Connect with us

Cybersecurity

Langevin Makes the Case for Establishment of White House Cyber Security Director

WASHINGTON, July 20, 2011 – Despite bipartisan agreement over the need for effective cyber security legislation, members remain divided over authority and enforcement specifics.

In an opinion piece in the Saturday edition of the Washington Post, Rep. Jim Langevin (D-RI) critiqued another article published early July in which Sens. Joe Liebermann (ID-CT), Susan Collins (R-ME) and Tom Carper (D-DE) recommended proposed legislation that would grant the Department of Homeland Security (DHS) statutory authority to work with industry to identify and evaluate critical cyber infrastructure and establish best practices between government and the private sector in order to improve security.

Published

on

 [updated July 20, 2011, 6:10 pm EDT] Correction: Broadbandbreakfast.com incorrectly reported that the Cybersecurity and Internet Freedom Act of 2011 does not contain a provision for a Director of the proposed Office of Cyberspace Policy.

WASHINGTON, July 20, 2011 – Despite bipartisan agreement over the need for effective cyber security legislation, members remain divided over authority and enforcement specifics.

In a letter to the Editor in the Saturday edition of the Washington Post, Rep. Jim Langevin (D-RI) critiqued another article published early July in which Sens. Joe Liebermann (ID-CT), Susan Collins (R-ME) and Tom Carper (D-DE) recommended proposed legislation that would grant the Department of Homeland Security (DHS) statutory authority to work with industry to identify and evaluate critical cyber infrastructure and establish best practices between government and the private sector in order to improve security.

“The alternative could be a digital Pearl Harbor — and another day of infamy,” stated the senators.

Rep. Langevin, however, feels avoiding a “digital Pearl Harbor” with a cyber security gold-standard might be missing the mark, Langevin spokesman Jonathon Dworkin told BroadbandBreakfast.com on Saturday.

“We are supportive of their overall efforts, but [the senators] – and the White House – continue to leave out one of the core recommendations of the CSIS Commission, which is a strong White House Director that has the necessary authority to lead and coordinate the kind of comprehensive strategy we need,” said Dworkin.

The increasing dependence upon networked systems, and the vulnerabilities of critical infrastructure systems, makes fears of a major assault by a cunning adversary with digital weaponry no longer sound like something out of the show “24.” The string of publicized cyber intrusions and data breaches against major U.S. companies and government agencies make these fears ever more real.

The lack of strong diplomatic and military components to the senators’ plan was Langevin’s main concern.

“Defense Secretary Leon Panetta has warned of threats posed by other nations and terrorist organizations,” said Langevin – who founded the Congressional Cybersecurity Caucus – in his letter.

“The senators’ plan would give primary responsibility for our nation’s cyber-strategy to the Department of Homeland Security. However, while Homeland Security is doing impressive work domestically, our international effort requires a whole-of-government approach.”

While the Lieberman, Collins and Carper’s plan advocates giving more authority to DHS, Langevin is a believer in of the creation of a new position Executive Branch position that would coordinate cyber security efforts across government.

“The bipartisan Center for Strategic and International Studies’ cybersecurity commission, which I co-chaired,” said Langevin, “emphasized the need for a White House cybersecurity director, confirmed by the Senate, who would have budgetary and policy authority across government to require that agencies apply sufficient resources to protect themselves online.”

Despite some confusion in Rep. Langevin’s office as to the content of the bill, all parties seem in agreement: Section 102 of the Senate bill does, in fact, contain a provision for a White House Office of Cyberspace Policy Director, appointed by the President and confirmed by the Senate.

“Our legislation – the Cybersecurity and Internet Freedom Act – would establish an office of cyberspace policy at the White House, headed by a Senate-confirmed Director, to coordinate cyber security efforts across the federal government,” said the senators through a joint release Wednesday afternoon. “The Director would ‘oversee, coordinate, and integrate all policies and activities of the federal government across all instruments of national power relating to ensuring the security and resiliency of cyberspace, including … diplomatic, economic, military, intelligence, homeland security, and law enforcement policies and activities within and among federal agencies,’ very similar to what Congressman Langevin calls for. We appreciate Congressman Langevin’s commitment to cyber security and agree with him that it is imperative Congress pass comprehensive cyber security legislation.”

Langevin, announced the establishment of the Rhode Island Cyber Disruption Team last Monday, and was in attendance during the Pentagon’s cyber strategy announcement on Thursday.

[July 20, 2011, 6:37 pm EDT] Update: Jonathon Dworkin, Communications Director for Rep. Langevin issued a statement concerning his previous correspondence in regards to the Senate bill: “My email was misleading because the Senators’ bill, unlike the White House proposal, does have a Senate-confirmed White House position.  While there are differences in our respective proposals, we continue to be supportive of what [the Senators] are doing and look forward to continuing to work together to most effectively strengthen our cybersecurity.”

Josh Peterson is a DC-based journalist with a professional writing portfolio that includes work on US foreign policy and international affairs, telecom policy and cyber security, religion, arts, and music. He is currently a journalism intern at The National Journalism Center in Washington, D.C. and a former tech and social media intern at The Allan P. Kirby, Jr. Center for Constitutional Studies & Citizenship. Peterson received his Bachelor of Arts in philosophy and religion with a minor concentration in music from Hillsdale College in 2008. When he is not writing, Peterson lives a double life as a web designer, social media strategist, photographer, musician and mixed martial artist.

Cybersecurity

CES 2023: Consumers Need to Understand Personal Cybersecurity, Says White House Cyber Official

Consumers must better understand how to weigh risks and protect themselves in the digital world, said Camille Stewart Gloster.

Published

on

Photo of John Mitchell, Tobin Richardson, Amit Elazari, and Camille Stewart Gloster (left to right)

LAS VEGAS, January 7, 2023 – In addition to building a more robust cybersecurity workforce, policymakers should consider consumer education, said Camille Stewart Gloster, deputy national cyber director for technology and ecosystem for the White House, speaking Saturday at the Consumer Electronics Show.

CES 2023 has featured numerous discussions of cybersecurity in sectors ranging from transportation to Internet of Things home devices. On Thursday, an official from the Department of Homeland Security argued that manufactures should design and pre-configure devices to be secure, thus reducing the security burden on consumers.

For their own protection, consumers must better understand how to weigh risks and protect themselves in the digital world, Stewart Gloster said Saturday. “The sooner that people understand that their physical security and digital security are inextricably linked the better,” she argued. According to the panel’s moderator, Consumer Technology Association senior manager for government affairs John Mitchell, 82 percent of data breaches in 2021 involved “the human element, stolen credentials, phishing, misuse.”

Stewart Gloster’s team is working on a national cyber-workforce and education strategy, she said, which will address the federal cyber workforce, the national cyber workforce, cyber education, and “digital safety awareness.”

Stewart Gloster said workforce initiatives should promote the participation of “people of a diverse set of backgrounds who are highly skilled and multidisciplinary who can take a look at the problem space, who can apply their lived experiences, apply the things they’ve observed, apply their academic backgrounds to a challenging and ever evolving landscape.”

Continue Reading

Cybersecurity

CES 2023: Cybersecurity for IoT Devices Should be Market-Driven

NIST’s cybersecurity guidelines for IoT prescribe desired outcomes, rather than specific and ‘brittle’ standards.

Published

on

Michael Bergman (left) and Katerina Megas

LAS VEGAS, January 6, 2023 – Cybersecurity protocols for Internet of Things devices should be industry-driven, Katerina Megas, program manager of the Cybersecurity for Internet of Things Program at the National Institute of Standards and Technology, said Friday at the Consumer Electronics Show 2023.

The popularization of IoT devices gives cyber-criminals increasing opportunities to breach networks, many say. Network-connected household devices – e.g., lightbulbs and home security devices – can be entry-points if security protocols are lacking. On CES panel on Thursday, a cybersecurity official at the Department of Homeland Security argued that manufacturers should design and preset devices to be safe, shifting much of the burden from the consumer.

“For a long-term, sustainable solution, the best approach really is for demand to be market driven,” she said, adding that NIST is “happy” to support the market when called on. To preserve flexibility, NIST’s cybersecurity guidelines for IoT manufacturers in general prescribed desired outcomes, rather than specific and “brittle” standards, Megas said.

“How you achieve those [outcomes] will vary depending on the maturity of your organization, the architecture of your product, perhaps preferences that you might have for you own internal processes,” she explained.

Megas said manufacturers, who well know their devices’ technical capabilities, often lack an understanding of how consumers actually use their devices. Megas said she has examined how to “help a manufacturer who has no insights into the final contextual use of this product, how can we help them…understand, ‘Here are the risks associated with my device.’”

At an American Enterprise Institute panel held in November, Megas endorsed an “ecosystem approach” to cybersecurity, arguing that network security is also indispensable.

Continue Reading

Cybersecurity

CES 2023: Railroad Industry Needs Cybersecurity Update

Shawn Smith advocated heavily tailored, industry-specific approaches that can address to the unique needs of the rail industry.

Published

on

Photo of Shawn Smith, vice president of business development of Cylus

LAS VEGAS, January 5, 2023 – To keep pace with today’s technological innovations and cyberthreats, the railway industry must retool its cybersecurity defenses, said Shawn Smith, vice president of business development of rail cybersecurity company Cylus.

The railway industry is working to patch old vulnerabilities as well as the new ones that have been create by developing technologies, Smith told Broadband Breakfast at the Consumer Electronics Show on Thursday. The need for enhanced cybersecurity has been a recurring theme at the conference, as have the implications of the ever increasing number of devices and technologies now relying on connectivity.

“We’re really fast-tracking an operator’s ability to keep pace with the change in the digital environment that they’re operating in (and) the interconnectivity that they’re seeing,” Smith said, adding that his team works to provide “visibility, threat detection, and response capability to keep pace with the change in their organizations.”

Smith said that many of the large rail players have developed responses for some cybersecurity risks, but lack the automation and planning tools necessary to maximize their effectiveness. He advocated heavily tailored, industry-specific approaches that can address to the unique needs of the industry.

Governments and industry players worldwide have of late been on high alert for cyberthreats, particularly since Russia invaded Ukraine in February 2022. Railways, like other infrastructure, are potential targets for nefarious actors, Smith said.

Continue Reading

Signup for Broadband Breakfast

Twice-weekly Breakfast Media news alerts
* = required field

Broadband Breakfast Research Partner

Trending