Connect with us

Cybersecurity

Commerce Department Commits to Funding Solutions to Technology Threats

Secretary of Commerce Gina Raimondo said more funding will go toward cybersecurity concerns.

Published

on

Secretary of Commerce Gina Raimondo

June 9, 2021—The Commerce Department plans to devote extra funding and attention toward mitigating national security threats posed in the evolving tech industry in the coming year, said Secretary of Commerce Gina Raimondo on Monday.

Addressing the Subcommittee on Consumer Protection and Commerce of the Committee on Energy and Commerce, Raimondo said the department is focusing its 2022 fiscal budget on addressing funding concerns surrounding cybersecurity, artificial intelligence and vulnerabilities in the telecommunications industry.

Raimondo says that the Commerce Department intends to set standards that address the national security concerns raised by lawmakers.

“Here’s what I do know: when the standards get baked, they define the whole industry,” she said. “And if we aren’t the ones making those standards, that is a real problem.”

She says that the United States needs to lead the world in regulating the tech industry, because whoever is first will shape the industry for the rest of the world.

Cybersecurity concerns

Following high-profile cybersecurity attacks on software company SolarWinds and Colonial Pipeline, she says the department is taking the threat of ransomware and cybersecurity seriously.

In an op-ed published last month, Raimondo wrote, “This latest [Colonial Pipeline] attack should serve as a clarion call for organizations across the country to shore up their cyber defenses and get ahead of future threats.”

She told the committee that cybersecurity was a concern of the private sector, but that the federal government need to put pressure on the private sector to take it more seriously in the future in order to prevent similar attacks on our national infrastructure.

Following the attack last month, President Joe Biden signed an executive order on improving the U.S.’s cybersecurity capabilities. The order will establish a cybersecurity review board tasked with analyzing cyberattacks in order to find preventative techniques.

A cybersecurity official in the Department of Homeland Security said this month that the federal government needs more consistent funding from Congress to address these threats.

Artificial intelligence and Chinese influence

Rep. Jan Schakowsky, D-Illinois, said the Covid-19 pandemic revealed the U.S.’s lack of manufacturing capacity as it is unable to respond to the pandemic, and supply chains were interrupted. Raimondo noted the implications of this for the technology industry, taking especial interest in the development of artificial intelligence technology.

She says that the use of semiconductors are essential in artificial intelligence research, and that while the U.S. is dependent on Taiwan for these semiconductors, China has invested in their domestic manufacturing in order to provide the semiconductors themselves. She says that, should another disruption to the U.S.’s supply chain occur, China could take the lead on this emerging technology.

Vulnerabilities in the telecom market

Raimondo stressed the importance of investing in American manufacturing, citing the telecommunications market as reliant on the sector. She says that much of the equipment that telecom companies use is provided by the Chinese company Huawei, in large part due to the relatively low cost of the company’s equipment versus European rivals Nokia and Ericsson.

Because of the potential for data collection and spying, she called this practice a “serious national security risk,” and that the U.S. needs to invest in domestic manufacturing in order to protect our privacy from China which could act in bad faith.

On Tuesday, the Senate passed a bill that would inject additional funding to boost industrial production and technology research to protect against the influence of China. The bill will go to the House for a vote. .

Reporter Tyler Perkins studied rhetoric and English literature, and also economics and mathematics, at the University of Utah. Although he grew up in and never left the West (both Oregon and Utah) until recently, he intends to study law and build a career on the East Coast. In his free time, he enjoys reading excellent literature and playing poor golf.

Cybersecurity

CES 2023: Consumers Need to Understand Personal Cybersecurity, Says White House Cyber Official

Consumers must better understand how to weigh risks and protect themselves in the digital world, said Camille Stewart Gloster.

Published

on

Photo of John Mitchell, Tobin Richardson, Amit Elazari, and Camille Stewart Gloster (left to right)

LAS VEGAS, January 7, 2023 – In addition to building a more robust cybersecurity workforce, policymakers should consider consumer education, said Camille Stewart Gloster, deputy national cyber director for technology and ecosystem for the White House, speaking Saturday at the Consumer Electronics Show.

CES 2023 has featured numerous discussions of cybersecurity in sectors ranging from transportation to Internet of Things home devices. On Thursday, an official from the Department of Homeland Security argued that manufactures should design and pre-configure devices to be secure, thus reducing the security burden on consumers.

For their own protection, consumers must better understand how to weigh risks and protect themselves in the digital world, Stewart Gloster said Saturday. “The sooner that people understand that their physical security and digital security are inextricably linked the better,” she argued. According to the panel’s moderator, Consumer Technology Association senior manager for government affairs John Mitchell, 82 percent of data breaches in 2021 involved “the human element, stolen credentials, phishing, misuse.”

Stewart Gloster’s team is working on a national cyber-workforce and education strategy, she said, which will address the federal cyber workforce, the national cyber workforce, cyber education, and “digital safety awareness.”

Stewart Gloster said workforce initiatives should promote the participation of “people of a diverse set of backgrounds who are highly skilled and multidisciplinary who can take a look at the problem space, who can apply their lived experiences, apply the things they’ve observed, apply their academic backgrounds to a challenging and ever evolving landscape.”

Continue Reading

Cybersecurity

CES 2023: Cybersecurity for IoT Devices Should be Market-Driven

NIST’s cybersecurity guidelines for IoT prescribe desired outcomes, rather than specific and ‘brittle’ standards.

Published

on

Michael Bergman (left) and Katerina Megas

LAS VEGAS, January 6, 2023 – Cybersecurity protocols for Internet of Things devices should be industry-driven, Katerina Megas, program manager of the Cybersecurity for Internet of Things Program at the National Institute of Standards and Technology, said Friday at the Consumer Electronics Show 2023.

The popularization of IoT devices gives cyber-criminals increasing opportunities to breach networks, many say. Network-connected household devices – e.g., lightbulbs and home security devices – can be entry-points if security protocols are lacking. On CES panel on Thursday, a cybersecurity official at the Department of Homeland Security argued that manufacturers should design and preset devices to be safe, shifting much of the burden from the consumer.

“For a long-term, sustainable solution, the best approach really is for demand to be market driven,” she said, adding that NIST is “happy” to support the market when called on. To preserve flexibility, NIST’s cybersecurity guidelines for IoT manufacturers in general prescribed desired outcomes, rather than specific and “brittle” standards, Megas said.

“How you achieve those [outcomes] will vary depending on the maturity of your organization, the architecture of your product, perhaps preferences that you might have for you own internal processes,” she explained.

Megas said manufacturers, who well know their devices’ technical capabilities, often lack an understanding of how consumers actually use their devices. Megas said she has examined how to “help a manufacturer who has no insights into the final contextual use of this product, how can we help them…understand, ‘Here are the risks associated with my device.’”

At an American Enterprise Institute panel held in November, Megas endorsed an “ecosystem approach” to cybersecurity, arguing that network security is also indispensable.

Continue Reading

Cybersecurity

CES 2023: Railroad Industry Needs Cybersecurity Update

Shawn Smith advocated heavily tailored, industry-specific approaches that can address to the unique needs of the rail industry.

Published

on

Photo of Shawn Smith, vice president of business development of Cylus

LAS VEGAS, January 5, 2023 – To keep pace with today’s technological innovations and cyberthreats, the railway industry must retool its cybersecurity defenses, said Shawn Smith, vice president of business development of rail cybersecurity company Cylus.

The railway industry is working to patch old vulnerabilities as well as the new ones that have been create by developing technologies, Smith told Broadband Breakfast at the Consumer Electronics Show on Thursday. The need for enhanced cybersecurity has been a recurring theme at the conference, as have the implications of the ever increasing number of devices and technologies now relying on connectivity.

“We’re really fast-tracking an operator’s ability to keep pace with the change in the digital environment that they’re operating in (and) the interconnectivity that they’re seeing,” Smith said, adding that his team works to provide “visibility, threat detection, and response capability to keep pace with the change in their organizations.”

Smith said that many of the large rail players have developed responses for some cybersecurity risks, but lack the automation and planning tools necessary to maximize their effectiveness. He advocated heavily tailored, industry-specific approaches that can address to the unique needs of the industry.

Governments and industry players worldwide have of late been on high alert for cyberthreats, particularly since Russia invaded Ukraine in February 2022. Railways, like other infrastructure, are potential targets for nefarious actors, Smith said.

Continue Reading

Signup for Broadband Breakfast

Twice-weekly Breakfast Media news alerts
* = required field

Broadband Breakfast Research Partner

Trending