Anyone lamenting today's lack of a cyber war grand strategist – someone "with great vision who will declare to the world what great power lies therein" – overlooks the properties of cyberspace, writes a Rand scientist in a paper.
Under a proposal offered to the federal judiciary's Advisory Committee on Rules of Criminal Procedure, law enforcement would be allowed to remotely access computers they suspect were used in crimes – even if the computers are located in a different judicial district than the one granting the warrant.
State and local operators of critical infrastructure won't get a dedicated grant program to foster adoption of a cybersecurity framework the government released earlier this year – not unless Congress approves legislation allowing it, said a Homeland Security Department official.
The FBI plans to hire 1,000 agents and analysts by October to replace employees lost to attrition during the hiring freeze instituted under sequestration. But just because the FBI has the funds to hire doesn't mean it can attract the workforce it needs. The FBI director said the bureau's struggles to fill cybersecurity positions remain a significant issue.
Over the past decade, the cyber black market has transformed from a landscape of "discrete, ad hoc networks of individuals initially motivated by little more than ego and notoriety" into a financially driven collection of suppliers, vendors and intermediaries dominated by criminal organizations or groups, says the think tank.
Whether to propose extending limited liability protection to companies sharing cyber threat information is under consideration within the Obama administration, a top civilian cybersecurity official said Wednesday.
European Union leaders and President Obama today announced a new effort to formalize and broaden cooperation on cyber issues.
Perennial information security weaknesses at the Veterans Affairs Department have led a House Veterans' Affairs subcommittee to consider legislation to compel the VA to address them, perhaps at the expense of its discretion. The draft legislation would require "very specific security control activities," said Greg Wilshusen, a Government Accountability Office official who reviewed it.
The Environmental Protection Agency's primary tool for information security training is too technical for executives but too general for technical personnel, say auditors.
Legislation aiming to improve cybersecurity cooperation between European Union member states passed the European Parliament March 13. All member states would also have to establish a computer emergency response team to handle cybersecurity incidents.