Scoop: The public-private ICT supply chain security task force plans to craft a legislative proposal to improve information sharing, including liability protections. Task force has found companies are afraid of vendors suing them for sharing info on risks. subscriber.politicopro.com/article/2021/0…
The supply chain task force approved the plan to develop an info sharing proposal at its 2/12 meeting, along w/ other projects (stay tuned for more on those).
The task force won't send its proposal directly to WH or Congress but will find other parties best positioned to do so.
"We wouldn't do the advocacy per se," a person involved in the task force's work said of the info sharing proposal. "We would provide the analysis and the motivation for [that advocacy]."
If you're thinking to yourself, "Didn't Congress already pass an info sharing bill with liability protections?", you're right. en.wikipedia.org/wiki/Cybersecu…
But the law hasn't lived up to its promise, and now this task force wants to take another bite at the apple.
Following up on yesterday's scoop about the supply chain task force, I've got more exclusive details about the group's next steps (including a public awareness campaign about its reports) in today's @MorningCybersec: subscriber.politicopro.com/newsletter/202…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
One of the three men charged was previously charged in connection with this activity in 2018: justice.gov/opa/pr/north-k…
"The DPRK cyber threat has followed the money and turned its revenue-generation sights on the most cutting-edge aspects of international finance, including through the theft of cryptocurrency from exchanges and other financial institutions," AAG John Demers says on press call.
Naturally, this storm is worsening our already dysfunctional vaccine rollout process.
"Dallas hit 5 degrees on Monday morning, its coldest reading since 1989. ... In Dallas the average high on Feb. 14 is about 58 degrees, the average low 42 degrees."
Half of the witnesses (@C_C_Krebs and former Principal Deputy DNI Sue Gordon) were pushed out by Trump.
One theme from hearing so far: interest in making CISA the civilian fed govt's network defender. Not just helping, but actually supervising improvements to agencies' networks.
One suggestion made: let agencies offload accountability to CISA in exchange for giving up authority.
Another notable moment: @C_C_Krebs noted how little $ CISA had for IR and for CI operator engagement and said his "biggest regret" as director was inability to "plow additional resources" Into CI community engagement.
$800m of CISA's $1.2b cyber budget went to CDM and EINSTEIN.
In her first public remarks since becoming Biden's deputy natsec adviser for cyber, Anne Neuberger tells a federal advisory board that one of the admin's priorities will be "to build back better from the SolarWinds incident with modernized defenses in cyberspace."
"President Biden has immediately shown leadership with saying we've got to get a handle on the SolarWinds incident," Neuberger says.
Neuberger spoke during the opening of a National Security Telecommunications Advisory Committee meeting.
.@EACgov commissioners are meeting now to vote on whether to adopt a major overhaul of federal voting system guidelines, which includes many new security, privacy, and accessibility provisions. eac.gov/sites/default/…
@EACgov “VVSG 2.0 is a major step forward to ensure the next generation of voting equipment is more secure and accessible and ensures a better voting experience for all Americans," says Chairman @benhovland.
@EACgov@benhovland Hovland: “Election security has been a major topic and focus during these efforts, and I'm proud that the VVSG 2.0 includes provisions to ensure that we will have more paper ballots and built-in support for election officials to conduct more efficient post-election audits.”