Bringing home the (cyber) Bacon

bySalena Martine -
0
Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Jan 13, 2025 View in browser
 
POLITICO Weekly Cybersecurity Newsletter Header

By Maggie Miller

Driving the Day

— Rep. Don Bacon (R-Neb.), chair of the House Armed Services Committee’s cyber subcommittee, plans to stand up to China for its recent hacks against U.S. networks.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! While the winter wonderland is gorgeous, I found myself looking up photos of the cherry blossoms blooming in Washington over the weekend, so … it’s safe to say winter has already overstayed its welcome.

Follow POLITICO’s cybersecurity team on X at @johnnysaks130, @magmill95 and @rosieperper, or reach out via email or text for tips. You can also follow @POLITICOPro on X.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.
Today's Agenda

Nothing to report.
On the Hill

SENDING A MESSAGE — The Republican chair of the House Armed Services Committee’s Subcommittee on Cyber, Information Technologies and Innovation wants to stand up to Beijing for its recent hacking efforts against the U.S. — part of a number of goals he has for the panel during the 119th Congress.

“We're gonna be in your networks, causing mischief, and two could play this game,” Bacon told your MC host during a sit-down interview last week. He stressed that in response to massive Chinese-linked hacks — such as the infiltration of U.S. telecoms networks by the Salt Typhoon hacking group and the compromise of networks at the Treasury Department — he hopes to push the Pentagon to be “more aggressive” in its cyber offensive efforts.

“It doesn't have to be vocal, but China needs to know that we're going back in [their networks]. Speak softly, but carry a big ass stick and let China know that, ‘Hey, you're not gonna get by with just doing the shit you're doing,’” Bacon said.

Bacon’s call for more cyber offensive measures follows prior comments from President-elect Donald Trump's incoming national security adviser Rep. Mike Waltz (R-Fla.) and the chairs of the House Homeland Security and China panels. On Sunday, Sen. Mark Kelly (D-Ariz.), a member of the Senate Intelligence Committee, added to these voices, saying on CBS News’ “Face the Nation” that “we’ve got to be strong in standing up to [China] and explaining to them, in some cases, consequences need to be serious.”

Those calls may have been heeded. Jake Sullivan, President Joe Biden’s national security adviser, said last week that “we have taken steps in response to Salt Typhoon” and “sent clear messages to the PRC about what it would actually mean if they acted to disrupt American critical infrastructure and how we would respond.”

— Leave DoD be: As Bacon told your MC host, China is far from his only concern as the chair of the cyber subcommittee. He also could find himself facing off with the Trump administration on reorganization issues for the nation’s cyber defense, as he has opposed the incoming officials’ reported plans to split up the dual-hat leadership of U.S. Cyber Command and the National Security Agency.

“I’m going to push back on it,” Bacon said. “You’ve got to have these people on the same team.”

The lawmaker praised current Cyber Command and NSA lead Gen. Tim Haugh’s leadership, stressing the risks that could come from adding additional cooks to the cyber kitchen. Bacon and Haugh had previously served together in the Air Force.

He’s also opposed to the idea of creating a Cyber Force at the Pentagon that would operate as a dedicated branch of the military at the level of the Army or Navy. Instead, he favors an organizational model based on the U.S. Special Operations Command.

Read much more in an article from your MC host out this morning (for Pros).
At the Agencies

AI AHOY — The Biden administration will roll out an interim final rule today that aims to protect U.S. artificial intelligence technologies from being used by adversarial nations and from posing national security risks themselves.

— Who’s in, who’s out: The rule, set to be released by the Commerce Department’s Bureau of Industry and Security, takes aim at sales licensing of chips, including limiting which countries can purchase these chips without restrictions. Only 20 allies and partners of the U.S. — which include Australia, Canada, New Zealand, the United Kingdom, Japan, South Korea, Taiwan and many European nations — with high technology regimes are excluded from the new rule.

Businesses based in trusted nations that meet certain security standards can be granted the “universal verified end user” status. Companies based in non-trusted nations will still be allowed to purchase computational power from the U.S., but the amount will be capped at a certain amount per nation.

“It ensures that the infrastructure for training frontier AI … happens either in America or in the jurisdictions of our closest allies, and that that capacity does not get offshored like chips and batteries and other industries that we had to invest hundreds of billions of dollars to bring back onshore,” Sullivan told reporters during a call Sunday night.

— Narrow focus: Commerce Secretary Gina Raimondo stressed to reporters on the same call that the rule was meant to thread the needle between national security and not hurting U.S. trade and businesses, and it was created over much of 2024 with the input of partner nations, civil society groups and industry.

Raimondo said that BIS was granting a longer comment period on the rule — 120 days — in order to allow the incoming Trump administration to consult with many more interested parties. The rule would not go into effect until a year after the final version is issued.
Trump Transition

CONFIRMATION KICK-OFF — Just about every major Senate committee this week will begin holding confirmation hearings for Trump’s Cabinet nominees — including those who will have oversight of the nation’s cybersecurity in the coming years.

— DoD: On Tuesday, the Senate Armed Services Committee will hold a hearing for Pete Hegseth, Trump’s Defense secretary pick. Hegseth, a Fox News host whose nomination has been plagued by controversy, has not said much on cybersecurity policies.

However, he did make clear his concerns that China is building an army specifically dedicated to “defeating” the U.S. during a November appearance on “The Shawn Ryan Show.”

— DHS: The Senate Homeland Security and Governmental Affairs Committee is scheduled to hold a confirmation hearing Wednesday for South Dakota Gov. Kristi Noem, Trump’s nominee for secretary of Homeland Security. If confirmed, she will be in charge of the Cybersecurity and Infrastructure Security Agency.

Noem has a mixed track record on cyber policies as governor. She invested $90 million in expanding cybersecurity programs at Dakota State University but also rejected $7 million of CISA grants that could have been used to strengthen local government cybersecurity due to concerns about too much federal spending.

— State, CIA: Wednesday will be a busy day. The Senate Foreign Relations Committee is set to hold a hearing on Sen. Marco Rubio’s (R-Fla.) nomination for secretary of State, and the Senate Intelligence Committee will hold a separate hearing on the nomination of John Ratcliffe for CIA director.

Rubio has been a strong advocate for cybersecurity issues while serving as ranking member of the Senate Intelligence Committee in recent years. He’s come down hard on China in particular for cyber intrusions into U.S. networks, and he faces an easy path to confirmation.

Ratcliffe is Trump’s former director of national intelligence and a former member of the House, where he chaired the House Homeland Security Committee’s cybersecurity subcommittee.

Of these nominees, only Hegseth faces any real challenge to getting confirmed by the full Senate once Trump is sworn in on Jan. 20.
Tweet of the Day

An unsurprising big yikes.

Tweet of the Day for Jan. 13, 2025 edition of the Morning Cybersecurity newsletter.

X
Quick Bytes

ICYMI — Biden is set to sign an executive order this week that would further integrate AI into the nation’s cyber defense and enhance the cybersecurity of the federal acquisition process, your MC host reported Friday.

CONNOLLY’S TAKE — New House Oversight Committee ranking member Gerry Connolly (D-Va.) is open to working with the incoming Trump administration’s Department of Government Efficiency in some limited areas, such as improving federal IT, NextGov’s Natalie Alms reported.

SOME GOOD NEWS — CISA put out a report late last week that showed a surge in critical infrastructure organizations signing up for cyber hygiene programs, Matt Bracken reported for CyberScoop.

Chat soon.

Stay in touch with the whole team: John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Rosie Perper (rperper@politico.com).
 

Follow us on Twitter

Heidi Vogt @HeidiVogt

Maggie Miller @magmill95

John Sakellariadis @johnnysaks130
 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://login.politico.com/?redirect=https%3A%2F%2Fwww.politico.com/settings

This email was sent to salenamartine360.news1@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Unsubscribe | Privacy Policy | Terms of Service

You may like these posts

Post a Comment

Previous Post Next Post