Thursday, May 13, 2021
Key Issues Maxar McCord on the budget Army troop levels
Charlie is an authority on congressional procedure and politics, and has covered multiple subject areas over the course of his career including the structure of government, ethics, environmental and energy policy, international trade, tax reform, and healthcare reform. A veteran journalist, Charlie writes eye-opening, entertaining pieces for the most informed audiences in the nation's capital. He is a regular speaker and panelist at cybersecurity events in Washington, D.C.
Federal officials are digging into policy gaps exposed by the SolarWinds hack, including shortcomings in cyber info-sharing, and weighing actions the United States will take against a highly sophisticated threat actor in response to the massive infiltration of government and private-sector systems, according to deputy national security adviser for cyber Anne Neuberger.
Defense Secretary-nominee Lloyd Austin emphasized the department's supporting role in helping secure commercial networks from cyberattack, and stressed the need for partnerships across government and with the private sector, echoing a common refrain of President Biden's nominees when it comes to cybersecurity.
House and Senate conferees have agreed to include major cybersecurity pieces in the annual defense policy bill, creating a National Cyber Director and adopting other proposals that will make the legislation "the most significant cyber bill Congress has ever passed," according to Cyberspace Solarium Commission senior adviser Mark Montgomery.
The Pentagon's Cybersecurity Maturity Model Certification program will fall short in securing the defense industrial base because it fails to address underlying economic realities that limit how much small and mid-sized businesses can invest in cyber, according to the industry group Internet Security Alliance.
The annual defense authorization bill cleared a hurdle late Wednesday, passing the House Armed Services Committee on a 56-0 vote and advancing a number of Cyberspace Solarium Commission and other cybersecurity proposals.
The annual defense policy bill approved Wednesday night by the Senate Armed Services Committee includes provisions to implement 11 of the Cyberspace Solarium Commission’s recommendations, including a call for studying "the feasibility and advisability" of creating of a national cybersecurity director.
SAN FRANCISCO -- Pentagon acquisition Chief Information Security Officer Katie Arrington this week vigorously defended the ban on government purchases of Huawei and other Chinese-made telecom products while arguing that pieces of a more comprehensive supply-chain security policy are being put into place.
President Trump today suggested a de-escalation in the military confrontation with Iran along with new sanctions against that country, an evolving dynamic that may do little to diminish the lingering threat of cyberattacks targeting U.S. critical infrastructure.
The U.S. attack on Iran's top general has the cybersecurity community bracing for possible retaliation in cyberspace, while also pointing to the security tools that are in place and the ongoing policy needs that are highlighted by the latest -- perhaps most serious -- clash with a known international cyber aggressor.
The fiscal year 2020 defense authorization conference bill includes language requiring congressional notification before the commerce secretary can remove Huawei from the "Entity List" restricting sales of U.S. components to the Chinese telecom, a procedural hurdle added to the bill amid congressional concerns over the Trump administration's commitment to maintaining a hard line on the cyber threat from China.
Rep. John Ratcliffe's (R-TX) current claim to fame is a viral moment from last week's Mueller hearings, but the lawmaker selected to become the next director of national intelligence also would bring cybersecurity bona fides to the DNI role.
The public-private partnership approach to cybersecurity is advancing on several fronts, but a couple of developments yesterday showed just how challenging this space is for policymakers.
Acting Defense Secretary Pat Shanahan this week said China was stealing U.S. technology at a "staggering" rate and raised concerns about possible Chinese dominance of next-generation "5G" telecom networks -- remarks that come as U.S. and Chinese trade officials move toward concluding talks that have included cyber theft of intellectual property as a key component.
The National Institute of Standards and Technology's framework of cybersecurity standards, released five years ago, helped power a cost-effective approach to cyber risk management at the Defense Department that aligns in many ways with how the framework is employed by the private sector, according to senior National Security Agency official Pat Arvidson.
The communications sector and U.S. Northern Command have launched a collaborative effort on cybersecurity and other challenges that telecom industry leaders characterize as "the first major engagement" between the industry and the armed services on confronting these issues at a strategic level.
National security adviser John Bolton today announced what he called the first updated national cybersecurity strategy in 15 years, with a strong emphasis on deterrence, interagency coordination and protecting critical infrastructure.
Senate Armed Services cybersecurity subcommittee Chairman Mike Rounds (R-SD) is praising the Trump administration for scrapping an Obama-era order on offensive military actions in cyberspace, while former top cybersecurity officials found positives as well as concerning elements in the policy move.
Industry sources and Obama administration veterans are expressing concerns about President Trump's decision to scrap Presidential Policy Directive-20 -- which has guided the use of cyber weapons by the military -- while other sources say this simply removes bureaucratic hurdles that have undermined cyber deterrence policy.
As President Trump meets this week with fellow NATO leaders in Brussels, former State Department cybersecurity coordinator Christopher Painter says the alliance continues to work well together on cybersecurity amid larger political tensions and a general scaling back of U.S. initiatives on the issue.
The Department of Homeland Security today released its "Cybersecurity Strategy," a document required by Congress that addresses issues ranging from risk assessment to threat reduction, which comes amid various calls from Capitol Hill for a detailed explanation of the Trump administration's overall cyber approach.