to join the Pulse Interoperable Partner program of the National Association of Boards of Pharmacy (NABP).

"DCSA plays a critical role in executing Trusted Workforce 2.0 objectives as the largest provider of personnel vetting services," Heather Green said.

The post DCSA rolling out continuous vetting to a million more feds first appeared on Federal News Network.

VAR2CSA is the placental-malaria–specific member of the antigenically variant Plasmodium falciparum erythrocyte membrane protein 1 (PfEMP1) family. It is expressed on the surface of Plasmodium falciparum-infected host red blood cells and binds to specific chondroitin-4-sulfate chains of the placental proteoglycan receptor. The functional ∼310 kDa ectodomain of VAR2CSA is a multidomain protein that requires a minimum 12-mer chondroitin-4-sulfate molecule for specific, high affinity receptor binding. However, it is not known how the individual domains are organized and interact to create the receptor-binding surface, limiting efforts to exploit its potential as an effective vaccine or drug target. Using small angle X-ray scattering and single particle reconstruction from negative-stained electron micrographs of the ectodomain and multidomain constructs, we have determined the structural architecture of VAR2CSA. The relative locations of the domains creates two distinct pores that can each accommodate the 12-mer of chondroitin-4-sulfate, suggesting a model for receptor binding. This model has important implications for understanding cytoadherence of infected red blood cells and potentially provides a starting point for developing novel strategies to prevent and/or treat placental malaria.

Company can design a silo in half an hour and deliver it earlier while helping improve the quality of Mexico's food, plastics, and construction practices

Microtrottoir CSA � Club Med

Manchester : Manchester University Press, [2022]

As Arizona's cities are laying off and furloughing workers because of cratering revenues as a result of the coronavirus pandemic, their Republican senator is telling them to toughen up. She isn't going to help them by voting for any financial support for state local government, citing that "blue state bailout" bullshit.

read more

Magyarország lett az OECD Fejlesztési Segítségnyújtási Bizottságának (DAC) 30. tagja. A Bizottság a kétoldalú fejlesztési együttműködést szolgáltató államok vezető nemzetközi fóruma.