LACyber: Cyber Security Blog

cyber security buffalo western new york
a division of Lincoln Archives Inc.


Senators Calling for Transparency and Change in Cyber Sec Reporting

by Sally Rozumalski

In the current digital age, we’ve become almost numb to digital breaches of information. Especially where large organizations are concerned. They are readily becoming a daily occurrence, one that leaves sensitive information unguarded and people’s livelihood in jeopardy.

Essentially, what happens far too often is that these sensitive databases are accessed, passwords are stolen, emails are sifted through and utilized, innocent people are put at risk, and corporations are knocked down a peg and shown how vital security procedures really are.

However, what you don’t tend to hear about often are hacks of computer and IT systems belonging to government entities.

In fact, the last time a breach of congressional computers was publicly disclosed was in March 2009, when then-Senator Bill Nelson revealed computers in his office had been attacked three times in the previous month, and that "The threat to our national security, to be sure, is real”.

Under legal obligation, federal agencies and corporations alike are regulated and made to publicly disclose breaches. On the other hand, Congress is under no such obligation. This essentially means that the public may have no idea that their political representatives have been hit, and if they have, what was affected.

This past week, two US Senators, decided that they have had enough with keeping the public in the dark.

These two US senators have requested the US Senate Sergeant at Arms to disclose details about cyber-attacks against the Senate and its members.

The formal request was made in a letter signed and dated on the 13th of March by Ron Wyden a Democrat from Oregon and Tom Cotton a Republican from Arkansas, both members of the US Senate Intelligence Committee.

Essentially, this committee was created to “oversee and make continuing studies of the intelligence activities and programs of the United States Government,” to “submit to the Senate appropriate proposals for legislation and report to the Senate concerning such intelligence activities and programs,” and to “provide vigilant legislative oversight over the intelligence activities of the United States to assure that such activities are in conformity with the Constitution and laws of the United States.”

In their letter, the Senators call for transparency:

"Companies and executive branches are required by state and federal law to report breaches. In contrast, Congress has no legal obligation to disclose breaches and other cyber incidents," the two senators wrote in their letter.

"The Sergeant at Arms must be transparent in providing members of the Senate all information about the possible existence and scale of successful hacks against the Senate," the letter reads.

"Each US senator deserves to know and has a responsibility to know, if and how many times Senate computers have been hacked, and whether the Senate's existing cybersecurity measures are sufficient to protect both the integrity of this institution and the sensitive data with which it has been entrusted."

For obvious reasons, the two say they understand that some data about cyber-attacks might need to remain confidential as part of ongoing investigations, or because of its sensitive nature to the public.

However, they ask the Sergeant at Arms to at least disclose statistics about attacks as a whole, so senators can have informed debates and allocate funds to improve the Senate and senators' cyber-security protections.

To that end, the two provide the following steps of action to initiate change on this matter:

  1. Provide each Senator annually, with aggregate stats revealing the number of cyber incidents which compromised senate utilized computers and or incidents where hackers have otherwise gained access to sensitive Senate information.
  2. Commit to a policy of informing Senate leadership and all Senate committees on rules and intelligence within 5 days of discovering any breach of a Senate computer

The initiation of this letter by Senator Wyden is no coincidence. Last September, he was the one to reveal that several senators' Gmail accounts had been targeted by foreign hackers.

Wyden is also the same senator who pushed the Senate Sergeant at Arms to implement full disk encryption on Senate laptops and computers, and also pushed the Senate to allow staff members to use the Signal secure messaging app for internal communications.

The hope behind this move, is to start a discussion. It’s time for members of the Senate to start recognizing cyber security as a serious national security issue. With the work of this letter, that may just become reality.

 

LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.

Return to Blog Menu

Contact Information:


LACyber
155 Great Arrow
Buffalo, New York
14207
(716) 871-7040
Email: info@LA-Cyber.com

Recent Blog Posts:

Data Destruction, What is the Big Deal?
Ensuring the secure destruction of private data not only gives you piece of mind, but also could potentially save you thousands if not millions of dollars in data breach fines.
Author: Sally Rozumalski - Date: 2019-04-19
Can Your Smart Speaker "Hear" You?
Millions of people turn to their smart home devices for the weather, music or just a good laugh. But do you ever wonder if your smart device can actually hear whats being said, or where that information might go?
Author: Kathryn Turner - Date: 2019-04-12
The Gap in Risk Protection You Won’t See Coming
Your office network is a complex compilation of interconnected machines which cyber criminals seek to break into. So what part of your office is the most vulnerable to a data breach?
Author: Sally Rozumalski - Date: 2019-04-05
Ransomware and Company Closings: Could You be Next?
 Ransomware is continuing to hit businesses, will more force and impact each year. Malicious software and the infamous effects that accompany it, are starting to effect companies on a larger scale than a simple inconvenience including shutdowns, fines, and years lost.
Author: Sally Rozumalski - Date: 2019-03-29
Facebook’s Password Dilemma: Another Security Mishap?
Following last September’s massive security breach of user data, it’s becoming more and more challenging to summarize all the misuse of privacy and security fumbles Facebook is held responsible for.
Author: Sally Rozumalski - Date: 2019-03-22
See All Blog Posts

Contact Form




Cyber Defense Plans starting at $49.99