Collaborate Disseminate
The U.S. Cyber Command unfunded priorities wish list includes $168 million to enhance the Cyber Mission Force, a group conducting offensive and defensive cyber operations.
The post U.S. Cyber Command gives Congress $236M unfunded priorities wish list appeared first on CyberScoop.
Continue reading U.S. Cyber Command gives Congress $236M unfunded priorities wish list
It’s the second time this month Congress has finalized a bill that’s intended to help the feds track cybercrime data.
The post Cybercrime statistics legislation is ready for president’s signature appeared first on CyberScoop.
Continue reading Cybercrime statistics legislation is ready for president’s signature
The incident reporting legislation, long in the works, also comes with nearly $2.6 billion for the agency for fiscal 2022.
The post Major cyber incident reporting requirement, CISA budget hike on precipice of becoming law appeared first on CyberScoop.
The Senate passed legislation Tuesday evening requiring critical infrastructure owners to report to the feds when they suffer a major cyberattack or make a ransomware payment — shaking loose a bill that got stuck in the chamber last year. Under the measure, which now moves to the House for potential consideration, those critical infrastructure owners and operators as well as federal agencies would have to disclose a significant incident to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency within 72 hours. The same owners and operators would have to report any ransomware payments to CISA, too, only within 24 hours. Its intent is to give CISA the information it needs to more widely share threat data to help curtail major cyberattacks rippling through key targets, such as what happened in late 2020 when federal contractor SolarWinds suffered a compromise that ended up spreading to federal agencies and major tech […]
The post Proposal for industries to report big cyberattacks, ransomware payments wins Senate approval appeared first on CyberScoop.
In the span of a few days, two House members who have concentrated much of their energy on cybersecurity — and perhaps just as importantly, on working across the aisle on the issue — have announced their plans to depart Congress. Rep. Jim Langevin, D-R.I., said on Tuesday that he would not run for reelection in 2022. Rep. John Katko, R-N.Y., made his own announcement on Friday. Matt Masterson, a former election security official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, called the exit of Langevin and Katko “tough” and “a big loss.” “These are two members of Congress that have both employed staff and taken the time themselves to understand the technical challenges and nuances that are part of this conversation about cybersecurity,” said Masterson, now a nonresident policy fellow with the Stanford Internet Observatory. “You have a Republican and a Democrat, both who recognized […]
The post Congressional cyber heavyweights Langevin, Katko won’t seek reelection appeared first on CyberScoop.
Continue reading Congressional cyber heavyweights Langevin, Katko won’t seek reelection
The FBI on Dec. 30 signed a deal with Clearview AI for an $18,000 subscription license to the company’s facial recognition technology. While the value of the contract might seem just a drop in the bucket for the agency’s nearly $10 billion budget, the contract was significant in that it cemented the agency’s relationship with the controversial firm. The FBI previously acknowledged using Clearview AI to the Government Accountability Office but did not specify if it had a contract with the company. The FBI didn’t respond to a request for comment, but it isn’t the only federal law enforcement agency to ramp up its procurement of privately-owned facial recognition technologies in recent months. In September, U.S. Immigration and Customs Enforcement spent almost $4 million on facial recognition technology from a company called Trust Stamp, as Business Insider first reported. The same month agency purchased a contract with Clearview AI starting at […]
The post Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns appeared first on CyberScoop.
House and Senate negotiators have excluded provisions from a must-pass defense bill that would have mandated many companies to report major cyberattacks and ransomware payments to federal officials. A compromise version of the fiscal 2022 National Defense Authorization Act (NDAA) released Tuesday leaves out the language, which would set timeframes for when critical infrastructure owners and operators must report major incidents and some companies would have to report making ransomware payments. Supporters of the language ran out of time to reach an agreement on the final phrasing before NDAA sponsors moved ahead on their final compromise bill, a senior Senate aide said. It’s a big setback for backers of the reporting mandates, as attaching provisions to the annual NDAA has been the path for a number of monumental cyber ideas to become law. Still, some key disputes over the reporting mandate provisions have been resolved, and backers might be able […]
The post Cyber incident reporting mandates suffer another congressional setback appeared first on CyberScoop.
Continue reading Cyber incident reporting mandates suffer another congressional setback
British regulators say they intend to fine Clearview AI, a facial recognition company that bills itself as the world’s largest, nearly $23 million for “alleged serious breaches” of the nation’s data protection laws. The fines stem from a joint investigation by the U.K. Information Commissioner’s Office (ICO) and its Australian counterpart. The ICO now awaits a response from Clearview AI before possibly levying the fine in mid-2022. “I have significant concerns that personal data was processed in a way that nobody in the UK will have expected,” U.K. Information Commissioner Elizabeth Denham said on Monday. “Clearview AI Inc’s services are no longer being offered in the UK. However, the evidence we’ve gathered and analysed suggests Clearview AI Inc were and may be continuing to process significant volumes of UK people’s information without their knowledge.” The increased scrutiny from U.K. regulators has something of a parallel in the U.S., where in […]
The post UK threatens Clearview AI with nearly $23M fine over its facial recognition tech appeared first on CyberScoop.
Continue reading UK threatens Clearview AI with nearly $23M fine over its facial recognition tech
Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when they make payments, has hit a significant snag in the Senate. A bipartisan group of senators announced a proposal in November that would require critical infrastructure owners and operators to report within 72 hours to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency when they suffer major cyber incidents, as defined by CISA. It also would require reporting of ransomware payments to CISA from a broader set of organizations, excluding only individuals and some smaller businesses, within 24 hours. Advocates hope that by requiring swift reporting of major incidents, federal officials can help reduce the damage more quickly. Gathering intelligence about ransomware payments would help law enforcement and national security officials understand and act on digital extortion trends, officials say. Backers were unable to advance the proposal last […]
The post Incident reporting, ransomware payment legislation faces trouble in Senate appeared first on CyberScoop.
Continue reading Incident reporting, ransomware payment legislation faces trouble in Senate
Presdent Joe Biden signed a $1 trillion infrastructure bill into law on Monday that includes nearly $2 billion for cybersecurity and related provisions. The biggest piece of digital security funding is a Federal Emergency Management Agency cyber grant program, administered in consultation with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, that would distribute $1 billion over four years to state and local governments. An additional $21 million would go toward the Office of the National Cyber Director, which has been unable to make key hires since being established earlier this year due to funding shortages. In all, the legislation — known as the Infrastructure Investment and Jobs Act — is “the largest investment in the resilience of physical and natural systems in American history,” the White House boasted, one that “makes our communities safer and our infrastructure more resilient to the impacts of climate change and cyber-attacks.” […]
The post Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity appeared first on CyberScoop.
Continue reading Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity