Morgan Chalfant

Senators demand Bolton reconsider eliminating top cyber post

A group of 19 Democratic Sens wrote to national security adviser John Bolton urging him to reconsider the move to elminate a top cybersecurity position at the White House, calling it a “step in the wrong direction” and worrying that it would “lead to a lack of unified focus against cyber threats.” The role of White House cybersecurity coordinator was established under the Obama administration to coordinate cybersecurity policymaking efforts across the federal government.

President Trump orders new guidance on ‘unmasking’ requests

President Donald Trump is ordering the top US intelligence official to come up with a new policy for responding to requests from officials to “unmask” Americans in intelligence reports.

Critical computer flaws set up security challenge in Washington

Two critical vulnerabilities that affect modern computer processing chips are about to become a huge headache for governments worldwide. The vulnerabilities could allow hackers to pilfer sensitive data from virtually all modern computing devices, ranging from computers to smartphones to cloud infrastructure. Experts believe that they may be the most dangerous computer processor flaws to date.

FBI can’t unlock Texas shooter’s phone

The FBI has confiscated the phone of the gunman who opened fire at a Texas church Nov 5 but is unable to access it for the ongoing investigation.  FBI Special Agent Christopher Combs, who is leading the investigation, told reporters that the bureau had flown the device to Quantico (VA) Nov 6 and that agents have been reviewing the phone but have not been able to get into it.  “It actually highlights an issue that you’ve all heard about before with advance of the phones and the technology and the encryption, law enforcement, whether it’s at the state, local or the federal level, is increasin

AG Sessions blasts tech firms for blocking access to encrypted evidence

Attorney General Jeff Sessions is taking aim at technology firms for preventing law enforcement from accessing encrypted evidence for ongoing terror investigations, warning that such actions could have “deadly consequences.”  The issue has become a point of tension between tech companies and federal investigators in high-profile cases, such as the 2016 dispute between the FBI and Apple over data stored on an iPhone belonging to a suspect in the 2015 San Bernardino terror attack.  Sessions, who delivered remarks on national security in New York City, said that over the past year the FBI was

Sen Wyden, Paul introduce bill to end warrantless phone searches at border

A bipartisan group of lawmakers has introduced legislation that would require law enforcement agencies to obtain a warrant before searching the digital devices of Americans trying to reenter the United States. The practice of US Customs and Border Protection (CBP) agents asking for passwords to search the digital devices of Americans seeking entry into the United States has attracted significant media attention and raised concerns among privacy advocates in recent months. Sens Ron Wyden (D-OR) and Rand Paul (R-KY) introduced legislation that cites the 2004 Supreme Court case Riley v. California, in which the court ruled that law enforcement needed a warrant to search an electronic device in the case of an individual’s arrest.

The bill, a version of which Reps Jared Polis (D-CO) and Blake Farenthold (R-TX) introduced in the House, states that the principles of the Supreme Court decision extend to searches of Americans’ digital devices at the border. The legislation, called the Protecting Data at the Border Act, also states that Americans must be made aware of their rights before they agree to give up passwords, social media account names or other digital account information or to hand over their devices to law enforcement.

Trump administration to score agencies on cybersecurity

A White House adviser said that the Trump Administration will develop metrics to track federal agencies’ implementation of a federal cybersecurity framework. Thomas Bossert, an adviser to President Trump on homeland security and counterterrorism, said that the new administration will require agencies and departments to abide by the framework developed by the National Institute of Standards and Technology (NIST) and report back to the White House on their adoption and implementation of the cybersecurity recommendations. The aide said the move is part of a larger effort by President Trump to treat the entire federal network as its own entity and safeguard it from cyber threats.

“We’re going to go through a thoughtful approach that requires federal departments and agencies to adopt and implement cybersecurity framework developed by NIST and any subsequent iteration of that document,” Bossert said. “They’re going to be required to produce for us a report.” The report will be submitted to the Department of Homeland Security (DHS), the Office of Management and Budget (OMB) and the White House, and will serve as a “scorecard” to assess agencies’ cybersecurity efforts, Bossert said.

House Science Committee approves cybersecurity framework bill

The House Science Committee approved a bill designed to encourage federal agencies to adopt cybersecurity framework developed by the National Institute of Standards and Technology (NIST). The committee approved the bill largely along party lines, despite opposition from Democratic Reps to provisions in the bill requiring NIST to evaluate and audit federal agencies’ adoption of the cybersecurity and technology guidelines.

Rep Ralph Abraham (R-LA) introduced the NIST Cybersecurity Framework, Assessment, and Auditing Act of 2017 recently, couching it as a response to recent high-profile cyber breaches like those at the Office of Personnel Management and IRS. The legislation would direct NIST to develop metrics for evaluating federal agencies’ cybersecurity and submit an initial assessment and regular audits to Congress on cybersecurity measures put in place by federal agencies. It would also set up guidance for federal agencies to incorporate the NIST cyber framework and establish working groups in the federal and private sectors to help public and private entities use the framework.