Category Archives: Cyberspace Solarium Commission

CISA starts identifying targets most necessary to protect from hacking

Posted on by

The Cybersecurity and Infrastructure Security Agency has begun working to map out the U.S. critical infrastructure that, if hacked, could result in serious consequences for national security and economic interests, CISA Director Jen Easterly said Friday. Labeling such infrastructure is the subject of a proposal of the Cyberspace Solarium Commission, a congressional committee, which recommended identifying “systemically important critical infrastructure,” or SICI. Lawmakers have introduced SICI legislation in recent months, but Easterly said her Department of Homeland Security agency is proceeding ahead with or without a bill. “Notwithstanding whether this ends up in legislation or not, and I certainly hope it does, we are already thinking through the model,” she said at an event hosted by the Center for Strategic and International Studies. “We’re in a state now where a critical infrastructure is much more vulnerable than it should be. And frankly, that’s what I worry about most every day.” […]

The post CISA starts identifying targets most necessary to protect from hacking appeared first on CyberScoop.

Continue reading CISA starts identifying targets most necessary to protect from hacking

A rising tide lifts all boats in maritime cybersecurity

Posted on by

This past March, the world watched as the container ship Ever Given clumsily blocked a major artery in the global supply chain – leading to a six-day blockage of the world’s most important shipping corridor, the Suez Canal. The disruption held up an estimated $9 billion of trade per day. Today, the Port of Los Angeles and the Port of Long Beach are experiencing disruptions leading to a record number of ships waiting off the coast of California. These disruptions have permeated throughout the supply chains for goods that Americans rely on from computers and chips to cars and clothing. The lesson is clear: The maritime industry is full of chokepoints which, if manipulated, can cause cascading economic impacts that affect Americans. While these recent disruptions were not caused by hacks or bad actors in cyberspace, they demonstrate the vulnerable chokepoints in the global marketplace. We aren’t dealing in hypotheticals, either – […]

The post A rising tide lifts all boats in maritime cybersecurity appeared first on CyberScoop.

Continue reading A rising tide lifts all boats in maritime cybersecurity

Rep. Katko introduces bill that would prioritize security for key US critical infrastructure

Posted on by

The top Republican on the House Homeland Security Committee introduced legislation Tuesday directing the Homeland Security Department’s cyber wing to identify U.S. digital infrastructure that, if attacked, would severely debilitate national security, economic security or public safety. Under the legislation from Rep. John Katko, R-N.Y., DHS’ Cybersecurity and Infrastructure Security Agency would designate the nation’s “systemically important critical infrastructure” (or “SICI”). The legislation also would make it a priority for CISA to lend its protective services, such as continuous monitoring and detection of cybersecurity risks, to the identified owners and operators. It’s an attempt, Katko said, identify which of the 16 sectors currently labeled as critical infrastructure are truly essential. “To mitigate risks to our economic and national security going forward, we need a clear process for identifying which infrastructure constitutes systemically important critical infrastructure,” Katko said in announcing the legislation. “Disruption to this infrastructure — ranging from pipelines to […]

The post Rep. Katko introduces bill that would prioritize security for key US critical infrastructure appeared first on CyberScoop.

Continue reading Rep. Katko introduces bill that would prioritize security for key US critical infrastructure

Key lawmakers to CISA: Let us send you more money, power

Posted on by

The Department of Homeland Security’s cyber division, a key government agency charged with helping stop and respond to cyberattacks, might be getting ready for a bigger role in the spotlight.  One key House committee advanced legislation in July to give the Cybersecurity and Infrastructure Security Agency an extra $400 million. Then, another committee on Sept. 14 separately advanced its take on legislation that would provide an additional nearly $800 million to the agency, which has a $2 billion total budget in the current fiscal year. Those proposed funds come on top of another extra $650 million that Congress and President Joe Biden already provided to CISA in March through the American Rescue Plan focused on COVID-19 relief. And the recent moves on Capitol Hill to bolster CISA, an agency formally established only three years ago, aren’t limited to cash. Both chambers of Congress are contemplating legislation that would make CISA the […]

The post Key lawmakers to CISA: Let us send you more money, power appeared first on CyberScoop.

Continue reading Key lawmakers to CISA: Let us send you more money, power

Key lawmakers to CISA: Let us send you more money, power

Posted on by

The Department of Homeland Security’s cyber division, a key government agency charged with helping stop and respond to cyberattacks, might be getting ready for a bigger role in the spotlight.  One key House committee advanced legislation in July to give the Cybersecurity and Infrastructure Security Agency an extra $400 million. Then, another committee on Sept. 14 separately advanced its take on legislation that would provide an additional nearly $800 million to the agency, which has a $2 billion total budget in the current fiscal year. Those proposed funds come on top of another extra $650 million that Congress and President Joe Biden already provided to CISA in March through the American Rescue Plan focused on COVID-19 relief. And the recent moves on Capitol Hill to bolster CISA, an agency formally established only three years ago, aren’t limited to cash. Both chambers of Congress are contemplating legislation that would make CISA the […]

The post Key lawmakers to CISA: Let us send you more money, power appeared first on CyberScoop.

Continue reading Key lawmakers to CISA: Let us send you more money, power

US makes progress on improving cyber but key issues remain, congressional committee finds

Posted on by

A congressional commission dedicated to shoring up America’s cyber defenses has made significant progress in the wake of multiple recent cybersecurity crises, according to a new report. Nearly 75% of the 82 recommendations made in the Cyberspace Solarium Commission’s March 2020 report, which set out to assess ways the U.S. can improve its digital resilience, have been implemented or are on track to be implemented, according to an evaluation released Thursday by the Commission. The report notes that some of this movement has been spurred by a wave of high profile cybersecurity incidents within the past year, starting with the revelation in December 2020 that Russian hackers had infiltated at least nine federal agencies using network management software SolarWinds. In March, apparent Chinese hackers exploited a vulnerability in Microsoft’s Exchange Server technology, affecting thousands of users. Multiple ransomware attacks have followed, including one against fuel provider Colonial Pipeline that forced […]

The post US makes progress on improving cyber but key issues remain, congressional committee finds appeared first on CyberScoop.

Continue reading US makes progress on improving cyber but key issues remain, congressional committee finds

CISA director unveils cyber defense collaborative center for pre-attack planning

Posted on by

Cybersecurity and Infrastructure Security Director Jen Easterly announced the launch of a cyber defense center Thursday that will seek to foster collaboration before cyberattacks, rather than afterward, between federal agencies, the private sector and state and local governments. Speaking at the Black Hat security conference in Las Vegas in one of her first public appearances since the Senate confirmed her last month to lead the Department of Homeland Security’s cyber wing, Easterly said the Joint Cyber Defense Collaborative (JCDC) would try to enhance teamwork that often happens only after a major incident, such as the past year’s high-profile attacks on companies like SolarWinds or Kaseya. “While some of this work is happening in pockets, most of it is reactive,” Easterly said in prepared remarks. “The unique value add of the JCDC is to create a proactive capability for government and private sector to work together closely before an incident occurs […]

The post CISA director unveils cyber defense collaborative center for pre-attack planning appeared first on CyberScoop.

Continue reading CISA director unveils cyber defense collaborative center for pre-attack planning

National cyber director endorses plan for a bureau to collect, analyze threat data

Posted on by

National Cyber Director Chris Inglis called for the creation of a bureau of cyber statistics while outlining his priorities for the office in a speech Tuesday. The idea, initially proposed by Congress’s bipartisan Cyberspace Solarium Commission, would require the Department of Homeland Security to collect, process, and analyze statistics relevant to cyber threats and cybercrimes. It would require organizations that provide incident response services or cyber insurance to report information every 180 days. Inglis was a member of the same commission prior to his current role. “I would observe that to properly address risk we have to first understand it. We have to understand where it’s concentrated, where it cascades, what causes it, and more importantly to then discover how to address it,” Inglis said at an Atlantic Council event. “I think all would agree that in the absence of this information, we are going to be episodic, we’re going […]

The post National cyber director endorses plan for a bureau to collect, analyze threat data appeared first on CyberScoop.

Continue reading National cyber director endorses plan for a bureau to collect, analyze threat data

A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Posted on by

The notion of writing more cybersecurity regulations is gaining traction following the Colonial Pipeline and JBS ransomware incidents, after decades of a largely hands-off approach to private sector-owned critical infrastructure. Top Biden administration team picks have testified about how voluntary standards aren’t getting the job done, and some in Congress have indicated their patience is waning with letting industry go it alone. Enter a proposal that some lawmakers and the Cyberspace Solarium Commission that they say strikes a middle ground between the new zeal for hard rules and the tradition of non-regulation in cyberspace: “systemically important critical infrastructure.” Also known as SICI, it’s an idea that involves labeling hacking targets that are most likely to cause economic, public health or national security disruptions if attacked, then offering the owners of that infrastructure a mixture of government boons in exchange for meeting baseline cybersecurity standards. But even as something of a […]

The post A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill appeared first on CyberScoop.

Continue reading A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber

Posted on by

President Joe Biden’s fiscal 2022 budget blueprint released Friday proposes $750 million for the federal government to respond to “lessons learned” from the SolarWinds supply chain hack that compromised nine agencies. In all, the budget proposes $9.8 billion in federal civilian cybersecurity funding, a 14% increase from the spending levels allocated for the current fiscal year, according to a summary. That number doesn’t take into account Defense Department funding requests, which would represent another large chunk of money, though that amount isn’t precisely spelled out in four documents shared Friday with reporters in advance of public release. “Cybersecurity is a top priority for this Administration, and recent events, such as the SolarWinds cyber incident, have shown that adversaries continue to target Federal systems,” one budget document reads. The blueprint also requests $15 million for the recently-created national cyber director office in the White House, and $20 million for a new […]

The post Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber appeared first on CyberScoop.

Continue reading Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber