At a glance.
- US lawmakers introduce small business cybersecurity bill.
- ICC to prosecute digital war crimes.
- New FCC commissioner has background in digital policy.
The Small Business Cyber Resiliency Act is introduced in the US Senate.
US Senator Jim Risch, a Republican out of Idaho, yesterday announced that he is introducing a bill called the Small Business Cyber Resiliency Act. Risch, who was former chairman of the Senate Committee on Small Business and Entrepreneurship, says the bill’s goal is to help small businesses bolster their cybersecurity resources in the face of increasing digital threats. Rich states, “Given the variety of threats small businesses face, from home and abroad, it is important they are equipped with tools and information to protect themselves, their employees and customers, and our entire economy. The Small Business Cyber Resiliency Act will provide them with access to these important resources.” The bill aims to provide effective and accessible cybersecurity training, establish a Central Small Business Cybersecurity Unit at the Small Business Administration (SBA), and create a publicly-available SBA clearinghouse of cybersecurity resources for small businesses.
It also sets out to improve information sharing between small businesses, the SBA, the Cybersecurity and Infrastructure Security Agency, and other agencies, and it also provides special attention to businesses that were forced to go digital because of the pandemic. Senators Jeanne Shaheen, (Democrat out of New Hampshire), Mike Crapo (Republican from Idaho), and Catherine Cortez Masto (Democrat from Nevada) are joining Risch in introducing the legislation. Shaheen stated, “I’m proud to work across the aisle with Senator Risch on the Small Business Cyber Resiliency Act to help provide our small businesses with the tools they need to grow and create more good jobs.”
Grayson Milbourne, Security Intelligence Director at OpenText Cybersecurity, approves of the prospect that the government might do more to support the security of small and medium businesses. “SMBs have been under attack for years without proper assistance from the government. It is time to fix that and improve the tools SMBs have to defend against cybercrime. One of the biggest impacts of legislation like this is that it increases the awareness by the government of the most active threat actors targeting SMBs. With this information, authorities can launch offensive attacks against cybercrime infrastructure. For example, just last month we saw the takedown of QBot which had been wreaking havoc for over 10 years. This problem won’t go away on its own and it is past due for the government to get involved on the behalf of SMBs.”
ICC to prosecute digital war crimes.
Karim Khan, lead prosecutor for the International Criminal Court (ICC), has announced that the international tribunal will begin investigating cyber war crimes. For years, many have wondered if the world needs a Geneva Convention for digital acts of war, which have until now fallen into a sort of gray area when it comes to prosecution. But the ICC will be using an existing treaty: the Rome Statute, which gives the court authority to prosecute illegal acts, including war crimes, crimes against humanity, and genocide. In an article for last month’s issue of Foreign Policy Analytics, Khan wrote, “Cyber warfare does not play out in the abstract. Rather, it can have a profound impact on people’s lives. Attempts to impact critical infrastructure such as medical facilities or control systems for power generation may result in immediate consequences for many, particularly the most vulnerable. Consequently, as part of its investigations, my Office will collect and review evidence of such conduct.” While Khan’s statement does not mention Russia or Ukraine, WIRED notes that the timing of the announcement indicates Russia’s cyberattacks targeting Ukraine could have been an impetus. Shortly after Russia’s invasion of Ukraine last year, the Human Rights Center at UC Berkeley’s School of Law submitted an Article 15 document requesting that the ICC consider war crime prosecutions of Russian hackers, particularly focused on the activities of Sandworm, a cyber unit within Russia’s GRU military intelligence agency.
New FCC commissioner has background in digital policy.
The US Senate yesterday voted 55 to 43 to approve Anna Gomez to fill the vacant fifth seat on the Federal Communications Commission (FCC). Gomez comes from a senior advisor position on communications policy at the Bureau of Cyberspace and Digital Policy, and she has twelve years of experience in various positions at the FCC under her belt. Gomez is also a telecommunications attorney and worked as vice president for Federal and State Government Affairs at Sprint Nextel. At the time of Gomez’s nomination, Comcast’s chief legal officer Tom Reid said she has “deep knowledge across the breadth of issues before the FCC makes her exceptionally qualified to be a Commissioner.” Fierce Wireless explains that, prior to Gomez’s approval, the FCC was split 2-2 between Democrats and Republicans, making it difficult to pass anything that was divisive along party lines. Gomez’s selection gives the Democrats the majority, meaning the Commission could now tackle more contentious issues like restoring network neutrality.