Category: national security policy

Auto Added by WPeMatico

NASA’s Insider Threat Program

Posted on By infossl
insiders, national security policy, reports, Security technology, Uncategorized

The Office of Inspector General has audited NASA’s insider threat program: While NASA has a fully operational insider threat program for its classified systems, the vast majority of the Agency’s information technology (IT) systems — including many containing high-value assets or critical infrastructure — are unclassified and are therefore not covered by its current insider … Read More “NASA’s Insider Threat Program” »

A New Cybersecurity “Social Contract”

Posted on By infossl
cybersecurity, national security policy, public interest, Security technology, Uncategorized

The US National Cyber Director Chris Inglis wrote an essay outlining a new social contract for the cyber age: The United States needs a new social contract for the digital age — one that meaningfully alters the relationship between public and private sectors and proposes a new set of obligations for each. Such a shift … Read More “A New Cybersecurity “Social Contract”” »

The EARN IT Act Is Back

Posted on By infossl
national security policy, privacy, Security technology, social media, surveillance, Uncategorized

Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act, an incredibly unpopular bill from 2020 that was dropped in the face … Read More “The EARN IT Act Is Back” »

New German Government is Pro-Encryption and Anti-Backdoors

Posted on By infossl
backdoors, encryption, germany, national security policy, privacy, Security technology, Uncategorized

I hope this is true: According to Jens Zimmermann, the German coalition negotiations had made it “quite clear” that the incoming government of the Social Democrats (SPD), the Greens and the business-friendly liberal FDP would reject “the weakening of encryption, which is being attempted under the guise of the fight against child abuse” by the … Read More “New German Government is Pro-Encryption and Anti-Backdoors” »

US Blacklists NSO Group

Posted on By infossl
cyberweapons, national security policy, Security technology, spyware, Uncategorized, zero-day

The Israeli cyberweapons arms manufacturer — and human rights violator, and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them. Aside from the obvious difficulties this causes, it’ll make it harder for them to buy zero-day vulnerabilities on the … Read More “US Blacklists NSO Group” »

Information Flows and Democracy

Posted on By infossl
academic papers, disinformation, national security policy, Security technology, Uncategorized

Henry Farrell and I published a paper on fixing American democracy: “Rechanneling Beliefs: How Information Flows Hinder or Help Democracy.” It’s much easier for democratic stability to break down than most people realize, but this doesn’t mean we must despair over the future. It’s possible, though very difficult, to back away from our current situation … Read More “Information Flows and Democracy” »

Is 85% of US Critical Infrastructure in Private Hands?

Posted on By infossl
cybersecurity, infrastructure, national security policy, Security technology, Uncategorized

Most US critical infrastructure is run by private corporations. This has major security implications, because it’s putting a random power company in — say — Ohio — up against the Russian cybercommand, which isn’t a fair fight. When this problem is discussed, people regularly quote the statistic that 85% of US critical infrastructure is in … Read More “Is 85% of US Critical Infrastructure in Private Hands?” »

New US Executive Order on Cybersecurity

Posted on By infossl
cybersecurity, national security policy, security standards, Security technology, Uncategorized

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government. For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards. Although the companies would have to “self-certify,” … Read More “New US Executive Order on Cybersecurity” »

Biden Administration Imposes Sanctions on Russia for SolarWinds

Posted on By infossl
cyberespionage, espionage, hacking, national security policy, russia, Security technology, Uncategorized

On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks. I will leave it to those with experience in foreign relations to convince me that the response … Read More “Biden Administration Imposes Sanctions on Russia for SolarWinds” »

DNI’s Annual Threat Assessment

Posted on By infossl
cybersecurity, national security policy, Security technology, supply chain, threat models, Uncategorized

The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages 20-21. Nothing surprising: Cyber threats from nation states and their surrogates will remain acute. States’ increasing use of cyber operations as a tool of national power, including increasing use by militaries around … Read More “DNI’s Annual Threat Assessment” »