Internet of things, Kaspersky, Equifax on the week’s agenda

Business and technology experts who advise the federal government on cybersecurity will hear presentations this week from the Office of Management and Budget, the Department of Homeland Security and Senate offices taking the lead on securing internet-connected devices, AKA the internet of things.

The three-day meeting of the Information Security and Privacy Advisory Board will also feature several presentations from staffers at the technical standards agency NIST, which manages the advisory committee. NIST experts will brief the board on, among other things, their work with the National Telecommunications and Information Administration on an internet resiliency report required by President Donald Trump’s cybersecurity executive order; NIST’s development of next-generation voting machine security guidelines; and its update to bedrock cyber standards used by all federal agencies. Board members hail from companies like AT&T and Intel and agencies like the NSA and the Treasury Department.

Sens. Mark Warner and Cory Gardner, who have introduced legislation to require basic cybersecurity standards for smart devices, will dispatch staffers to brief the board on their bill and related issues. OMB’s Joshua Moses will brief the board on the status of the Trump cybersecurity order’s risk management report. As MC first reported last week, OMB delivered that report to the president ahead of schedule. The board’s draft agenda also lists a second executive order briefing, this one about the IT modernization report that OMB is finalizing, but it is listed as tentative. Michael Duffy and Martin Stanley from DHS will appear on two separate days to update board members on the status of two key priorities: helping agencies identify and protect their most critical systems and removing software made by the Russian cybersecurity firm Kaspersky from federal networks.

— CAPITOL NEWS: The crowded and diverse hearing schedule kicks off Tuesday when House Democrats’ election security task force hears from state officials and the Election Assistance Commission. Tuesday also sees a House Homeland Security subcommittee team up with a House Education subcommittee to examine how to develop the cybersecurity workforce. Wednesday heralds the arrival of the first in a series of House Science Committee hearings on the risk Russia-based Kasperky Lab’s software poses to the federal government. Later that day, the House Financial Services panel holds another hearing on the massive Equifax data breach, with the heads of the major credit bureaus invited by Democrats to attend. Then, on Thursday, the Senate Energy Committee conductsa hearing on cybersecurity technology that could help protect the energy grid.

HAPPY MONDAY and welcome to Morning Cybersecurity! Your MC host tried the Impossible Burger this weekend and can vouch. Send your thoughts, feedback and especially tips to and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

** A message from Deloitte Cyber Risk Services: Society has become increasingly connected using platforms designed for sharing information, not protecting it – presenting opportunities for would-be attackers. And, the very things agencies do to innovate and fulfill their mission can a create cyber risks. Deloitte’s Secure.Vigilant.Resilient.™ cyber approach helps agencies manage the cyber risk you know and get ahead of the ones you don’t. **

ICYMI: LAWMAKERS TWEAK SURVEILLANCE BILL — The House Judiciary Committee late last week began circulating a revised version of its bipartisan draft bill to renew the digital spying programs allowed under Section 702 of the Foreign Intelligence Surveillance Act. The updated proposal make some technical edits and clarifies potentially ambiguous passages, tweaks that were well-received by digital privacy advocates hoping to alter the 702 statute. One of the most scrutinized sections — which would place new warrant requirements on the FBI when it is seeking the content of NSA-intercepted communications in pursuit of evidence of a crime — received some clarifying language. The bill explicates that a judge of the secret court that oversees the government’s foreign spying efforts would determine whether the FBI could access the contents of intercepted digital chatter.

While it’s unclear when the Judiciary Committee will take up the measure, expect movement on the issue in the Senate this week. Sens. Ron Wyden and Rand Paul — two fierce privacy advocates — are expected to introduce their own reauthorization measure any day. And the Senate Intelligence Committee is planning to take up its own 702 renewal bill behind closed doors.

Continue reading…