Cybersecurity Legislation and Policy News Roundup
Here is a roundup of some important legislative and policy news from last week:
White House Cybersecurity News Update
Last week, the White House experienced significant cybersecurity staff turnover as it preps a national cyber strategy for a planned May release. According to The Hill, “President Trump’s cybersecurity coordinator, Rob Joyce, revealed [last] week that he would vacate his post and return to the National Security Agency (NSA), ending a 14-month stint at the White House. News of his planned departure came less than a week after the resignation of homeland security adviser Tom Bossert.” This shakeup comes at a time when the White House is developing a national cyber strategy. According to NextGov, “An updated national strategy that will guide how the Trump administration handles cyber defense and threats is being debated at the White House and ‘should be forthcoming in the near future,’ a Pentagon official told lawmakers [last] Wednesday. That strategy, in turn, will inform a Defense Department cyber posture document that will likely come out in August, Assistant Secretary of Defense Kenneth Rapuano said.”
US CERT: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
Last week, US-CERT released an alert that stated “Since 2015, the U.S. Government received information from multiple sources—including private and public sector cybersecurity research organizations and allies—that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide. The U.S. Government assesses that cyber actors supported by the Russian government carried out this worldwide campaign. These operations enable espionage and intellectual property theft that supports the Russian Federation’s national security and economic goals.” In an interview with The Cipher Brief, Robert Hannigan, former director of the UK’s Government Communications Headquarters, said, “The point about router and other network attacks is that they enable a wide range of cyber operations against a huge set of secondary targets, whether for intelligence gathering or the delivery of denial of service, or much more sophisticated destructive attacks. […] [The joint U.S.-UK attribution] may not stop [Russia], but it will now be part of their risk calculation.”
Expert Commentary Addresses Active Cyber Defense and Cyber Threat Intelligence
Last week, two excellent articles provided commentary about the issues of active cyber defense and cyber threat intelligence.
In The Hill¸ Dr. Irving Lachow, deputy director of cyber strategy and execution at The MITRE Corporation, said “While active defenses are promising, they also raise a range of issues that need to be addressed by policymakers. Two possible risks include collateral damage to third parties and inadvertent escalation of tension with other countries. To avoid such risks and realize the benefits of active defenses, Congress and the executive branch must begin providing guidance to companies that can both provide and consume active defense services.”
The Cipher Brief recapped a discussion with Tonya Ugoretz (who heads the Cyber Threat Intelligence Integration Center) and Marianne Bailey (deputy national manager of National Security Systems at NSA) at the publication’s annual Threat Conference in Sea Island, Ga. Ugoretz said, “The government doesn’t have a monopoly on threat intelligence […]. And so the broader challenge is how do I not only integrate all those varied pieces across the federal cyber community, but also think about how the federal government can partner with the private cybersecurity companies who have that very unique insight that the U.S. government is not going to have. But do so in a way that we protect privacy, protect civil liberties.”
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week: