recommended reading

Congress to Grill DHS Nominee, Former Yahoo and Equifax CEOs

Colin Dewar/Shutterstock.com

Rep. Paul Ryan’s bill to overhaul how agencies use data to evaluate the effectiveness of their programs is moving fast.

He introduced the Foundations for Evidence-Based Policymaking Act to the House Tuesday and the House Oversight Committee passed it by voice vote Thursday. The bill includes a version of the OPEN Government Data Act, which also appears as part of the Senate’s annual defense authorization bill. The versions do have differences, most substantially that Ryan’s version requires all federal agencies appoint a chief data officer.

Sen. Patty Murray, D-Wash., introduced the companion bill to the Senate.

Batter Up at DHS

Next week’s cyber main event will come Wednesday when President Donald Trump’s nominee to be the next Homeland Security secretary, Kirstjen Nielsen, appears before the Senate Homeland Security Committee.

Nielsen was former Homeland Security Secretary John Kelly’s chief of staff before he left for the White House and has worked extensively in private sector cybersecurity. She was also reportedly the top contender to helm the department’s still-leaderless cyber and infrastructure protection division.

The committee will meet to consider Nielsen’s nomination Thursday.

Elevating the HHS CISO

Legislation introduced by two House Energy and Commerce members Wednesday would elevate the Health and Human Services Department’s chief information security officer to report directly to the department secretary or another top-ranking official.

The department’s top information security officer currently reports to its chief information officer. The bill from Reps. Billy Long, R-Mo., and Doris Matsui, D-Calif., also requires a report on how the department handles cyber threats.

Cyber Bill Crosses Finish Line

President Donald Trump, on Thursday, signed a bill that provides congressional authorization for the Secret Service’s National Computer Forensics Institute, which helps state and local governments solve digital crimes.

The Strengthening State and Local Cyber Crime Fighting Act was sponsored in the House by Rep. John Ratcliffe, R-Texas, chair of the House Homeland Security Committee’s cyber panel, and by Senate Judiciary Chair Chuck Grassley, R-Iowa, in the Senate.

NIST Not Entering the Auditing Game

House Science leaders stepped back Tuesday from a controversial plan to task the Commerce Department’s cyber standards agency with also auditing federal agency’s cybersecurity. A revised version of the bill only tasks the National Institute of Standards and Technology with assisting agency inspectors general with those audits.

The bill, which passed the Science Committee earlier this year, still faces a rocky road and passage is far from assured. Committee Chairman Lamar Smith, R-Texas, announced this week he won’t seek reelection in 2018.

More Lawmakers Sign onto Cyber Strike-Back Bill

Seven additional House lawmakers signed on Friday to a bill that would allow companies to strike back against their cyber assailants in limited ways.

House Oversight Chairman Trey Gowdy, R-S.C. was among the five Republicans and two Democrats who signed onto the Active Cyber Defense Certainty Act, which was originally sponsored by Reps. Tom Grave, R-Ga., and Kyrsten Sinema, D-Ariz.

Companies would still be barred from returning digital fire under the legislation but they’d be allowed to leave their own networks to retrieve or destroy stolen files in some circumstances.

The Quick-Quick Facebook/Twitter/Google Hearing Summary

The lawyers of three of tech’s most prominent companies testified at three Congressional hearings about political advertising linked to Russia. Like any good data breach, the numbers climbed considerably from the initial reports: Ads reached 126 million people on Facebook and 20 million on Instagram. The ads primarily focused on building Facebook pages, which then could distribute content organically. One Russian Facebook page amassed 3.3 million followers, though those users wouldn’t know it because Facebook has never notified them. And two such pages created simultaneous real-life events—with opposite interests—at the same location that ended in real-life confrontations, according to Sen. Mark Warner’s statement.

All three companies refrained from supporting the only proposed legislation—so far—to regulate political ads, the Honest Ads Act. That bill would force social media and other web platforms to disclose who paid for political ads posted on their sites.

Sex-Trafficking Bill and Data Breaches on Tap

The Senate Commerce, Science and Transportation Committee on Wednesday will consider the Stop Enabling Sex Traffickers Act, a well-meaning but controversial bill that’s collected 36 bipartisan cosponsors. SESTA aims to stop websites that facilitate human trafficking by amending a law that prevents websites from being held liable for user-generated content. However, opponents argue the bill could open the door for frivolous lawsuits against tech companies. and curb free speech online.

After the business meeting, the committee has called in former executives from companies that suffered two of the biggest data breaches in history: Yahoo’s 2013 breach of 3 billion users and Equifax’s breach of 145 million from this year. Witnesses include former Yahoo Chief Executive Officer Marissa Mayer, Verizon Communications Deputy General Counsel and Chief Privacy Officer Karen Zacharia, former Equifax CEO Richard Smith and Equifax’s interim CEO Paulino do Rego Barros.

Coming Up

The House Ways and Means Committee starts markup of the Tax Cuts and Jobs Act Monday at noon with plans to continue through the week as necessary.

A House Homeland Security subcommittee gets experts from the City of New York Fire Department, Texas A&M University and the Security Industry Association to share what it’s like to work with the department’s Science and Technology Directorate Tuesday at 10 a.m., while a Senate Commerce subcommittee examines how the internet of things could be used in rural America. In the afternoon, a House Judiciary subcommittee listens to legal experts, including from the Software and Information Industry Association, discuss the effects of sovereign immunity on intellectual property.

Wednesday, two House Oversight and Government Reforms panels dive into the cybersecurity of voting machines. A House Space, Science and Technology subcommittee hears testimony from climate scientists and researchers about geoengineering, which is a large-scale environmental modification to counteract climate change.

House SST’s space committee gets an update on developing space exploration systems from NASA’s Human Exploration and Operations Directorate and American Institute of Aeronautics and Astronautics Thursday morning.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov