January 28 2022

This Week in Washington

CNN White House attempts to strengthen federal cybersecurity after major hacks
The White House plans to release an ambitious strategy Wednesday to make federal agencies tighten their cybersecurity controls after a series of high-profile hacks against government and private infrastructure in the last two years, according to a copy shared with CNN. It’s one of the biggest efforts yet by the Biden administration to secure the computer networks that the government relies on to do business.

FedScoop House lawmakers introduce FISMA modernization legislation
House lawmakers have introduced new legislation that would clarify federal cybersecurity roles, improve shared services and advance a risk-based cybersecurity posture under the Federal Information Security Management Act (FISMA). The proposed law, introduced by House Committee on Oversight and Reform Chairwoman Rep. Carolyn Maloney, D-N.Y., and ranking member Rep. James Comer, R-Ky., would update FISMA for the first time since 2014.

New York Times Commerce Dept. Survey Uncovers ‘Alarming’ Chip Shortages
The United States is facing an “alarming” shortage of semiconductors, a government survey of more than 150 companies that make and buy chips found; the situation is threatening American factory production and helping to fuel inflation, Gina M. Raimondo, the commerce secretary, said in an interview on Monday. She said the findings showed a critical need to support domestic manufacturing and called on Congress to pass legislation aimed at bolstering U.S. competitiveness with China by enabling more American production.

Axios Coming: “Nutrition labels” for internet service
The FCC will vote Thursday on a proposal to make companies cough up the details of their internet speeds and prices in easy-to-read “broadband nutrition labels.” The communications regulator is newly flexing its muscles over cable and telecom companies in an attempt to make it easier for consumers to comparison shop for high-speed internet.

Bloomberg New Antitrust Drama Could Favor Smaller Businesses
It’s a familiar fight. For years, small- and medium-sized business have argued that they can’t compete on the platforms and app stores run by companies like Apple, Google and Amazon. The Silicon Valley giants, for their part, argue that their rules are fair and their services provide huge value to Main Street businesses. Who’s winning? This week it looks like the smaller tech companies have the upper hand in Washington—at least for now.

Axios IRS face recognition program raises hackles
The IRS’ move to require some taxpayers to use facial recognition to identify themselves is reigniting a debate over how the government should use such technology. Critics warn that, without sufficient guardrails, information collected by one agency for a seemingly benign purpose could easily be re-used in other ways. The IRS will soon require taxpayers to provide a third-party company — ID.me — with a combination of documents and a video selfie to verify their identity before undertaking certain online interactions with the agency.

Reuters U.S. SEC Chair Gensler maps out potential overhaul to agency’s cyber rules
The U.S. securities regulator is considering extending cyber risk management rules to third-party service providers, and beefing up public company disclosures when they experience a breach, the head of the Securities and Exchange Commission (SEC) said on Monday. Gary Gensler, in an address to securities industry professionals, mapped out a sweeping overhaul of SEC cyber rules, including changes to how stock exchanges and clearinghouses mitigate and report on cyber risk under the Regulation “Systems Compliance and Integrity” (SCI) aimed at reducing systems issues and improving resilience.

Infosecurity Magazine SBA Announces $3m Cybersecurity Program
The United States Small Business Administration (SBA) has launched a program to help the country’s emerging small businesses to improve their cybersecurity infrastructure.  SBA administrator Isabella Casillas Guzman, who heads the SBA, announced the new Cybersecurity for Small Business Pilot Program on Friday. The SBA will award $3m in grants to help entrepreneurs defend against cyber-threats through the program.

CyberScoop Security fears over antitrust legislation raise looming questions about a federal privacy law
A bill designed to break up America’s largest tech companies could come with an inadvertent side effect, its critics are arguing: weakening Americans’ privacy and data security. Detractors of the “American Innovation and Choice Online Act,” including Apple and Google, are campaigning against the legislation, contending that it would limit how companies are able to protect users’ privacy and security. “These bills may compel us to share the sensitive data you store with us with unknown companies in ways that could compromise your privacy,” Google’s president of global affairs Kent Walker wrote in a blog post Tuesday.

The Hill Biden administration announces policy changes to attract international STEM students
The Biden administration announced new efforts on Friday to attract international science, technology, engineering and math (STEM) students and researchers to the U.S. as part of its mission to increase recruitment of talent abroad. Friday’s announcement said the Department of State’s Bureau of Educational and Cultural Affairs (ECA) will implement new guidance, allowing up to 36 months of academic training for STEM students on a J-1 visa, or a non-immigrant visa for those participating in an exchange visitor program.

Bloomberg The FTC’s antitrust case against Meta could be great for privacy
Right after Thanksgiving in 2011, the Federal Trade Commission announced it had caught Facebook in several lies about privacy occurring over the prior two years. The company, it said, had agreed to a settlement and would be making changes going forward to protect users’ data. The agreement, to put it mildly, doesn’t seem to have gone as the FTC planned. One $5 billion fine for privacy abuses and an unending stream of scandals later, the FTC is in the middle of litigation with the company now known as Meta over alleged antitrust violations, which were long thought to belong to an entirely separate area of law.

Article Summary

Associated Press Official says Puerto Rico’s Senate targeted by cyberattack
Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page, the latest in a string of similar incidents in recent years. Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation.

Microsoft Official Blog Building resiliency and spurring innovation: customers are using the Microsoft Cloud to advance industries and keep business moving forward
Since the start of the pandemic, organizations representing a cross-section of industries have mobilized to adopt digital technologies to gain insights from their data and unlock cloud-based innovation. With the Microsoft Cloud, customers are reimagining ways to deliver patient care and provide access to critical services, secure their digital environments to scale and maintain business operations, extend frontline worker productivity, enhance employee experiences, and encourage new forms of business engagement and interaction.

Nextgov NIST Releases Final Cybersecurity Assessment Guidance
The National Institute of Standards and Technology issued its newest and final copy of guidance for organizations to assess their internal security IT systems, following a draft copy and comment period.  The document, titled “Assessing Security and Privacy Controls in Information Systems and Organizations,” focuses on helping entities manage cybersecurity risks across their individual networks.

The Seattle Times Microsoft backs new approach to save local news in Yakima
An extraordinary effort to save local journalism in the Yakima Valley, backed by Microsoft and local supporters, is taking off this year. The Yakima Free Press campaign aims to raise at least $1 million annually for several years to sustain and grow essential news coverage as the local-news business evolves. If successful, that will start with adding four reporters at the Yakima Herald-Republic newspaper, which will provide free online access to their stories.

Tech Podcast of the Week

Data Privacy Detective

  • Podcast on Backup Services for Data Privacy
    Backup – what does it have to do with protecting data privacy? And how does a backup service work? What should businesses and individuals know about backing up their digital data? On one hand, a backup of data provides a second target for data thieves. Not properly handled, backups can increase privacy risks. But without a backup of data, it can be lost and subject to exfiltration by thieves who steal or freeze the data held by businesses and government, the prime targets of ransomware criminals. (Episode 80 – Backup and Privacy – January 24, 2022)