Hillicon Valley: Global cybersecurity leaders say they feel unprepared for attack | Senate Commerce Committee advances Biden’s FTC nominee Lina Khan | Senate panel approves bill that would invest billions in tech
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE.
Starting out with some good news tonight: Colonial Pipeline is back online after shutting down over a cyberattack last weekend. Meanwhile, a number of global chief information security officers said they think their organizations are unprepared to face a cyberattack, according to a report released Wednesday. The Senate Commerce Committee advanced President Biden’s nominee to the Federal Trade Commission, Lina Khan, and to approve legislation that would invest billions in science and emerging technologies in an effort to compete with China.
THAT’S REASSURING: A majority of global chief information security officers (CISOs) surveyed as part of a report released Wednesday said they feel their organizations are unprepared to face a cyberattack, despite many believing they will face an attack in the next year.
The report, compiled by cybersecurity group Proofpoint, was based on a survey of 1,400 CISOs in 14 different countries including the United States. The results highlighted a brutal year for security professionals struggling to cope during the COVID-19 pandemic.
“Organizational cyber preparedness is still a major concern, and more than a year into this pandemic, it really changed the threat landscape, 66 percent of CISOs feel their organization is unprepared to cope with a targeted cyberattack in 2021,” Lucia Milică, global resident CISO at Proofpoint and the report’s lead author, told The Hill ahead of the report’s release.
The findings of the survey revealed that CISOs are overworked and overwhelmed after a year in which the COVID-19 pandemic pushed more daily activities online, giving cyber criminals more targets for attack.
COMMERCE OKAYS KHAN: The Senate Commerce Committee on Wednesday advanced President Biden’s nominee to the Federal Trade Commission (FTC), Lina Khan.
Four Republicans voted against pushing forward her nomination, signaling overall bipartisan support for revamping antitrust laws and enforcement.
Sens. Marsha Blackburn (R-Tenn.), Mike Lee (R-Utah), Cynthia Lummis (R-Wyo.) and Dan Sullivan (R-Alaska) voted against advancing Khan.
Other Republicans have joined Democrats in touting Khan’s work critiquing big tech companies.
“I believe she is focused on addressing one of the most pressing issues of the day: reigning in the big social media platforms,” said ranking member Sen. Roger Wicker (R-Miss.).
ADVANCING THE ENDLESS FRONTIERS ACT: The Senate Commerce Committee voted Wednesday to approve legislation that would invest billions in science and emerging technologies in an effort to compete with China.
The bipartisan Endless Frontiers Act was approved by the committee by a vote of 24-4, with four Republican members voting against the bill.
The committee approved the legislation with significantly less funds included for the founding of a Technology and Innovation Directorate at the National Science Foundation, with much of the originally proposed $100 billion being funneled to other research efforts.
The bill overall is meant to give a boost to U.S. research and emerging technologies to compete on the global stage, such as in fields including artificial intelligence, quantum computing and semiconductors.
The bill was approved after several hours of debate that saw over 100 amendments proposed by senators, including one measure proposed by Sen. Gary Peters (D-Mich.) the committee approved that would provide $2 billion to address the semiconductor shortage, according to the Detroit News.
$500M FOR CYBER: A group of bipartisan House lawmakers on Wednesday rolled out legislation that would provide state and local governments with $500 million annually to defend against cyberattacks, which have escalated over the past year during the COVID-19 pandemic.
The State and Local Cybersecurity Improvement Act, led by House Homeland Security Committee cybersecurity subcommittee Chairwoman Yvette Clarke (D-N.Y.), would create a grant program to provide $500 million annually to state and local governments over the next five years for cybersecurity needs.
The legislation, provided to The Hill to review Wednesday, would also require state and local governments to submit plans for securing their systems against cyber threats in order to obtain the funding, and establish committees to implement the plans.
GIG DRIVER PRECEDENT: Food delivery companies operating in Spain will have to reclassify their drivers as employees within three months under a new law passed by decree this week.
Delivery drivers in the country will be guaranteed sick leave and paid vacation time and will no longer have to pay social security contributions themselves.
The legislation clarifies that ruling to make clear that the tens of thousands of food delivery drivers in Spain should be salaried employees. It does not extend that classification to other gig economy workers, like rideshare drivers, but could set precedent for future rulemaking.
The Rider Law is a first in Europe and comes as the European Union and the United States are both considering rules that could govern the gig economy.
WYDEN DRILLS GSA: Sen. Ron Wyden (D-Ore.) on Wednesday drilled the General Services Administration (GSA) over its ongoing approval of video conferencing app Zoom for government use, despite security vulnerabilities discovered by researchers.
In a letter to acting GSA Administrator Katy Kale shared with The Hill, Wyden requested that the agency provide a copy of its “security package” detailing the decision by the GSA to approve Zoom for use by federal agencies through the Federal Risk and Authorization Management Program (FedRAMP).
“It is extremely concerning that after Zoom was cleared for government use by the General Services Administration in April 2019, security researchers discovered multiple serious vulnerabilities in the year that followed,” Wyden wrote.
OFF THE LIST: The Pentagon on Tuesday officially said Chinese tech giant Xiaomi Corp. will be taken off of a Trump-era blacklist that had prevented U.S. investment in the company.
Lawyers for the Defense Department and Xiaomi on Tuesday said in a joint filing in D.C. federal court that it had agreed on the removal of the smartphone maker from the blacklist after a U.S. court in March granted a preliminary injunction against former President Trump’s January designation of Xiaomi as one of several Communist Chinese military companies, or CCMCs.
U.S. District Judge Rudolph Contreras ruled in March that the restriction could cause Xiaomi, which has denied claims of ties to China’s military, to “suffer irreparable harm in the form of serious reputational and unrecoverable economic injuries.”
AV SETBACK: House Transportation and Infrastructure Committee Chairman Peter DeFazio (D-Ore.) on Wednesday sharply criticized the Federal Communications Commission (FCC) for relocating spectrum in a way that critics have said could hurt the development of autonomous vehicles.
“We’ve got problems with the Federal Communications Commission, and they are impinging upon the bandwidth that we need for vehicle to vehicle communication,” DeFazio told The Hill’s Steve Clemons during a virtual event.
DeFazio’s comments came after the FCC last year split the 5.9 GHz band, previously reserved for vehicle safety communications, between unlicensed spectrum operations, such as WiFi for internet connected devices, and an advanced automobile safety technology.
WE’RE NOT PAYING FOR THAT: Colonial Pipeline has no plans to pay the ransom after a cyberattack on their operations, two people familiar with the matter told The Washington Post on Wednesday.
The hacking group behind the attack is thought to be based in Russia. The group appeared to have stolen data from Colonial, which it was purportedly preparing to use in a blackmail scheme. But Mandiant was able to trace the stolen data to a server owned by a New York-based firm, which quickly shut it down.
DOUBLE IT: Amazon is doubling its workforce in Arlington, Va., by hiring close to 2,000 employees for their second headquarters.
“Hiring across Amazon’s Arlington Headquarters is ramping up. Amazon is seeking 1,900 new employees for a variety of technical and non-tech jobs—a record high for the location,” an Amazon blog post states.
The office currently has around 1,600 employees with plans to add thousands of more jobs to the second headquarters in the next decade.
Lighter click: not bezos or gates
An op-ed to chew on: Is the sky falling? China’s rocket is part of a growing space junk problem
NOTABLE LINKS FROM AROUND THE WEB:
Credit Agencies Can’t Tell My Sister And Me Apart (The Verge / Mitchell Clark)
Instagram Labeled One Of Islam’s Holiest Mosques A Terrorist Organization (BuzzFeed News / Ryan Mac)
The Blue Check Mark’s Evil Cousin (The Atlantic / Will Oremus)
The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.