August 26 2022

This Week in Washington 

The Hill Cyber agency highlights emerging threats from quantum computing
The Cybersecurity and Infrastructure Security Agency (CISA) released new advice Wednesday on ways critical infrastructure should prepare for potential security risks stemming from quantum computing. While quantum computing provides greater speed and power than classical computers, the emerging technology comes with potential risks, including data breaches, that could threaten the security of business transactions, secure communications, digital signatures and customer information.

Fierce Telecom More than a dozen Senators press Commerce chief to rethink BEAD rules
A quarter of the U.S. Senate signed on to a letter asking Department of Commerce head Gina Raimondo to revise the agency’s rules for a $42.5 billion broadband funding program, arguing guidelines released earlier this year deviated from Congress’ intent. At issue are rules the Department released for the Broadband, Equity, Access, and Deployment (BEAD) program in May. The missive, signed by 13 Republican senators, warned “Certain provisions go beyond the authority granted to NTIA and will discourage or deter broad provider participation.”

Protocol The White House wants new transparency into software components. The security benefits won’t arrive quickly.
A major U.S. initiative aimed at improving transparency into the security of software components has a long way to go before it will be able to reach its full potential. According to industry analysts and the federal official leading the “software bill of materials” (SBOM) effort for the government, the next phase of the initiative is ready to begin, with more vendors expected to soon start offering a detailed peek at the components used inside their software to federal customers. But while SBOM will need time to fully mature, the important thing is to get started with what’s ready now and build from here, said Allan Friedman, who heads the SBOM effort at the Cybersecurity and Infrastructure Security Agency.

Nextgov Advisory Board Sends Critical Infrastructure Cyber Recommendations to the White House
Members on the National Security Telecommunications Advisory Committee voted on Tuesday to send a new information technology impact report to President Joe Biden and reiterated its mission commitments to security compliance and fortified critical infrastructure. The report, which focuses on the security risks involved in the convergence of operational technology and information technology across digital systems, was ultimately approved unanimously to head to the executive branch.

POLITICO Congress ordered agencies to use tech that works for people with disabilities 24 years ago. Many still haven’t.
Congress made a portion of the 1973 Rehabilitation Act known as Section 508, which asks federal agencies to make technology accessible, mandatory in 1998. But nearly a quarter century later, they are still failing to do so. And it’s not just about ordering lunch. Roughly 30 percent of the most popular federal websites don’t meet accessibility standards, according to a 2021 report by the Information Technology and Innovation Foundation. Enforcement is virtually nonexistent, and agencies are spending little effort or money to comply.

Axios Lawmakers debut updated news competition bill modeled after Australia
A bipartisan group of House and Senate lawmakers on Monday unveiled an updated journalism competition bill that, if passed, would force tech companies to pay news companies for their content. Such a law would create a historic lifeline for the news industry, which has struggled in the digital era to compete with Big Tech firms for ad dollars, particularly at the local level. Yes, but: Even with bipartisan support, it’s unclear whether the bill will advance, especially in a midterm year.

Article Summary

Axios Privacy law’s hidden roadblock: Americans’ beliefs
Americans’ conception of privacy itself, as much as a deadlocked Congress, stands in the way of the U.S. adopting a national digital privacy law, experts tell Axios. U.S. citizens, uniquely among global populations, think of privacy as the right to decide who enters their space. American individualism historically emphasizes personal choice and freedom, especially freedom from government intrusion into personal space.

GCN 3 states get $1M to boost small biz cybersecurity
Three states are getting funding from the Small Business Administration to help improve the cybersecurity infrastructure of small businesses during their formative and most vulnerable years. As part of the SBA’s Cybersecurity for Small Business Pilot Program, Arkansas’ Forge Institute, Maryland’s Department of Commerce and Dakota State University in South Dakota are each receiving nearly $1 million to help new businesses protect their operations through training, counseling, remediation and other tailored cybersecurity services.

Government Technology NSC Releases State Planning Resource for Federal Broadband Funds
A resource published by the National Skills Coalition (NSC) last week aims to guide states through the implementation of the Digital Equity Act (DEA) and the Broadband Equity, Access, and Deployment (BEAD) Program. States have been working to prepare for the federal funding becoming available by staffing up and engaging partners. While states have been preparing for an influx of federal funding for broadband since the passage of the Infrastructure Investment and Jobs Act, being well-informed and planning will help states maximize the impact of these dollars.

The Hill Initiative aims to tackle cyber threats as self-driving cars gain traction
Two tech entities are teaming up to develop an industry-wide cybersecurity framework for autonomous vehicles in an effort to address cyber-related risks as companies look to take self-driving vehicles into the mainstream. The Association for Uncrewed Vehicle Systems International (AUVSI), a nonprofit organization that promotes the advancement of autonomous systems and robotics, said the framework will be based on cyber standards Fortress Information Security helped develop for the utilities industry. Fortress is a security service firm that protects critical industries from cybersecurity threats.

CNBC Microsoft and ByteDance are collaborating on a big AI project, even as US-China rivalry heats up
The high-stakes battle between the U.S. and China for supremacy in artificial intelligence has domestic lawmakers growing increasingly concerned over what losing out could mean for national security, the economy and American prosperity. Indeed, some AI experts even say that cross-border cooperation is key to getting the most out of advancements in computing. Engineers from Microsoft and China’s ByteDance, the parent of TikTok, are doing their part to advance that notion. Through a project called KubeRay, they’re working together on software intended to help companies more efficiently run AI apps.

GCN New report warns of growing ‘data divide’
A recent report from the Center for Data Innovation warns about an emerging “data divide” and calls on policymakers to adopt new ways of thinking about how to equally distribute gains in the data economy. The report includes a broad set of recommendations to help close the divide, from developing targeted outreach programs for underrepresented communities to amending the Federal Data Strategy (FDS) to acknowledge and better address the data divide.

Featured Podcast

U.S. National Privacy and Cybersecurity Podcast

  • Podcast on Privacy and Cybersecurity Governance
    In this episode, we interview David Navetta, vice chair of Cooley LLP’s cyber/data/privacy practice and a prominent leader in privacy, information security and technology law. We discuss the differences between cybersecurity governance and privacy governance, what are the critical activities in privacy governance, what actions are the hardest for organizations to implement, and how privacy governance will evolve in the future. David is a frontrunner in privacy and security and shares his decades of experience and insights into what lies ahead in these fields. (76 | Privacy Governance v. Cybersecurity Governance – August 22, 2022)