Crossroads Blog | CYBER SECURITY LAW AND POLICY

Current Affairs, cyber attack, Cyber Exploitation, Legislation

Cyber Roundup (3/22)

A quick survey of today's news . . .

***

Robert B. Dix, Jr., (VP, Government Affairs and Critical Infrastructure Protection at Juniper Networks) wrote an op-ed for The Hill on cybersecurity legislation.  Noting that both Senate bills (Secure IT and the CSA) have their strengths, Dix came out in support of Secure IT because it lacks the CSA's regulatory heavy-handedness.  Secure IT encourages an environment in which "innovation flourishes to stay ahead of increasingly sophisticated cyber threats"; essentially, Secure IT keeps the private sector nimble.

***

Jess Kamen reported for Politico on the US government's difficulty in retaining cybersecurity experts.  Noting that cybersecurity experts have to take a 50% decrease in pay and benefits to work in government, the article explained that private companies are poaching skilled employees.  Then again, one DARPA official didn't think low retention was a bad thing: "The shelf life of cyber capabilities is short."    

***

Jon Tullett wrote an article for ITWebSecurity titled The right to bear (electronic) arms.  Tullett (citing Kenneth Geers of NCIS) had an interesting idea: "even the most humble netizen" can take on nation-states in cyberspace because of the proliferation of both offensive and defensive security tools.  In effect, people can "take to the Net as online guerrillas."

***

James Bamford reported for Wired on Gen. Keith Alexander's recent testimony on warrantless monitoring of Americans' communications.  Considered in the light of this recent Wired article on a new NSA spy palace, the article questioned Gen. Alexander's denial that the NSA could monitor Americans' communications without a warrant.

***

Tom Gjelten wrote a great overview of the debate over cybersecurity legislation for NPR . . . 

***

In a PCWorld article, John E. Dunn considered Duqu's origins.  Specifically, Dunn noted Kaspersky Lab's recent discovery that Duqu was written in "Old School" C programming language.   This, according to Kaspersky, means that "elite software developers" (rather than simple criminals) wrote this portion of Duqu.  

Hmmm.

Leave a Reply