|
Cyber Daily: Cyber Official’s Ouster Tests Government Relations With Private Sector; IoT Bill Sails Through Senate Vote
|
|
|
|
|
|
Good day. President Trump's firing of Cybersecurity and Infrastructure Security Agency Director Chris Krebs on Tuesday will strain efforts to build relations between the government and the private sector on security matters, WSJ Pro Cybersecurity reports.
The departure of Mr. Krebs and two key deputies from CISA, an arm of the Department of Homeland Security, comes at a crucial time, lawmakers and business executives say. They worry that the changes at CISA will politicize cybersecurity within the federal government, and make businesses less willing to share information on threats in the future. However, agency officials say they will be able to continue operating as usual despite the changes.
Also today: Internet-of-Things bill passes the Senate; Cisco fixes flaws in WebEx; and a cryptocurrency exchange discloses a data breach.
|
|
|
|
U.S. Cybersecurity Upheaval
|
|
|
|
Chris Krebs testified at a Senate hearing in May 2019. President Trump this week fired him from his post as director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. PHOTO: TOM WILLIAMS/CONGRESSIONAL QUARTERLY/NEWSCOM VIA ZUMA PRESS
|
|
|
Cyber official’s ouster tests government relations with private sector. Chris Krebs was widely credited with forging ties between the government and the private sector during his two-year tenure. Those ties are now under threat after he was fired Tuesday by President Trump, lawmakers and business executives say.
With Mr. Krebs and two key deputies out at CISA, an arm of the Department of Homeland Security, some warn the rapid-fire departures will set back public-private collaboration on cybersecurity threats at a key moment.
Private businesses own most U.S. critical infrastructure, including the power grid, water system and financial services. A federal commission assessing U.S. cyber readiness this year urged federal agencies to share with businesses threat intelligence—and vice versa—to ward off attacks by foreign governments and criminal groups.
“Chris leaving is a disappointment for us because we’ve worked so hard to build that relationship and that level of trust,” said Patrick Gaul, executive director of the National Technology Security Coalition, an Atlanta-based advocacy group representing corporate security chiefs.
Read the full story.
|
|
|
|
|
83%
|
Percentage of cyber espionage breaches that take weeks or longer to detect, according to Verizon Communications Inc.'s first Cyber-Espionage Report, published this week.
|
|
|
|
|
|
The Internet of Things Cybersecurity Improvement Act, sponsored by Reps. Robin Kelly (D., Ill.) and Will Hurd (R., Texas) passed the Senate on Tuesday. PHOTO: ERIN SCOTT/BLOOMBERG
|
|
|
Internet of Things bill goes to White House. The U.S. Senate passed legislation designed to improve the security of internet-connected devices by unanimous consent Tuesday evening, FCW reports. The Internet of Things Cybersecurity Improvement Act was passed by the House in September, and now goes to the White House for final approval before becoming law.
Cryptocurrency exchange discloses data breach. Liquid, an exchange for digital currencies owned by Quoine Pte Ltd., said hackers had accessed its internal network and stole customer information, ZDNet reports. The exchange said that no customer funds were taken during the attack, but it was investigating whether sensitive information used for antimoney laundering checks, such as passport scans, were accessed.
Cisco fixes WebEx ghost-user vulnerabilities. Security researchers discovered flaws in Cisco Systems Inc.'s popular WebEx platform, which made it possible for hackers to spy on meetings unbeknown to attendees, even if hosts attempted to remove them, CyberScoop reports. Cisco has since fixed the problem, which was made public as part of a coordinated vulnerability disclosure, a spokesperson said.
|
|
|
|
|