|
|
|
|
|
|
|
|
|
|
Cyber Daily: U.S. Cyber Agency Hopes to Avoid ‘Regulator’ Label | Ransomware Attack Map
|
|
|
|
|
|
|
|
Hello. WSJ Pro's David Uberti looks at how momentum behind cyber legislation and federal mandates is pushing the Cybersecurity and Infrastructure Security Agency to become an enforcer. It's a role that CISA Director Jen Easterly says she doesn't want, while at the same time advocating for more leverage to get businesses to reveal details about cyberattacks they suffer.
The balancing act previews longer-term questions for the agency as the Biden administration and some lawmakers press to expand cyber requirements across the U.S. economy.
This and other news below.
|
|
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
New Threats To Our New Normal
Recent years have shown us that the future is unpredictable, and cybercriminals have capitalized on it. Being prepared requires developing both short and long-term strategies that put security first.
Read More
|
|
|
|
|
|
|
|
|
|
|
|
|
Jen Easterly, head of the Cybersecurity and Infrastructure Security Agency, at a Senate committee hearing last month. PHOTO: ROD LAMKEY/ZUMA PRESS
|
|
|
|
|
|
Building trust: The U.S. cyber agency wants to avoid the R-word.
“We’re not a regulator,” Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said last week at a conference hosted by security company Mandiant Inc. “We don’t want to be a regulator.”
Legislation in Congress could push CISA into such a role by giving the agency power to write rules forcing companies to report hacks, subpoena them for information and potentially fine noncompliant firms, businesses say.
And that, some companies say, could impair any trust that has been built between public and private organizations.
Read the full story.
|
|
|
|
|
|
More Cyber and Privacy News
|
|
|
|
|
|
PHOTO: JIM LO SCALZO
/SHUTTERSTOCK
|
|
|
|
|
Doing less with more: Cyber insurers are raising prices and lowering coverage limits after fielding a barrage of claims for ransom payments. Premiums in some sectors have jumped more than 300% at renewal time, according to a report from Risk Placement Services, a wholesale broker. Some insurers are scrutinizing customers' cyber protections, requiring such security basics as multifactor authentication. (InfoSecurity Magazine)
|
|
|
|
Creamy or crunchy? A Navy engineer with national security clearance and his wife were arrested after allegedly trying to sell nuclear secrets to an undercover FBI agent. Information was encrypted—including a memory card wrapped in plastic and hidden in half of a peanut butter sandwich—and communications during 2020 and 2021 were made using encrypted email, according to the Justice Department. The engineer asked to be paid in the Monero, saying that bitcoin and other cryptocurrencies were risky, a federal complaint says. (Bleeping Computer)
|
|
|
|
|
PHOTO: PARESH DAVE
/REUTERS
|
|
|
|
|
Giveaway: Google is giving out 10,000 USB security keys to politicians, activists and other high-risk hacking targets world-wide. The Titan keys enable two-factor authentication on user accounts. (BBC)
|
|
|
|
|
|
|
|
|
|
|
|
|
SOURCE: COMPARITECH
|
|
|
|
|
|
Comparitech, a tech research group, made an interactive U.S. map showing ransomware attacks by year, size, industry and strain. Where possible, it includes whether the victim paid a ransom. Check it out here.
|
|
|
|
|
PHOTO: KEVIN LAMARQUE/REUTERS
|
|
|
|
|
M&A targeting: Consulting firm Booz Allen Hamilton Holding Corp. plans to step up its spending on acquisitions over the next few years, targeting companies that would expand its capabilities in areas such as healthcare tech and cybersecurity services. The company is one of the largest U.S. security contractors, with deep ties to the intelligence and defense sectors. (WSJ)
|
|
|
-
Booz Allen is looking to strike more tuck-in deals than in previous years to accelerate its growth rate, Chief Financial Officer Lloyd Howell said. Tuck-ins involve a company buying a smaller business and integrating it into its operations.
-
The firm plans to spend about $4 billion between April 2022 and March 2025, largely on acquisitions, executives said at last week's investor day. That is up from the $1.3 billion it spent in total during the past four fiscal years, the most recent ending in March.
|
|
|
|
|
|
|
|
|
|
|
|
