Suzanne Spauldng – WindowsTechs.com

A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Posted on June 22, 2021 by Tim Starks

The notion of writing more cybersecurity regulations is gaining traction following the Colonial Pipeline and JBS ransomware incidents, after decades of a largely hands-off approach to private sector-owned critical infrastructure. Top Biden administration team picks have testified about how voluntary standards aren’t getting the job done, and some in Congress have indicated their patience is waning with letting industry go it alone. Enter a proposal that some lawmakers and the Cyberspace Solarium Commission that they say strikes a middle ground between the new zeal for hard rules and the tradition of non-regulation in cyberspace: “systemically important critical infrastructure.” Also known as SICI, it’s an idea that involves labeling hacking targets that are most likely to cause economic, public health or national security disruptions if attacked, then offering the owners of that infrastructure a mixture of government boons in exchange for meeting baseline cybersecurity standards. But even as something of a […]

The post A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill appeared first on CyberScoop.

Continue reading A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill→

Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector

Posted on October 18, 2018 by Sean Lyngaas

The U.S. government’s new and reportedly more muscular approach to conducting offensive cyber-operations must carefully consider the potential blowback of such actions to the private sector, a former senior Department of Homeland Security official has warned. “DHS needs to be part of the discussion around the cost-benefit analysis to bring the private sector point of view because we know the private sector often bears the brunt of the retaliation that comes in the wake of more aggressive activity,” Suzanne Spaulding said Wednesday at the Atlantic Council. Asked what public indication there would that those concerns are being addressed, Spaulding, who served as a DHS undersecretary under President Barack Obama, said the answer lies in the private sector. Private companies will have a sense of “whether their equities were adequately considered” before a U.S. government decision to conduct offensive operations, Spaulding said during a panel discussion. “And my guess is they’ll […]

The post Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector appeared first on Cyberscoop.

Continue reading Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector→

Bill to create DHS cyber agency faces a tough road in the Senate

Posted on December 15, 2017 by Shaun Waterman

The bill passed by the U.S. House of Representatives to create a new cybersecurity agency inside the Department of Homeland Security faces a tough climb in the Senate despite bipartisan support, observers and staffers say. H.R.3359, the Cybersecurity and Infrastructure Security Agency Act of 2017, passed by voice vote Monday — moving the bill to the upper chamber. In brief floor remarks, Rep. John Ratcliffe, R-Texas, called the bill a “compromise” that fellow Texan, House Homeland Security Committee Chairman Michael McCaul, had worked on with “dogged determination.” In a statement, newly sworn-in DHS Secretary Kirstjen Nielsen also praised McCaul’s “tireless work” on the proposal. And well she might: It’s his second attempt — with bipartisan support from Rep. Bennie Thompson, D-Miss. — to create an operational cybersecurity agency within DHS. The first bill never made it to the House floor last Congress because of turf fights: Nine other House committees […]

The post Bill to create DHS cyber agency faces a tough road in the Senate appeared first on Cyberscoop.

Continue reading Bill to create DHS cyber agency faces a tough road in the Senate→