US Senate Approves Christopher Krebs as Undersecretary for the DHS’s NPPD
Last Tuesday, the Senate approved Christopher Krebs to serve as the undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate (NPPD). Krebs had already served as acting undersecretary since August 2017 and was nominated by President Trump to serve as undersecretary in February 2018. According to FCW, “Krebs has said his top legislative priority is getting NPPD rebranded as the Cybersecurity and Infrastructure Security Agency. The renaming is still up to Congress, and a plan to redefine the scope and authority of the DHS cybersecurity shop is part of a still pending authorization bill.” Last week, the NTSC released a statement supporting this confirmation.
House Reintroduces Bipartisan Bill to Standardize National Encryption Policy
On Thursday, June 7, Congressman Ted W. Lieu (D-California), Congressman Mike Bishop (R-Michigan), Congresswoman Suzan DelBene (D-Washington), and Congressman Jim Jordan (R-Ohio) reintroduced the Ensuring National Constitutional Rights for Your Private Telecommunications (ENCRYPT) Act. The legislation would preempt state and local government encryption laws to ensure a uniform, national policy for the interstate issue of encryption technology. According to eWeek, “If the ENCRYPT Act passes and becomes law, it would prohibit the states from requiring anyone that develops products that support encryption to enable the surveillance of their products or allow the physical search of the product by any state or federal agency. It would also prohibit any requirements that products include built-in back doors or other means of decryption. Furthermore the bill would prevent states from prohibiting the sale or use of products that use encryption or similar security technology.”
Senate Amendments Press White House on Cyber Deterrence and Filling Vacant Cybersecurity Role
On May 24, the NTSC published an op-ed in The Hill titled “This administration must lead on cyber” that argued for the White House to fill the recently unfilled role of cybersecurity coordinator after the departures of Tom Bossert and Rob Joyce. Several Senators seem to agree with that assessment according to several recent amendments filed as attachments to the National Defense Authorization Act. According to NextGov, “One such amendment, authored by Sen. Martin Heinrich, D-N.M., would require President Donald Trump to appoint a White House cybersecurity coordinator, reversing a move by National Security Adviser John Bolton who removed the role in May.” NextGov also noted an amendment that exerts some pressure on the White House to show a stronger cyber deterrence policy: “Another Senate amendment from Sen. David Perdue, R-Ga., would require the Trump administration to publish an extensive cyber strategy, including outlining possible repercussions for adversary cyber strikes targeting the United States.”
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week:
Splunk Agrees to Acquire DevOps Incident Management Company VictorOps
According to a press release, Splunk will acquire VictorOps, a DevOps incident management company, for a total purchase price of approximately $120 million. The press release says, “The combination of Splunk Enterprise and VictorOps will deliver a ‘Platform of Engagement’– combining monitoring, event management, on-call management and ChatOps. Ultimately, this enables modern engineering and operations teams to quickly solve problems in high-velocity deployment environments to maximize customer success.” Security Week noted “the acquisition of VictorOps builds on the earlier $350 million acquisition of Phantom. While Phantom also helps automate IT teams' responses to alerts, it lacks VictorOps' team collaboration capabilities.”