At a glance.
- Biden administration considers reversing Trump-era cybersecurity policy.
- ECOWAS determines Nigerian cybercrime law violates human rights.
- Morocco launches cybersecurity education hub.
- CISA kicks off April’s “Fortify the Chain” initiative.
Biden administration considers reversing Trump-era cybersecurity policy.
US President Joe Biden has initiated an “interagency review process” to discuss revising former president Donald Trump’s National Security Presidential Memorandum-13 (NSPM-13), policies that gave the Department of Defense (DoD) and US Cyber Command unprecedented authority to allow cyber-operations without presidential approval. As former general counsel for the DoD Paul Ney explained in 2020, the 2018 memorandum allowed the delegation of “well-defined authorities to the Secretary of Defense to conduct time-sensitive military operations in cyberspace.” The Trump administration implemented the policy to override the Obama’s administration’s slower response to cyberthreats, but allowing such broad power was considered controversial even at the time the memorandum was issued. A source told CyberScoop, “If you’re not in combat, the commander is supposed to check in with White House and the president. That’s how we’ve done it before.” Michael Daniel, a former Obama administration cybersecurity official and current head of Cyber Threat Alliance, explained that such policy is further complicated by the fact that cyberspace is not regulated in the same manner as physical space. “We have very clear rules in the physical world that we don’t have in cyberspace yet. That lack of clarity is part of the problem…and why there’s an argument for being careful about and having oversight over offensive cyber operations.”
ECOWAS determines Nigerian cybercrime law violates human rights.
The Economic Community of West African States (ECOWAS) Court has ruled that section 24 of Nigeria’s Cybercrime (Prohibition) Act of 2015 violates the African Charter on Human and Peoples’ Rights and the International Covenant on Civil and Political Rights. Section 24, which focuses on cyberstalking, prohibits the use of the internet to spread pornography, false or aggravating information, and cyberbullying, but a case filed by Nigeria’s Socio-Economic Rights and Accountability Project demonstrated that the measures was being abused in order to unfairly penalize journalists and political dissidents. The Record by Recorded Future explains that the case focused around journalists Agba Jalingo, Olivia Fejiro, and Rotimi Joayemi, who were arrested for publishing stories considered in opposition to the Nigerian government. ECOWAS has ordered that Nigeria amend the law or face possible economic sanctions, though experts worry the ruling may go ignored. Lemuel Odeh, an associate professor of history and international studies at Nigeria’s University of Ilorin, explained, “Member states do not obey the court’s order, including sanctions against other states, and this has made the ECOWAS a toothless bulldog.”
Morocco launches cybersecurity education hub.
Morocco World News reports that British and Moroccan politicians and academic leaders gathered in Rabat yesterday to commemorate the establishment of the Cyber Security Centre of Excellence for Africa, an education hub providing courses and training sessions focused on helping local and global companies develop cybersecurity resilience. The Centre will offer National Cyber Security Centre’s (NCSC) certified courses, as well as a cybersecurity MBA in partnership with the UK’s Lancaster University and Templar Executives, a global cyber security and information assurance firm. The Centre serves the dual purpose of bolstering Morocco’s cybersecurity posture while also supporting post-Brexit cooperation between the UK and Morocco. The Centre is set to open in Marrakech in 2024, but in the interim Mohammed V University will serve as a temporary host.
CISA kicks off April’s “Fortify the Chain” initiative.
In honor of National Supply Chain Integrity Month, the US Cybersecurity and Infrastructure Security Agency (CISA) announced it will partner with the Office of the Director of National Intelligence and other government and industry partners to encourage organizations across the country to strengthen the global ICT supply chain. The effort is being called “Fortify The Chain,” and throughout the month CISA will promote resources, tools, and information under weekly themes like “No Shortages of Threats – Educate to Mitigate” and “Question, Confirm, and Trust – Be Supplier Smart.” The first week’s theme is “Power in Partnership” and will highlight the efforts of the ICT Supply Chain Risk Management Task Force, a sixty-member public-private partnership established by CISA to “coordinate and collaborate on shared risks to enhance supply chain resilience.”