At a glance.
- Hack the Capitol 2021 offers perspective on US Government thinking on cyber and critical infrastructure security.
- Chinese firms will not participate in India's 5G trials.
- Should there be a US Cyber Force (or is a Combatant Command good enough)?
- EU subjects data scraping to regulatory scrutiny.
Hack the Capitol 2021 takes up cybersecurity and the challenge of securing critical infrastructure.
Hack the Capitol 4.0, held virtually on May 4, offered some insight into how US officials (and especially members of the US House) intend to work toward better security for US critical infrastructure, and what strategies might better secure the country against cyberattack. A collaboration among the ICS Village, the R Street Institute, the Cyber Bytes Foundation, and the National Security Institute, the event, in the hosts’ words, was “designed to educate congressional staffers, scholars, and press on some of the most critical cybersecurity challenges facing our nation today.” The CyberWire has an account of the event's keynotes.
Huawei and ZTE excluded from India’s 5G trials.
Ericsson, Nokia, and Samsung will participate in 5G trials with New Delhi mobile providers Jio Infocomm, Bharti Airtel, Vodafone Idea, and MTNL, Reuters reports. The test runs will evaluate 5G equipment across a variety of settings. Notably absent from the vendor list are Huawei and ZTE.
While the Chinese suppliers haven’t yet been barred from selling gear to Indian telecoms, as we’ve seen, officials report that Huawei and ZTE will be off limits starting this summer when new “trusted sources” rules take effect. New Delhi ranks second globally in total cellular customers.
Op-ed calls for an independent US Cyber Service.
War on the Rocks makes the case for an independent Cyber Force, akin to the Space or Air Force, given the broad and distinct significance of cyber to current and future civil and military capabilities. Both the Cyberspace Solarium Commission and National Security Commission on Artificial Intelligence found the strategic status quo inadequate to meet the moment, but cyber is struggling for independent recognition, as did air power initially.
Establishing a Cyber Force would focus and augment the nation’s cyber offensive, defensive, and deterrence capacities, and free the body from other forces’ “cultures, doctrine, legacy programs, and bureaucratic preferences.” Given a separate seat at the table, the Force could advance the country’s cyber priorities, resources, technologies, and strategies. Furthermore, the unique scope of cyber skills would allow the Force to pull from a novel segment of the populace.
As a unified combatant command, US Cyber Command draws from existing services with existing objectives. Cyber is a different ballgame played in a different arena, however, not just a means towards other goals, and requires dedicated attention. Unlike US Strategic Command, which runs Air Force’s strategic bombers and Navy’s ballistic missile submarines, CyberCom arguably oversees a distinct battlespace with distinct rules and demands.
Or so the argument goes. Others might maintain that Strategic Command and Cyber Command are not so different after all, and effectively oversee separate and important functional areas.
Data scraping under regulatory scrutiny in the EU.
Spain’s data protection watchdog recently made clear that publicly available information falls under the purview of the General Data Protection Regulation, according to the Wall Street Journal. The regulator slapped Equifax with a $1 million fine for scraping data from government sources without individuals’ consent, and directed the company to delete said data. Third parties like financial services that relied on illegal Equifax reports must now also clean up their databases. Other companies operating in the EU have faced similar penalties for mishandling public data.
A US judge, in contrast, recently upheld an HR firm’s right to scrape data from LinkedIn.