WASHINGTON — A commission created by Congress to develop a more strategic approach to defending against cyberattacks turns out the lights on Tuesday, ending two and a half years of work on policy recommendations, legislative pushes and warnings about malware, ransomware and other threats.When the Cyberspace Solarium Commission released its first recommendations in March 2020, after a year of research and writing, its members vowed that the panel would work differently from other blue ribbon Washington exercises. Senator Angus King, independent of Maine and a co-chairman of the commission, said the recommendations would not end up dusty on a shelf, like those drawn up by many other well-meaning panels.The commission’s name was based on the Eisenhower administration’s Project Solarium, which developed new policies for the Cold War. Influential members of the House and Senate Armed Services Committees led the commission, allowing its cybersecurity recommendations to be packaged as legislation included in one of the few policy bills that pass each year: the annual National Defense Authorization Act.“This is an example of what I think was genius — and I can say that because it wasn’t my idea — instead of just issuing a report with recommendations we handed the congressional committees fully drafted, finished legislation,” Mr. King said.Congress originally set the commission’s termination for the end of 2020 but extended its work for an additional year. During that time, Mr. King said, about half of the panel’s recommendations have been implemented, most through legislation but some through executive branch actions.The commission shuts down with notable successes, like the creation of a national cyber director in the White House and measures to strengthen the powers of the Cybersecurity and Infrastructure Security Agency, as well as provisions in this year’s defense bill, including requirements for revisedresponse plans and more exercises and drills for government officials.Some key initiatives remain unfinished, with details of the legislation to be worked out or arguments over congressional jurisdiction to be untangled.“We’re cleareyed about the fact that there’s some big things that still need to get done, that did not get done,” said Representative Mike Gallagher, Republican of Wisconsin and the commission’s other co-chairman.The commission developed a proposal for a bill that would have identified systemically important infrastructure. Businesses — like Colonial Pipeline, which in May was hit by a ransomware attack — that play a crucial role in the economy would be given special assistance to improve their cybersecurity. In return, however, they would have additional security requirements and share additional information with the government.More hearings with the House Homeland Security Committee will be necessary before that legislation moves forward, as lawmakers wrestle with details of liability protection and how to oversee security of cloud computing providers and other industries.Mr. Gallagher, who over the last two years emerged as a rising star among members of his party focused on legislating, said he wanted additional measures passed that would have required companies and institutions operating critical infrastructure to report intrusions or attacks to the federal government.“We believe Congress should authorize the Department of Homeland Security to establish requirements for critical infrastructure entities to report cyberincidents to the federal government,” Mr. Gallagher said. “But we were unable to get that across the finish line.”The committee also developed proposals for a “joint collaborative environment” on cyberthreats that would increase information sharing between private companies and the government. While government officials say they have taken steps in that direction, private companies say there are still too many barriers to sharing information — and the commission members agree.Right now, Mr. Gallagher said, the federal government doesn’t have the infrastructure to share data across agencies and with private businesses. The mind-set must also change, he said.“It’s a question of how do you change the culture of the intelligence community, such that they’re proactively willing to share things with the private sector as opposed to just hoarding information or demanding information,” Mr. Gallagher said.What to Know About Ransomware Attacks
Card 1 of 5What are ransomware attacks?This form of cybercrime involves hackers breaking into computer networks and locking digital information until the victim pays for its release. Recent high-profile attacks have cast a spotlight on this rapidly expanding criminal industry, which is based primarily in Russia.Why are they becoming moreBy: Julian E. Barnes
Title: Designed to Prepare for Cyberattacks, a Panel Wraps Up Its Work
Sourced From: www.nytimes.com/2021/12/21/us/politics/cyber-attacks-commission.html
Published Date: Tue, 21 Dec 2021 17:34:58 +0000
Read More
Did you miss our previous article...
https://badpoliticians.com/us-politics/supreme-court-will-hold-a-special-hearing-on-biden-vaccine-mandates
UK PoliticsWorld PoliticsVideosPrivacy PolicyTerms And Conditions
