Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–AND WE’RE BACK: Congress returned Tuesday from its month-long hiatus with pledges to finish a stalled cybersecurity bill, the Cybersecurity Information Sharing Act (CISA). But most are skeptical the measure — intended to boost the exchange of cyber threat data between the public and private sector — will hit the floor any time soon. The day after Congress left Washington for its August recess, Senate Majority Leader Mitch McConnell told reporters, “We have an agreement now that will allow us to finish [CISA] in September.” The Kentucky Republican was referring to an agreement that structures the first slate of 22 amendments that will be considered when the bill eventually comes up. But the Iran nuclear pact and a series of important budget bills facing September deadlines will take precedent over cybersecurity, Senate Intelligence Chairman Richard Burr (R-N.C.), told The Hill on Tuesday. That means no action on CISA until October at the earliest, the CISA co-sponsor added. “I don’t think so, but I’m ready to go,” he said. To read our full piece, click here.

{mosads}–CHINA SANCTIONS COMING THIS WEEK?: China’s ambassador to the United States is warning that sanctioning Beijing for hacking the U.S. government would be counterproductive ahead of Chinese President Xi Jinping’s Washington visit at the end of the month. The White House is expected this week to unveil economic sanctions against China for hacking U.S. companies, and potentially for orchestrating the massive digital theft of over 20 million federal workers’ data from the Office of Personnel Management (OPM). Such punishments would come at a pivotal time for the U.S.-China relationship. Later this month, Xi will make his first official trip as president to Washington for a series of high-level meetings. Chinese Ambassador to the United States Cui Tiankai argued hacking sanctions could help derail the meetings. The punishments would be non-constructive, Cui said, according to “China Daily,” a state news outlet. “This means that China and the U.S. have every reason to conduct more communications and cooperation in this regard, instead of moving towards conflict and confrontation,” the ambassador told reporters over the weekend. “I hope the U.S. side will make a smart choice.” To read our full piece, click here.

–I CAN HAZ DATA?: It’s a big week for the debate over what level of access government investigators should have to a company’s customer data. It was revealed Tuesday that Apple recently rejected a court order to turn over communications sent using its iMessage feature, citing its encryption system. It’s a situation the Department of Justice (DOJ) and FBI have long warned about, but has rarely been seen. And on Wednesday at an appeals court in New York, the government and Microsoft will battle during oral arguments over whether the government can force companies to give up data stored overseas. Both incidents are a stark example of the long-brewing tensions between federal investigators and the tech community. Companies like Apple, Google and Microsoft have moved quickly to bolster their encryption and rebuff government requests for data if possible. Officials at the FBI and DOJ have been warning this trend is creating a “going dark” problem, in which terrorists and criminals will be able to safely operate within a lawless zone. But Silicon Valley and privacy advocates believe such moves are necessary to secure personal data and preserve civil liberties. To read our full piece on Apple, click here. To read a full preview of the oral arguments in the Microsoft case, check back tomorrow morning.  

 

UPDATE ON CYBER POLICY:

–UNDER MY UMBRELLA: The United States and European Union have finalized an “umbrella agreement” that would allow the two sides to exchange more data during criminal and terrorism investigations.

The deal, many years in the works, was nearly derailed following the revelations of multiple clandestine U.S. surveillance programs. But negotiators were able to get things back on track when the U.S. agreed to include a clause giving EU citizens the right to sue in U.S. courts over misuse of their personal data.

EU officials portrayed the provision as key to ensuring European digital privacy as the 28-country collective tries to square its more robust data protection laws with those in the U.S.

Although negotiators have agreed to the provision, Congress must first pass a stalled bill to give EU citizens this right.

Sen. Chris Murphy (D-Conn.) is sponsoring that bill, known as the Judicial Redress Act. He told reporters Tuesday he is angling to possibly attach the language to CISA or pass it as a standalone bill. The measure is not one of the initial 22 amendments that will get votes when CISA is considered.

“We were hopeful to get it attached to the cybersecurity bill, but I haven’t heard much opposition within the Senate,” he said. “So if we can get it hotlined later this year, we will. Now that we know it’s instrumental to this agreement, I think we’ll have more purchase within both caucuses.”

Read on, here.

 

LIGHTER CLICK:

–HELLO, MR. PRESIDENT: John McAfee, the sometimes-yogi who was recently arrested for possession of a firearm while intoxicated, has filed his papers to run for president. The developer of the eponymous anti-virus software also tweeted–then deleted–an image of the American flag superimposed over his face on Tuesday.

Read more, here.

 

A REPORT IN FOCUS:

–HELP ME, I’M POOR: The global cybersecurity market is expected to hit $170 billion by 2020, up from $77 billion in 2015, according to a wide-ranging quarterly market report from Cybersecurity Ventures.

North America and Europe are the leading revenue contributors, but the Asia-Pacific provider market is growing. India saw a whopping 100 percent market growth, from $500 million in 2014 to $1 billion in 2015.

Other important figures: That $77 billion in global IT spending in 2015 is an 8.2 percent rise over last year. Part of that is a result of a 40 percent increase in seven-figure cybersecurity deals year-over-year.

Meanwhile, cybercrime costs businesses $400 billion to $500 billion a year — or more.

Read more, here.

 

A LOOK AHEAD:

WEDNESDAY

–NextGov hosts a conference on government cybersecurity. Rep. Will Hurd (R-Texas), Federal Chief Information Officer Tony Scott and OPM officials will speak.

–Microsoft and the federal government will give oral arguments at the U.S. Appeals Court for the Second Circuit in New York in their standoff over a government warrant requesting Microsoft to hand over a user’s email account stored at a data center in Dublin, Ireland.

–The Intelligence and National Security Alliance will hold the first day of a conference on U.S. intelligence. Director of National Intelligence James Clapper will speak.

–The Federal Trade Commission will hold a conference titled “Start with Security” in San Francisco featuring remarks from top Silicon Valley security officials. The conference will be livestreamed here.

–The ITIF will host an event titled “The Sky is Not Falling: Understanding the Privacy Panic Cycle.”

THURSDAY

–The Intelligence and National Security Alliance will hold the second day of its conference on U.S. intelligence. NSA Director Michael Rogers and CIA Director James Brennan will speak, as well as three leaders from congressional intelligence committees — Senate Intelligence Committee ranking member Dianne Feinstein (D-Calif.), House Intelligence Committee Chairman Devin Nunes (R-Calif.) and House Intelligence ranking member Adam Schiff (D-Calif.).

–The House Intelligence Committee will hold an open hearing on “worldwide cyber threats” at 10 a.m.

–The oversight subcommittee for the House Science, Space and Technology Committee will hold a hearing on “vulnerabilities in America’s power supply” at 10 a.m.

–The House Judiciary Committee will hold a hearing on commercial drone use policy at 2 p.m.

FRIDAY

–The Atlantic Council will hold an event titled “Sanctioning Chinese Cyber Theft” at 9 a.m.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

The laser apparatus used by most self-driving cars can be hacked with a glorified laser pointer that costs just $60. (The Hill)

Experts warn that data brokers, who sell information to everyone from advertisers to private investigators, may be an especially tempting — and dangerous — target for hackers. (The Wall Street Journal)

With the future of the stalled Cybersecurity Information Sharing Act uncertain, experts say there are other ways Congress can improve cybersecurity through legislation. (National Journal)

Europol’s cybercrime agency has been stymied by a popular encryption software. (Motherboard)

Thanks to volatile markets, red-hot Israeli cybersecurity startup ForeScout may not be ready to launch an IPO this year, its chief executive tells Reuters.

Rod Turk, the Department of Energy’s associate chief information officer for cybersecurity, has departed to take on a similar role at the Commerce Department. (FCW)

The TSA’s chief information officer tells Federal Times how budget restrictions forced the agency to get creative with its IT strategy.

A security researcher at Google cracked the digital defenses of two of the most well-known cybersecurity firms in the world. (International Business Times)

Cyber criminals hacked freeware company Mozilla last week, possibly compromising Firefox users. (MSPmentor)

Researchers have discovered a backdoor into Seagate wireless NAS drives. (Beta News)

 

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A