Collaborate Disseminate
U.S. Cyber Command General Paul Nakasone told senators that scaling back his organization’s cyber ops authorities would be damaging to its mission.
The post Legislators rail against potential rollback of flexible DOD cyber powers appeared first on CyberScoop.
Continue reading Legislators rail against potential rollback of flexible DOD cyber powers
A little more than a year removed from its role in advancing some of the most significant cybersecurity legislation ever enacted, the Cyberspace Solarium Commission is transforming into version 2.0 of itself. With some of its key recommendations now law — such as the creation of the Office of the National Cyber Director in the White House — the remnant of the congressionally created panel is turning its attention to tracking how those ideas are implemented, while studying some of the issues it didn’t get to fully examine before releasing its final report. Those areas of study include protecting the water, maritime transport and health care sectors, as well as strengthening the federal and private sector workforce and ensuring plans to avert disruptions to the economy caused by cyberattacks. Now housed within the Foundation for Defense of Democracies (FDD) think tank, the commission’s 2.0 work should take another two years, […]
The post The Cyberspace Solarium Commission pushed some major policies into law. So what now? appeared first on CyberScoop.
The Senate passed legislation Tuesday evening requiring critical infrastructure owners to report to the feds when they suffer a major cyberattack or make a ransomware payment — shaking loose a bill that got stuck in the chamber last year. Under the measure, which now moves to the House for potential consideration, those critical infrastructure owners and operators as well as federal agencies would have to disclose a significant incident to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency within 72 hours. The same owners and operators would have to report any ransomware payments to CISA, too, only within 24 hours. Its intent is to give CISA the information it needs to more widely share threat data to help curtail major cyberattacks rippling through key targets, such as what happened in late 2020 when federal contractor SolarWinds suffered a compromise that ended up spreading to federal agencies and major tech […]
The post Proposal for industries to report big cyberattacks, ransomware payments wins Senate approval appeared first on CyberScoop.
The top Republican on the House Homeland Security Committee introduced legislation Tuesday directing the Homeland Security Department’s cyber wing to identify U.S. digital infrastructure that, if attacked, would severely debilitate national security, economic security or public safety. Under the legislation from Rep. John Katko, R-N.Y., DHS’ Cybersecurity and Infrastructure Security Agency would designate the nation’s “systemically important critical infrastructure” (or “SICI”). The legislation also would make it a priority for CISA to lend its protective services, such as continuous monitoring and detection of cybersecurity risks, to the identified owners and operators. It’s an attempt, Katko said, identify which of the 16 sectors currently labeled as critical infrastructure are truly essential. “To mitigate risks to our economic and national security going forward, we need a clear process for identifying which infrastructure constitutes systemically important critical infrastructure,” Katko said in announcing the legislation. “Disruption to this infrastructure — ranging from pipelines to […]
The post Rep. Katko introduces bill that would prioritize security for key US critical infrastructure appeared first on CyberScoop.
Although Pentagon officials have suggested in recent days that the nation’s offensive cyber arm should split away from the National Security Agency, Cyber Command is a long way from being ready to stand on its own, according to a bipartisan group of lawmakers. The proposal, which some DOD officials have been entertaining in the last several days, would separate out the command from the Department of Defense’s foreign signals intelligence agency, which it has been co-located with for 10 years in order to help it find its footing. Both the NSA and Cyber Command are currently run by the same leader, Gen. Paul Nakasone, and some critics say the Trump administration has been interested in separating the two in order to carve out a leadership spot for a political ally at the helm of the NSA before his time in the Oval Office expires, according to The Washington Post. But […]
The post Lawmakers throw cold water on splitting Cyber Command from NSA appeared first on CyberScoop.
Continue reading Lawmakers throw cold water on splitting Cyber Command from NSA
Congress this week is slated to pass what just might be the most significant cybersecurity legislation ever. This year’s annual defense policy bill, known as the National Defense Authorization Act (NDAA), is loaded with provisions that would reshape the federal bureaucracy on cybersecurity. It would create a national cyber director in the White House and strengthen the Department of Homeland Security’s Cybersecurity and Information Security Agency (CISA), among other changes. “I believe it’s safe to say that this is the most important piece of cybersecurity legislation ever passed” should the final bill advance this week, said Sen. Angus King, I-Maine, who co-chaired the Cyberspace Solarium Commission that produced many of the proposals in the legislation. Mark Montgomery, executive director of the commission, called it “the most substantive” cyber legislation Congress will have passed. Others agree. “I think that’s true, 100%,” said Jonathan Reiber, a former Defense Department cybersecurity official during […]
The post A look inside Congress’ biggest cyber bill ever appeared first on CyberScoop.
Continue reading A look inside Congress’ biggest cyber bill ever
A bipartisan congressional committee is urging the federal government to enact a sweeping set of cybersecurity upgrades in order to modernize American defenses on issues ranging from 5G security to stopping intellectual property theft and mitigating ransomware attacks. The Cybersecurity Solarium Commission on Wednesday will release 75 recommendations that calla for changes in the way that Congress and the Trump administration oversee crucial security issues that, if unaddressed, may jeopardize U.S. national and economic security. It remains to be seen whether some of the proposals will become a reality. In an interview with CyberScoop, Sen. Angus King, I-Maine, a co-chair of the commission, would not preview what elements of the proposal would appear in forthcoming legislation, but said between 40-50 percent of them could be seen in the 2021 National Defense Authorization Act. King says there is urgency to taking action on each of the 75 recommendations. “We want this to be […]
The post What to expect from the Cybersecurity Solarium Commission report appeared first on CyberScoop.
Continue reading What to expect from the Cybersecurity Solarium Commission report
The Cyberspace Solarium Commission, a bipartisan group tasked last year with devising a strategy for defending the U.S. against cyberattacks, is almost ready to reveal its proposals to the world. The commission’s final report, expected to be issued in March or April, may include new reporting requirements for the private sector that would incentivize better security practices, according to the commission’s co-chairs, Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., said during a Council on Foreign Relations summit in Washington, D.C. Tuesday. While the final language is unclear, the report is expected to include a sweeping set of proposals ranging from an overhaul of Congressional oversight on cybersecurity issues to an assessment of the Pentagon’s offensive and defensive readiness. Whether there’s broader appetite outside of the 14-member commission to implement the recommendations, however, remains to be seen. One idea the commission has entertained is convincing insurance companies to offer better rates to clients who follow specific guidelines […]
The post Congressional commission mulls new private sector reporting requirements appeared first on CyberScoop.
Continue reading Congressional commission mulls new private sector reporting requirements
Members of the Senate Intelligence Committee said Wednesday they would consider plans offered by a Obama administration official to fight back against Russian aggression in cyberspace. Victoria Nuland, a former U.S. ambassador to NATO, told lawmakers that it would be pragmatic for the country to consider a new “fusion center” to deter foreign election meddling similar to what occurred in 2016. The approach Nuland described would look like the counter-terrorism model pursued by the U.S. government in the aftermath of the Sept. 11, 2001 terror attacks. “On the President’s direction and with Congressional support, the Trump Administration could immediately establish a multi-agency Fusion Center, modeled on the National Counter Terrorism Center [(NCTC)] but smaller in size, to pull together all the information and resources of our government to identify, expose and respond to state-sponsored efforts to undermine American democracy through disinformation, cyberattack, and abuse of the internet,” Nuland said. Senior […]
The post Senate to review fusion center plan to deter Russian cyberattacks appeared first on Cyberscoop.
Continue reading Senate to review fusion center plan to deter Russian cyberattacks