At a glance.
- Major movements in US digital asset guidance.
- Cybersecurity in the “Giant of Africa.”
- Does Japan need a cyber ministry?
Major movements in US digital asset guidance.
On Friday the White House announced the release of a “Comprehensive Framework for Responsible Development of Digital Assets,” a first-of-its-kind set of guidelines laying out a whole-of-government approach to handling digital currency. Pursuant to President Joe Biden’s March 9 executive order on the subject, the framework addresses the six goals set out in the EO: protecting consumers and investors; promoting financial stability; countering illicit finance; US leadership in the global financial system and economic competitiveness; financial inclusion; and responsible innovation. Building on the research of nine reports submitted to the President since the EO, the framework does not set out legislation, but rather offers recommendations that “articulate a clear framework for responsible digital asset development and pave the way for further action at home and abroad.” As Decrypt notes, these recommendations include urging regulators like the Securities and Exchange Commission and Commodity Futures Trading Commission to focus on enforcement, and directing the US Treasury to work with financial institutions and US allies to bolster data sharing.
Also on Friday, the Department of Justice announced the public release of its report The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets, as well as the establishment of the nationwide Digital Asset Coordinator (DAC) Network aimed at fighting the illicit use of digital assets. Attorney General Merrick B. Garland stated, “The efforts announced today reflect the commitment of the Justice Department and our law enforcement and regulatory partners to advancing the responsible development of digital assets, protecting the public from criminal actors in this ecosystem, and meeting the unique challenges these technologies pose.”
The Justice Department has enlisted over 150 federal prosecutors across the US to form the Digital Asset Coordinators Network, aimed at strengthening law enforcement’s efforts to fight cryptocurrencies-related crime. The Wall Street Journal explains that the group will designate subject-matter experts in US attorneys’ offices to assist with cases like bitcoin-aided money laundering, terrorism, or ransomware operations. Eun Young Choi, the first director of the Justice Department’s national cryptocurrency enforcement team, stated, “Digital-asset crimes are truly multidisciplinary. They are cross-border, complex, and challenging investigations and they require a certain level of competency.”
And yesterday, also pursuant to President Biden’s EO, the US Treasury Department announced a request for comment on the security risks posed by the use of digital assets and recommended mitigations. The Wall Street Journal explains that input is expected from crypto industry advocates, members of civil society, and traditional financial institutions as well as cryptocurrency firms. Alex Zerden, a former Treasury official and current principal of financial technology at risk advisory firm Capitol Peak Strategies LLC, stated, “This [commentary process] shows the Treasury is taking public engagement very seriously…from the lens of risk, as opposed to the one of risk and opportunity.” The deadline for comment is November 3.
Cybersecurity in the “Giant of Africa.”
Wired offers an in-depth look at Nigeria’s approach to cybersecurity. The inadequate response from officials responding to the April discovery of unsecured state health agency data in misconfigured AWS S3 data buckets is indicative of the issues Nigeria currently faces when it comes to cyberspace: ineffective regulations, inadequate response procedures, and inconsistent breach disclosures. Confidence Staveley, a Nigerian security analyst and executive director of the security consultancy and advocacy group Cybersafe Foundation, explains, “Many organizations in developed countries communicate when they have cases of cyberattacks, which encourages cyber-resilience and widespread incident response. Back here, however, we see that generally, a lot of organizations absolutely deny the occurrence of cyberattacks and data breach incidents, even in the presence of undeniable evidence.” Although Nigeria's National Information Technology Development Agency and the nation’s 2020 Data Protection Bill have established regulations for organizations that process personal data, data handling in Nigeria goes largely unmonitored, and many organizations do not consider the value of encryption and security until it’s too late.
Does Japan need a cyber ministry?
The Diplomat shares an interview with Major General Tanaka Tatsuhiro, research principal at the National Security Institute of Fujitsu Systems Integration Laboratories in Tokyo, in which the former commanding general of the Japan Ground Self-Defense’s Signal School discusses the future of Japanese cybersecurity. Tatsuhiro notes that the war in Ukraine has made it evident that nations must be ready to defend their cyber infrastructure and the electricity grid that upholds it. He says businesses must be willing to invest in securing company and customer data, focusing not on the financial cost but on the value added. Tatsuhiro also advocates for the creation of a cyber ministry in addition to Japan’s already existing Digital Agency. He explains, “We have to strengthen the cyber infrastructure by making it an organization that is on par with other ministries. More ideally, given the current social structure, the cyber ministry should be at the top, with other bureaus attached to it…When a cyberattack brings down a power grid somewhere, or a service provider goes bust, what we need is not coordination but command and control that can take necessary measures. We should aim to establish a large ministry with large powers and responsibilities.”