US BIS, NCSC receive scrutiny. Addressing the Cyberspace Solarium Commission’s remaining recommendations.


At a glance.

  • Critics warn that the US Bureau of Industry and Security has no power to block US technology exports to China.
  • National Counterintelligence and Security Center under surveillance for operational problems.
  • Addressing the remaining recommendations of the Cyberspace Solarium Commission.

Critics warn that the US Bureau of Industry and Security has no power to block US technology exports to China.

Experts are concerned that the US Bureau of Industry and Security (BIS) — the arm of the Department of Commerce tasked with approving sensitive US technology exports — does not have the intelligence resources needed to understand the full ramifications of the sale of advanced US technology equipment and -Software understand to China. Derek Scissors, a senior fellow at the American Enterprise Institute in Washington, DC, told CyberScoop, “You could use better information, no doubt about that. They have not made the transition to China a national security issue.” As former BIS chief Nazak testified in June during a Senate Intelligence Committee hearing, “As our industries weaken—semiconductors, telecommunications, critical minerals and rare earth elements, high-performance batteries, as well as pharmaceutical and medical devices – the greater our national security is at risk.”

To reduce America’s dependence on Chinese-made semiconductor chips, the Biden administration recently committed $50 billion to support US chip manufacturing, and the White House plans to expand bans on US semiconductor exports next month. But critics say the Commerce Department has neglected the issue for too long and that the BIS is a crack in its armor. Undersecretary for Industry and Security Alan Estevez defended BIS’s efforts, stating, “As the threat environment has evolved in terms of nation-state threats, emerging technologies, and a growing number of contested domains, we continually work to build on these relationships, bring in additional resources and leverage all sources of intelligence to fulfill our important and growing mission.” To improve BIS’s posture, the Intelligence Authorization Act of 2023 includes a provision for a pilot program to “assess the feasibility and desirability of deployment of information from publicly available, publicly and commercially available information to the Department of Commerce in support of export control and investment audit functions of the department”. And BIS leaders have asked Congress for nearly $200 million in discretionary spending and 593 new jobs to bolster staffing.

Also Read :  Haleon and Microsoft use AI to enhance health product accessibility for people who are blind or partially sighted

National Counterintelligence and Security Center under surveillance for operational problems.

A new study released yesterday by the US Senate Intelligence Committee indicates that the National Counterintelligence and Security Center (NCSC), responsible for coordinating intelligence efforts by US spy agencies, lacks a clear mission and adequate powers . Amid growing concerns about foreign disinformation and interference in US elections, the report warns that efforts to stop China, Russia and other adversaries from stealing national secrets are being slowed by misunderstandings, understaffing and a lack of funding at the NCSC. As AP News explains, the center is a branch of the Office of the Director of National Intelligence (ODNI), established in 2004 to coordinate priorities and improve information sharing among the eighteen members of the US intelligence community. According to the report, the NCSC’s work is hampered by bureaucracy, hiring issues, a lack of authority and the fact that President Joe Biden is yet to nominate a director for the center. Senator Marco Rubio, vice chairman of the US Senate Intelligence Committee, says they want to ensure that intelligence agencies “have the powers and resources necessary to effectively counter these emerging counterintelligence threats.” Experts are unsure of a solution, with some believing that the US should have its own counterintelligence agency that would take over some of the tasks currently performed by espionage agencies like the Federal Bureau of Investigation and the Central Intelligence Agency while others feel that such an agency would only add to the confusion. A spokesman said the NCSC values ​​the report because it “identified several recommendations to improve the NCSC’s ability to conduct the counterintelligence mission.”

Also Read :  New Vulnerabilities Reported in Baxter's Internet-Connected Infusion Pumps

Addressing the remaining recommendations of the Cyberspace Solarium Commission.

According to a report released today, the US Cyberspace Solarium Commission (CSC) is on track to implement 85% of all of its recommendations to improve the country’s cyber posture, while the remaining 15% face hurdles or “significant impediments.” More than half of its recommendations have already been implemented, and the Washington Post reports that some of the CSC’s recommendations, such as creating legislation to identify the country’s most vulnerable computer systems, remain top priorities for Congress. Many of the commission’s recommendations could be included in the National Defense Authorization Act, an annual defense law bill scheduled for submission to the Senate in October.

Also Read :  The US says it's helping Iranians navigate a massive internet blackout. Activists say it's too little, too late.

The report, published by the CSC’s non-profit successor, CSC 2.0, states: “Since the release of the first annual assessment in August 2021, Congress and the administration have made significant progress in strengthening U.S. cyber defenses by empowering the U.S. government organized and resourced and worked with partners and allies, and enhancing collaboration with the private sector. But the work is not done yet.” According to former Executive Director of the Cyberspace Solarium Commission, Mark Montgomery, the CSC’s recommendations to improve public-private partnerships and strengthen government’s overall cyber ecosystem — such as establishing a national certification and Cybersecurity Labeling Authority – are yet to bear fruit. Montgomery told CyberScoop, “We’re in the middle of the story here and we still have a lot of work to do. Every year when you’re away from the [original] report, we will get less and less finished. And the question is, will we make enough in the next two years to make a big difference?”



Source link