LACyber: Cyber Security Blog

cyber security buffalo western new york
a division of Lincoln Archives Inc.


Senators Calling for Transparency and Change in Cyber Sec Reporting

by Sally Rozumalski

In the current digital age, we’ve become almost numb to digital breaches of information. Especially where large organizations are concerned. They are readily becoming a daily occurrence, one that leaves sensitive information unguarded and people’s livelihood in jeopardy.

Essentially, what happens far too often is that these sensitive databases are accessed, passwords are stolen, emails are sifted through and utilized, innocent people are put at risk, and corporations are knocked down a peg and shown how vital security procedures really are.

However, what you don’t tend to hear about often are hacks of computer and IT systems belonging to government entities.

In fact, the last time a breach of congressional computers was publicly disclosed was in March 2009, when then-Senator Bill Nelson revealed computers in his office had been attacked three times in the previous month, and that "The threat to our national security, to be sure, is real”.

Under legal obligation, federal agencies and corporations alike are regulated and made to publicly disclose breaches. On the other hand, Congress is under no such obligation. This essentially means that the public may have no idea that their political representatives have been hit, and if they have, what was affected.

This past week, two US Senators, decided that they have had enough with keeping the public in the dark.

These two US senators have requested the US Senate Sergeant at Arms to disclose details about cyber-attacks against the Senate and its members.

The formal request was made in a letter signed and dated on the 13th of March by Ron Wyden a Democrat from Oregon and Tom Cotton a Republican from Arkansas, both members of the US Senate Intelligence Committee.

Essentially, this committee was created to “oversee and make continuing studies of the intelligence activities and programs of the United States Government,” to “submit to the Senate appropriate proposals for legislation and report to the Senate concerning such intelligence activities and programs,” and to “provide vigilant legislative oversight over the intelligence activities of the United States to assure that such activities are in conformity with the Constitution and laws of the United States.”

In their letter, the Senators call for transparency:

"Companies and executive branches are required by state and federal law to report breaches. In contrast, Congress has no legal obligation to disclose breaches and other cyber incidents," the two senators wrote in their letter.

"The Sergeant at Arms must be transparent in providing members of the Senate all information about the possible existence and scale of successful hacks against the Senate," the letter reads.

"Each US senator deserves to know and has a responsibility to know, if and how many times Senate computers have been hacked, and whether the Senate's existing cybersecurity measures are sufficient to protect both the integrity of this institution and the sensitive data with which it has been entrusted."

For obvious reasons, the two say they understand that some data about cyber-attacks might need to remain confidential as part of ongoing investigations, or because of its sensitive nature to the public.

However, they ask the Sergeant at Arms to at least disclose statistics about attacks as a whole, so senators can have informed debates and allocate funds to improve the Senate and senators' cyber-security protections.

To that end, the two provide the following steps of action to initiate change on this matter:

  1. Provide each Senator annually, with aggregate stats revealing the number of cyber incidents which compromised senate utilized computers and or incidents where hackers have otherwise gained access to sensitive Senate information.
  2. Commit to a policy of informing Senate leadership and all Senate committees on rules and intelligence within 5 days of discovering any breach of a Senate computer

The initiation of this letter by Senator Wyden is no coincidence. Last September, he was the one to reveal that several senators' Gmail accounts had been targeted by foreign hackers.

Wyden is also the same senator who pushed the Senate Sergeant at Arms to implement full disk encryption on Senate laptops and computers, and also pushed the Senate to allow staff members to use the Signal secure messaging app for internal communications.

The hope behind this move, is to start a discussion. It’s time for members of the Senate to start recognizing cyber security as a serious national security issue. With the work of this letter, that may just become reality.

 

LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.

Return to Blog Menu

Contact Information:


LACyber
155 Great Arrow
Buffalo, New York
14207
(716) 871-7040
Email: info@LincolnArchives.com

Recent Blog Posts:

New School Year, New Threats to Higher Education Data Security
As the new school year heats up so are cyber security threats statistics say. With the opening of the fall term, many colleges and schools across the country are seeing an increase presence of cyber criminals trying to breach their walls.
Author: Sally Rozumalski - Date: 2019-09-03
Ransomware Keeps 22 Texas Government Agencies at a Standstill
More and more cities across the US are falling victim to cyberattacks. With no signs of letting up. In Texas, this statistic has become reality, as 22 small towns have been hacked, and held for ransom.
Author: Sally Rozumalski - Date: 2019-08-22
The SHIELD Act has passed… Now what?
New York state has a new law! This will drastically change our approach to data breaches, what signifies a breach and who must report, while also imposing more stringent penalties on companies for cyber security incidents! Are you prepared?
Author: Sally Rozumalski - Date: 2019-07-24
Is Tape Back Up Still Relevant?
As the years go on, tape is not going away. In fact, the technology behind tapes is improving! The question is: are there enough discussions taking place about this data back-up method?
Author: Sally Rozumalski - Date: 2019-06-13
Data Destruction, What is the Big Deal?
Ensuring the secure destruction of private data not only gives you piece of mind, but also could potentially save you thousands if not millions of dollars in data breach fines.
Author: Sally Rozumalski - Date: 2019-04-19
See All Blog Posts

Contact Form




Cyber Defense Plans starting at $49.99