At a glance.
- An international cybersecurity regime?
- EU rejects limitations on proof-of-work blockchains.
- Reconciliation of US House, Senate bills offers prospects for more cyber resources.
The challenges of a global cyber alliance.
As the war in Ukraine has brought global fears of Russian cyber aggression to the forefront, some world leaders are weighing the benefits of a global cyber alliance. Steps have already been taken in that direction, as earlier this month, the US Department of Homeland Security’s Robert Silvers and Israel’s National Cyber Directorate director-general Gaby Portnoy signed a cyber collaboration agreement for their countries, and in November the UK and Israel made a similar deal. Security Week explores the feasibility of a more comprehensive international alliance, and the role the Five Eyes would play in such an agreement. Last September, Australia, the UK, and the US entered into AUKUS, a security pact that, in addition to supplying nuclear submarines to Australia, calls the three nations to join their defensive and offensive cyber capabilities to fight Chinese activities in the Indo-Pacific region. AUKUS sets itself apart from the Five Eyes agreement by focusing not just on sharing signals intelligence, but on the development of offensive cyber operations. However, while the Five Eyes is the most visible and possibly most potent international intelligence pact, there’s a web of smaller individual agreements between nations across the globe that could make the establishment of a global cyber alliance a complicated enterprise. Moreover, such an endeavor could push Russia and China into even deeper collaboration, perhaps inviting Iran and Korea into a rival alliance.
EU rejects proof-of-work crypto limitation proposal.
On Monday, the European Parliament’s economic and monetary affairs committee voted against a proposed provision that would have effectively banned bitcoin in the EU. CoinDesk explains that the lawmakers decided not to add the rule to a draft of the EU’s proposed regulatory package for governing digital assets, the Markets in Crypto Assets (MiCA) framework. Crypto proponents were against the provision, which would have limited the use of digital currencies supported by proof-of-work computing processes across the EU to ensure that all cryptocurrencies maintain the EU’s “minimum environmental sustainability standards with respect to their consensus mechanism.” Instead, the monetary committee voted in favor of a compromise calling on the European Commission to offer alternative legislation to regulate “crypto asset mining activities that contribute substantially to climate change mitigation and adaptation.” After the vote, Parliament member Stefan Berger, who helped draft MiCA, tweeted, “By accepting my proposal, members have paved the way for future-oriented crypto regulation. It is now a matter of accepting the report as a whole in the final vote & sending out a strong signal for innovation.”
US House and Senate economic bills present opportunity for significant cyber measures.
The Hill argues that the key to securing America’s critical infrastructure systems lies in the integration of the Senate’s US Innovation and Competition Act (USICA) and the House’s America COMPETES Act. Both bills focus on investing in the federal cyber workforce, placing US leadership in international bodies focused on setting technology standards, and directing more funding to the State Department’s Global Engagement Center, which combats the spread of foreign disinformation. They also direct $52 billion in funding to the CHIPS Act, which sets up a grant program focused on domestic semiconductor production. Reconciling the bills could make up for weaknesses in recent cybersecurity legislation like the Infrastructure Investment and Jobs Act, which is inconsistent in its support to individual sectors. As Congress prepares to adjudicate USICA and the COMPETES Act, they are presented with an opportunity to effect measures that, with a successful bipartisan conference, could significantly impact the country’s cybersecurity posture.