FCW Insider: April 22, 2021
The latest news and analysis from FCW's reporters and editors.
CISA issues third emergency directive since SolarWinds
The government's cybersecurity watchdog is increasingly issuing emergency instructions to agencies for handling high-risk vulnerabilities, something analysts say reflects both CISA's stature and the environment its working in.
Space Command moves for tighter cyber integration
U.S. Space Command is standing up a dedicated joint cyber center to improve integration with U.S. Cyber Command.
Lawmakers mull changes to federal climate data sharing
Multiple federal science agencies produce data on climate risks, but some experts say that the current information-sharing structure is fragmented and often confusing.
Quick Hits
*** A new Senate bill would extend scholarships to students studying artificial intelligence and other allied fields on the condition that they work in the public sector. The AI Scholarship-for-Service Act, sponsored by Sens. Gary Peters (D-Mich.) and John Thune (R-S.D.), would also offer government internships to participating students.
*** The House of Representatives on Tuesday passed the Cyber Diplomacy Act, which was introduced by Rep. Michael McCaul (R-Texas) and backed by Reps. Mike Gallagher (R-Wisc.), Adam Kinzinger (R-Ill.) and Jim Langevin. (D-R.I.). The bill would establish an office of cyber issues at the State Department, an ambassador at large position for cyberspace and direct the secretary of state to develop a strategy for engaging with foreign governments on "international norms with respect to responsible state behavior in cyberspace."
*** In advance of a cybersecurity executive order that could include product labels, the Information Technology Industry Council, a leading industry trade group, released a policymaking guide that looks to make the case that while "labels may help incentivize the adoption of the underlying security features, practices or certifications they are intended to communicate, they should not be perceived as a substitute for processes intended to build security and trust, such as secure development lifecycles."