Book Excerpt Cautions Against the Dangers of US Cyber Command’s New Offensive Approach
An excerpt (published in The New York Times) from David Sanger’s new book “The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age” cautions against unintended consequences of US Cyber Command (now a unified combatant command) taking a more aggressive approach against threat actors. Some of Sanger’s concerns include the risks of starting a war with other countries, the current readiness of US Cyber Command, and the White House’s gutting of top-level cybersecurity leadership. According to Sanger, “The change in approach was not formally debated inside the White House before it was issued, according to current and former administration officials. […] It is unclear how carefully the administration has weighed the various risks involved if the plan is acted on in classified operations.”
White House Selects New VEP Leader and Considers a Flavor of GDPR for the US
With the Vulnerabilities Equities Process (VEP) made more transparent by the Trump administration last year, CyberScoop reported on Thursday that the White House has selected a new VEP leader. According to CyberScoop, “Grant Schneider, the National Security Council’s senior director for cybersecurity policy, has been named chairman of the Vulnerability Equities Process (VEP) board, an NSC spokesperson told CyberScoop. Schneider is also currently serving as the acting federal chief information security officer.” Also, Axios reported that the White House is considering stronger data privacy laws in the wake of GDPR. According to the publication, “Gail Slater, special assistant to President Trump for tech, telecom and cyber policy at the White House National Economic Council, has met with industry groups to discuss possible ways to put in place guardrails for the use of personal data, according to multiple sources familiar with the matter.”
FY2019 Homeland Security Appropriations Bill Pushes for Stronger Cybersecurity Funding
A FY2019 Homeland Security appropriations bill cleared a Senate subcommittee last week and moves to the Senate. Summarized in NextGov, the bill boosts cybersecurity funding in several areas:
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week:
F-Secure to Acquire MWR InfoSecurity
Last Monday, F-Secure announced it would acquire MWR InfoSecurity, which describes itself as “a global provider of world class research-led cyber security solutions with a range of products and services for clients worldwide.” According to a press release, “The acquisition is a significant milestone in the execution of F-Secure’s growth strategy, and makes it the largest European single source of cyber security services and detection and response solutions. […] With close to 400 employees, MWR InfoSecurity is among the largest cyber security service providers serving enterprises globally. MWR InfoSecurity has highly skilled experts in offensive techniques who understand the attacker mindset and is well-known in the industry for its technical expertise and research.”