At a glance.
- Biden Administration moves on from the Bulk Power Order?
- Members of Congress talk about giving CISA a larger appropriation.
- Creativity in law enforcement, from Washington to Paris.
Biden Administration moves on from the Bulk Power Order?
JD Supra says last week’s Energy Department moves around EO 13920 “effectively established a clean slate for” US bulk power security policy. In sum, Energy revoked the Prohibition Order, published a Request for Information, and launched a new Cybersecurity Initiative, a “100-Day Plan.” The Plan involves electric utilities and the Cybersecurity and Infrastructure Security Agency (CISA) in securing software, systems, networks, and facilities, and covers situational awareness, detection, mitigation, response, and forensics efforts in OT, IT, and ICS environments.
Members of Congress talk about giving CISA a larger appropriation.
According to MSSP Alert, US Representatives Jim Langevin (Democrat, Rhode Island 2nd) and Mike Gallagher (Republican, Wisconsin 8th) are encouraging the House Appropriations Committee to give CISA another $400 million for fiscal year 2022. Without such investments, the representatives argue, CISA will “fall far short of the strong and effective cybersecurity agency the U.S. badly needs.”
Creativity in law enforcement, from Washington to Paris.
AP reviews the implications of the FBI’s recent remote remediation of unaddressed instances of Hafnium’s parting gift to host Microsoft Exchange servers. Privacy campaigners sounded alarms after the agency cleared web shells from hundreds of systems without their operators’ go-ahead. A Texas federal judge approved the novel mission, which the AP described as “the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.”
Assistant Attorney General John Demers said the Justice Department faced a choice between intervention and letting the malware fester. “We don’t yet have sort of worked out what our criteria are going to be going forward,” he continued, while clarifying that the maneuver won’t be “a tool of first resort,” and the Department is mindful of potential collateral system damage.
Meanwhile in La Ville Lumière, under growing pressure to address the threat of terrorism, the French Government intends to seek Parliament’s permission to surveil suspects’ online activity using AI, the Wall Street Journal reports. If successful, the new regulation would allow the state to direct telecom firms to track real-time URL visits, with algorithms that notify intelligence personnel in the event of flagged patterns.