EO seeks to secure services such as GPS - Politico
(Source: politico.com)

clicks | 5 days ago | comments: discuss | tags: cryptocurrency

Article preview (bot search)

(Original link: politico.com)

02/13/2020 10:00 AM EST
With help from Eric Geller and Mary Lee
PROGRAMMING NOTE: Morning Cybersecurity will not be published on Monday, Feb. 17. We'll be back on our normal schedule on Tuesday, Feb. 18. Advertisement
Editor's Note: This edition of Morning Cybersecurity is published weekdays at 10 a.m. POLITICO Pro Cybersecurity subscribers hold exclusive early access to the newsletter each morning at 6 a.m. Learn more about POLITICO Pro's comprehensive policy intelligence coverage, policy tools and services at www.politicopro.com . Quick Fix
— An executive order that debuted on Wednesday orders agencies to take steps to safeguard against disruption of positioning, navigation and timing services.
— A guide out today gives election officials six tips on inexpensively protecting elections from cyber threats.
— Draft legislation on autonomous vehicles would forbid the sale of autonomous vehicles from manufacturers if they don’t implement cybersecurity measures.
HAPPY THURSDAY and welcome to Morning Cybersecurity! I am the Nina, the Pinta, the Santa Maria . Send your thoughts, feedback and especially tips to . Be sure to follow @POLITICOPro and @MorningCybersec . Full team info below. White House
TIME FOR MORE SECURE TIME — President Donald Trump on Wednesday directed DHS, the Pentagon, the Commerce Department and other agencies to work together to reduce U.S. computer systems’ dependence on satellite-based positioning, navigation, and timing, or PNT, services that hackers could disrupt. Trump’s executive order requires Commerce to provide government and industry partners with “PNT profiles” to help them identify disruptions and manage “associated risks,” while DHS must “develop a plan to test the vulnerabilities of critical infrastructure systems, networks, and assets in the event of disruption and manipulation of PNT services.”
The executive order stems from concerns about Russia or other adversaries hacking the global navigation satellite systems , or GNSS, that beam vital real-time data to cargo vessels, airplanes, municipal transit agencies, energy producers and other clients in mission-critical environments. Trump’s order gives the White House one year to develop an R&D plan for “additional, robust, and secure PNT services” that don’t rely on GNSS like the ubiquitous, U.S. military-run GPS platform does. Commerce has six months to develop a GNSS-independent alternative to the current global standard for measuring time.
The directive also requires the government to revise federal contracts for systems that rely on PNT data to improve their resilience to cyberattacks, “with the goal of encouraging the private sector to use additional PNT services and develop new robust and secure PNT services.” Additionally, DHS and the departments of Treasury and Energy must run PNT resilience pilot programs with the critical infrastructure firms under their supervision.
INEXPENSIVE ELECTION SECURITY STEPS — Hey, local election officials, are you a little cash-strapped but want to defend the 2020 vote from hacker-types? The Alliance for Securing Democracy has some advice for you today. The six tips in the alliance handbook are : switch websites to HTTPS; form a local election cybersecurity group that includes law enforcement, IT experts and emergency management personnel; subject employees and contractors who handle sensitive information to background checks; collaborate with state officials on protecting voter registration; test infrastructure changes during low-stress times; and hire a CISO if you can afford one, or failing that borrow similar expertise from your state.
CFIUS MAXIMUS — “Regulations that take effect Thursday will mean closer scrutiny for app-makers and other data-hungry companies that accepteven small investments from foreign investors — concerns that have already snared apps like Grindr and TikTok over their Chinese ownership,” Leah Nylen writes for Pros this morning. “Under the new Treasury rules,the federal government can probe and seek to block ‘non-controlling’ investments by foreign nationals. The changewill affect even venture capital investments, which were previously immune from scrutiny.”
BILL LANGUAGE ON CYBERSECURITY FOR AUTONOMOUS VEHICLES — The bicameral, bipartisan effort to draft autonomous vehicle legislation now has a cybersecurity section , and it would forbid manufacturers from selling self-driving cars “unless such manufacturer has developed, maintains, and executes cybersecurity practices and processes to minimize cybersecurity risks to motor vehicle safety.” The draft released on Wednesday spells out 11 steps that constitute those best practices, such as ensuring recovery from cybersecurity incidents and requiring collaboration with third-party researchers. It also orders a DOT study on the cybersecurity of autonomous vehicles and authorizes the department to promulgate regulations in response to that study if needed.
CHANGELINGS — Facebook took down a network of ...