NTSC Technology Security Roundup

Weekly News Roundup: March 19, 2018

New ICANN Standards Increase Privacy but Raise US Law Enforcement Concerns

With GDPR on the way, ICANN has decided to lessen the amount of information a website domain holder needs to submit when registering a website. However, that lack of information concerns both US law enforcement and technology companies seeking to prosecute cybercriminals. According to The Hill, “The U.S. government and American technology companies say [the new] rules will make it harder for them to crack down on malicious actors on their platforms. Currently, names, addresses and contact information for those who register a website can be accessed publicly in many cases. Law enforcement often uses this information to track down suspected criminals. The change is being made to adhere to new European Union regulations, set to take effect on May 25.”

Energy Sector Cybersecurity Identified as High Priority by House Committee

FCW reported on a hearing of the House Energy and Commerce Committee last Wednesday about how the Department of Energy is handling cybersecurity with its new office. According to FCW, “[Department of Energy undersecretary Mark Menezes] provided [committee] members with some specifics about the future of the department's new cyber office, as well as the department's cybersecurity priorities, emphasizing the creation of the new office—and its absorption of other Energy programs—is ‘just an initial step.’ Menezes wants the office's priorities to be sharing vulnerability information with industry, engaging in training programs for the future cyber workforce and building towards countering cyber threats with artificial intelligence.”

US Cyber Warfare…With No Offensive Capability?

As cyber warfare becomes more common as a way for nations to strike each other offensively, the United States is in a unique position of not being able to independently mount offensive cyberattacks. Last Tuesday, representatives from the US Armed Forces talked about their concerns at a Senate Armed Services Subcommittee hearing on cybersecurity. According to CyberScoop, “Military organizations largely lack the authorities to act independently in cyberspace. Approval usually begins with an interagency review and ends with direct permission from the president. Historically, this arrangement has led to a long line of denials. One lawmaker, Sen. Ben Sasse, R-Neb., described the current approval process as being ‘slow as molasses.’”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

White House Prevents Broadcom’s Takeover of Qualcomm for National Security Reasons

Last Monday, an executive order by President Trump prohibited the takeover of Qualcomm by Broadcom. The order states: “There is credible evidence that leads me to believe that Broadcom Limited […] through exercising control of Qualcomm Incorporated (Qualcomm), a Delaware corporation, might take action that threatens to impair the national security of the United States.” According to USA Today, “The takeover, which would have been the largest transaction the technology industry had ever seen, was tripped up by concerns that it posed a threat to American competitiveness in mobile technology by putting one of the largest mobile chip makers in the U.S. under the control of a company based in Asia.”