At a glance.
- State Department strengthens relationships with tech industry.
- FCC to expand ban on Huawei and ZTE.
- US shares plans for regulation of commercial software.
State Department strengthens relationships with tech industry.
US Secretary of State Antony Blinken is heading to Silicon Valley to talk with Big Tech leaders about the important role they play in cybersecurity. According to the State Department, the purpose of his visit is to “to highlight the key role for technology diplomacy in advancing U.S. economic and national security.” Fostering strong connections with the tech industry has long been a priority of the White House, and events like the war in Ukraine have made the relationship even more important, with companies like Microsoft and Google giving Kyiv cyber advice, and Twitter and Facebook doing their part to stop the spread of disinformation. Blinken told the Wall Street Journal, “We have a profound stake in shaping our technological future, and American diplomacy has a key role to play in bolstering and drawing on our country’s unique strengths—one of which is our industrial and innovation base.”
FCC to expand ban on Huawei and ZTE.
In an effort to quell concerns about China’s global tech influence, anonymous sources say the US Federal Communications Commission (FCC) is expected to expand its ban on telecommunications equipment produced by Chinese tech giants Huawei and ZTE, Ars Technica reports. The FCC has already prohibited the use of Huawei and ZTE equipment in telecom networks that receive subsidies from the Universal Service Fund, but Chairwoman Jessica Rosenworcel is proposing that Huawei and ZTE also be banned from receiving FCC approval on any future products. "The FCC remains committed to protecting our national security by ensuring that untrustworthy communications equipment is not authorized for use within our borders, and we are continuing that work here,” Rosenworcel stated. The proposal would also ban video surveillance equipment from Chinese companies Hytera, Hikvision, and Dahua, which develop products for police departments. The FCC circulated the proposed ban, titled "Protecting Against National Security Threats to the Communications Supply Chain through the Equipment Authorization Program,” last week, and the order's text will become public after it's approved.
US shares plans for regulation of commercial software.
As proposed in US President Joe Biden’s executive order earlier this year, the White House released details last week regarding its plans for implementing new security requirements for the acquisition of commercial software. An Office of Management and Budget spokesperson told FCW that the Federal Acquisition Regulation (FAR) Council will be considering how to set standards for third-party software featured in the National Institute of Standards and Technology standard Secure Software Development Framework (SSDF). At a Washington Post event last week, Anne Neuberger, the deputy national security advisor for cyber and emerging technologies, stated “Over the last decade, we talked a lot in cybersecurity about increasing information sharing. We talked a lot about public-private partnership. But we didn’t talk about the reality that, if you’re living in an unsecure neighborhood, which fundamentally cyberspace is, and you leave the door wide open and a window propped up, you’re not as secure as you need to be.” Neuberger noted that the Environmental Protection Agency will be including cybersecurity in its sanitary reviews of the nation’s critical water systems, and the Federal Communications Commission will issue public notice regarding rulemaking for cybersecurity in emergency and public warning systems, the Federal News Network reports. Experts say the White House announcement could eventually lead to a government-wide adoption of Software Bills of Materials (SBOMs), machine-readable ingredient lists for software products that can help to identify vulnerabilities in real time. Chris Wysopal, founder and chief technology officer of Veracode, says, "SBOMs can deliver tool interoperability and allow for the easy exchange of information from vendor to supplier to agency.”