Quick survey of today’s cyber news. Coincidentally, October is cybersecurity awareness month . . . so happy cybersecurity awareness month!
***
Very interesting article from the AP’s Kin Cheung (and posted via Nextgov). Cheung wrote that “[n]o policies prohibit federal employees from working for Chinese companies following their federal service, a fact that has allowed telecom giant Huawei . . . to hire a number of well-connected former U.S. officials.”
Notably, a prior head of DHS’ cybersecurity division, a former Senate aide, a former U.K. government CIO and CISO, and a former chief of staff to Rep. Steny Hoyer have all found employment with Huawei.
Should we put exit restrictions in place? Can’t help but feel uneasy about this.
***
On 10/1, Jennifer Martinez reported for The Hill on comments made by Gen. Keith Alexander, head of CyberComm and the NSA. According to Martinez, Gen. Alexander believes that government and private industry need to share information about cyber threats with each other and that DHS should be the lead agency for that effort. Gen. Alexander went on to say:
What we’re asking industry to do is to look and if you see these bad things going on, let us know right away. Call us and we’ll respond. Otherwise, we don’t need to know what traffic is transiting.
***
Forbes’ Larry Downes reported on the upcoming World conference on International Telecommunications (WCIT). As quick background, more repressive nations will probably make a play to give the UN greater control over the internet at the WCIT. The U.S. obviously opposes that. Downes explained how the International Telecommunications Union (ITU), the UN agency that would ultimately do the regulating, is trying to change the narrative, arguing that it’s not interested in taking control of the internet. However, by doing so, Downes believes that “the more the U.N. insists it’s not trying to take over the Internet, the more nervous Internet users around the world become.”
Downes does a great job investigating the ITU’s motivations here. A comprehensive article, and definitely worth a look.
***
Tony Romm reported for Politico on how even cybersecurity could fall victim to sequester. The general feeling is that even if sequester were to come to pass, cybersecurity would be spared. Cybersecurity is just too important and too delicate to risk. However, Romm challenged that assumption by noting that “[t]he standard 9.4 percent reduction to hit defense spending . . . would touch critical programs like the Infrastructure Protection and Information Security component of DHS.”
Having posted this article, I don’t really see anything in there that suggests cybersecurity initiatives will face any funding reductions. Hopefully sequester never comes to pass. However, even if it did, I don’t think cybersecurity will face the same level of cuts. That’s been the feeling all along, and I don’t think anything has changed since.
***
Shaun Waterman for The Washington Times on how some cybersecurity commentors believe that last week’s DDOS attacks on the banks was a “warning of the cyber cold war.” Waterman wrote that if the attacks did have Iranian backing, “it would make the attacks the first foreign cyberstrike aimed at disrupting U.S. critical infrastructure and affecting the daily lives of ordinary Americans . . ..” I don’t know if that’s true or not.
***
Forbes’ Jody Westby on Sen. Rockefeller’s recent letter to Fortune 500 CEOs asking them about their concerns over cybersecurity legislation. In short, she’s critical, but believes that the letter gives Fortune 500 CEOs “an opportunity to flatly reject the notion of mandated cybersecurity requirements and to ask him to turn his focus toward incentives for security improvements and actions that would help deter cybercrime.”
***
John Reed for Foreign Policy on why Sen. Collins isn’t a fan of the cyber EO. According to Sen. Collins:
The executive order is a big mistake . . . [f]irst of all, the executive order cannot grant the liability protections that are needed in order to encourage more participation by the private sector, so the executive order simply cannot accomplish what legislation can. In addition, an executive order is not lasting and it doesn’t reflect a consensus by Congress on what should be done.
The ACLU is not a fan either.
Leave a Reply