www.politico.com Open in urlscan Pro
2606:4700::6812:10ca  Public Scan

URL: https://www.politico.com/newsletters/weekly-cybersecurity
Submission: On January 30 via api from IE — Scanned from DE

Form analysis 2 forms found in the DOM

GET https://www.politico.com/search

<form class="slide-search__form" action="https://www.politico.com/search" method="get">
  <input class="slide-search__input" type="search" name="q" id="searchTerm" aria-label="Search for any story" placeholder="Enter search term...">
  <button class="slide-search__run" type="submit" aria-label="Start search">
    <svg viewBox="0 0 20 20" aria-labelledby="title" xmlns="http://www.w3.org/2000/svg">
      <title>Search</title>
      <use href="#icon-search"></use>
    </svg>
  </button>
  <button class="slide-search__close" id="search-close" type="button">
    <svg viewBox="0 0 20 20" aria-labelledby="title" xmlns="http://www.w3.org/2000/svg">
      <title>Close</title>
      <path fill-rule="evenodd" clip-rule="evenodd" d="M17.513 16.6291L10.8839 9.99995L17.513 3.37082L16.6291 2.48694L10 9.11606L3.37088 2.48694L2.487 3.37082L9.11613 9.99995L2.487 16.6291L3.37088 17.513L10 10.8838L16.6291 17.513L17.513 16.6291Z">
      </path>
    </svg>
  </button>
</form>

GET /signupModuleLegacy

<form target="get-the-weekly-cybersecurity-newsletter-full-0000014f-1646-d88f-a1cf-5f46b23b0000--0000015a-7ddb-d7a1-ad7e-ffdbe8970001" class="simple-signup simple-signup--stack" method="get" action="/signupModuleLegacy">
  <input type="hidden" name="subscribeId" value="0000014f-1646-d88f-a1cf-5f46b23b0000">
  <input type="hidden" name="processorId" value="0000015a-7ddb-d7a1-ad7e-ffdbe8970001">
  <input type="hidden" name="validateEmail" value="true">
  <input type="hidden" name="enhancedSignUp" value="true">
  <input type="hidden" name="bot-field" value="" class="dn">
  <input type="hidden" name="captchaUserToken" value="" autocomplete="off">
  <input type="hidden" name="captchaPublicKey" value="6LfS6L8UAAAAAAHCPhd7CF66ZbK8AyFfk3MslbKV" autocomplete="off">
  <input type="hidden" name="subscriptionModule" value="newsletter_page_standard_Weekly Cybersecurity - POLITICO">
  <input type="hidden" name="source" value="signUpModuleEnhanced">
  <fieldset>
    <label for="ibff4edcbfd25454fb06b801129230852" class="simple-signup__label">
      <b aria-hidden="true" class="icon icon-mail"></b>
      <span class="icon-text">Email</span>
    </label>
    <input type="email" name="subscribeEmail" id="ibff4edcbfd25454fb06b801129230852" value="" class="simple-signup__input " aria-label="Enter Your Email" placeholder="Your email…" required="">
    <button class="button type-link simple-signup__submit" type="submit"> Sign Up</button>
  </fieldset>
</form>

Text Content

 * Skip to Main Content


POLITICO POLITICO LOGO

 * Magazine
 * Pro
 * E&E News
 * Search
   Search Close


SECTIONS

 * Congress
 * White House
 * Magazine
 * The Agenda
 * Video
 * Podcasts
 * Congress Minutes


ELECTIONS

 * News
 * All Election Results


SERIES

 * The Fifty
 * The First 100 Days
 * Recovery Lab
 * The Vaccine Race
 * Women Rule


THE EXCHANGE

 * Women Rule


NEWSLETTERS

 * Playbook
 * Playbook PM
 * POLITICO Nightly
 * West Wing Playbook
 * The Recast
 * Huddle
 * All Newsletters


POLITICO LIVE

 * Live Home
 * Upcoming Events
 * Previous Events
 * About POLITICO Live


COLUMNS & CARTOONS

 * Rich Lowry
 * Jack Shafer
 * Matt Wuerker
 * Cartoon Carousel


POLICY

 * Agriculture
 * Cannabis
 * Cybersecurity
 * Defense
 * Education
 * eHealth
 * Employment & Immigration
 * Energy & Environment
 * Finance & Tax
 * Health Care
 * Space
 * Sustainability
 * Technology
 * Trade
 * Transportation


EDITIONS

 * California
 * Canada
 * Europe
 * Florida
 * New Jersey
 * New York
 * Pro


FOLLOW US

 * Twitter
 * Instagram
 * Facebook

 * My Account
 * Log InLog Out


WEEKLY CYBERSECURITY

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news
in cybersecurity policy and politics.

Get the Weekly Cybersecurity newsletter

Email Sign Up

By signing up you agree to receive email newsletters or updates from POLITICO
and you agree to our privacy policy and terms of service. You can unsubscribe at
any time and you can contact us here. This sign-up form is protected by
reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 * Facebook
 * Twitter

 * Print


ABOUT THE AUTHOR : SAM SABIN

Sam Sabin is a reporter for POLITICO Pro.


WEEKLY CYBERSECURITY - POLITICO ARCHIVE


 * MONDAY, 1/24/22


 * TUESDAY, 1/18/22


 * MONDAY, 1/10/22


 * MONDAY, 1/3/22


 * MONDAY, 12/13/21

 * View the Full Weekly Cybersecurity Archives »


 * MOST READ


 1. PENNSYLVANIA DEMS DECLINE TO ENDORSE IN SENATE PRIMARY


 2. DEMS PUT IOWA CAUCUSES ON TRIAL


 3. SUICIDE HOTLINE SHARES DATA WITH FOR-PROFIT SPINOFF, RAISING ETHICAL
    QUESTIONS


 4. TRUMP FACES MAGA REVOLT OVER ENDORSEMENT


 5. HOW A CELEBRATED LEGAL SCHOLAR GOT SWEPT UP IN THE POLITICAL SPIN MACHINE




EXCLUSIVE: EAC’S TOP STAFFER HEADING TO CISA

By SAM SABIN 

01/24/2022 10:00 AM EST

Presented by ManTech

With help from Eric Geller 


QUICK FIX

— CISA’s nabbed the executive director of the Election Assistance Commissionas
the agency beefs up its election security staffing ahead of the 2022 midterms.

— The Kremlin’s latest moves make an invasion of Ukraine appear imminent. But
experts can’t agree on whether cyber’s role in the conflict will escalate.

— Despite the near-passage of several major cyber bills last year, the top
cybersecurity firms’ lobbying spending varied throughout 2021, according to
recent lobbying disclosures.

HAPPY MONDAY, and welcome back to Morning Cybersecurity! I’m your host, Sam
Sabin, and I’m currently on the hunt for easy (and fun!) ways to sneak more
veggies into my snacking habits while I write the newsletter. Bonus points for
anyone with ideas that I can whip up in five minutes or less.

Have tips and secrets to share with MC? Or thoughts on what we should track down
next? Send what you’ve got to ssabin@politico.com. Follow along at @POLITICOPro
and @MorningCybersec. (Full team contact info below.) Let’s get to it:


A message from ManTech:

ManTech’s cyber experts deliver advanced full-spectrum protection that stops
adversaries in the planning stages of an attack. For decades, ManTech has
invested in our people, technology and capabilities leading to increased
protection of federal networks – thwarting cyber attacks while reducing the
threat surface and contributing to safer infrastructure regardless of the
threat. To learn more about ManTech’s capabilities, people and areas of
expertise, visit https://www.mantech.com/federal-cyber.


ELECTION SECURITY

FIRST IN MC: FROM EAC TO CISA — The Election Assistance Commission’s top staffer
is heading to CISA, just as the two agencies are discussing how to balance their
responsibilities.

Mona Harrington, who has served as the EAC’s executive director since October
2019, is joining CISA as the deputy assistant director of the National Risk
Management Center, which houses the agency’s election security team, she told
Eric. In this new role, she’ll help oversee the NRMC’s work protecting
elections, 5G wireless networks, supply chains and critical infrastructure. The
EAC announced Harrington’s departure on Friday but did not say where she was
headed next.

“Mona’s management experience and background in information security and risk
management will be a huge asset,” Bob Kolasky, the CISA assistant director who
leads the NRMC, told Eric. “She has been a great partner with us while at the
Election Assistance Commission, and we will maintain the strong organizational
relationship between CISA and the EAC as she begins her new role.” Kolasky said
Harrington would focus on “helping mature the NRMC as we continue to build out
our risk management and analysis work.”

— Interesting timing: Some election security experts have been pushing lawmakers
for years to transfer some of the EAC’s work to CISA. Matt Masterson, who served
as an EAC commissioner before leading CISA’s election security program, told the
House Homeland Security Committee last week that Congress should transfer the
EAC’s voting system certification program to CISA, cementing the latter agency’s
role as the “technical lead” for election security while freeing up the EAC to
“focus on everything else,” from grants to poll worker training. “The EAC is
small and has limited resources,” he said, while “CISA [is] much larger.”

(EAC Chairman Don Palmer has previously said Masterson’s ideas are “personal
animus over the dysfunction he participated in” and shouldn’t “interfere with
the importance of the good election work the Commission is currently doing.”)

— Taking matters into our own hands: CISA also recently recruited Kim Wyman, the
most recent secretary of state for Washington state, as its senior elections
lead.


A message from ManTech:




RUSSIA

WHAT ROLE CAN CYBER HAVE — With an intelligence report this weekend warning
Russia is planning to install a pro-Kremlin government in Ukraine if it invades,
tensions are at an all-time high for U.S. officials navigating the conflict
between Russia and Ukraine.

But leading up to a possible invasion, a key question still remains: Will
cyber’s role in the conflict continue to escalate at the same rate?

— A helpful distraction: Some experts are arguing that cyber will remain a
supporting character for the Russians. Dmitri Alperovitch, Crowdstrike
co-founder and former chief technology officer, said in aQ&A with The Record
that it’s likely Russia will continue to use cyberattacks to slowly weakened
Ukraine’s defensives, such as by targeting the financial sector or launching a
disinformation campaign arguing “resistance is futile.”

— A Western retaliation tool: Meanwhile, others are preparing for Russian
intelligence to launch cyberattacks against the U.S. and its allied countries’
infrastructure. “Though cyber espionage is already a regular facet of global
activity, as the situation deteriorates, we are likely to see more aggressive
information operations and disruptive cyber attacks within and outside of
Ukraine,” John Hultquist, Mandiant’s vice president of threat intelligence,
wrote in a blog post.

But the situation in Ukraine is changing fast. Secretary of State Antony Blinken
said Sunday on NBC’s “Meet the Press” that the situation on the ground is
changing by the hour. And the Russian government could continue to lean on its
allies in Belarus for cyber operations, throwing a wrench in Biden’s strategy
for striking back. (The Kremlin has already started amassing Russian troops
onthe border between Ukraine and Belarus, and Ukraine officials have blamed a
cyberattack on its government websites earlier this month on Belarus
intelligence)

— Adding to the mix: President Biden said last week he’s willing to launch
reciprocal actions against the Russians, including cyber offensive strikes.

Preparing for the worst: Government officials are actively encouraging critical
infrastructure operators to patch critical vulnerabilities and shore up their
cyber defenses quickly. CISA issued a warning to operators last week. Canada and
Poland have also issued similar warnings in recent days. As the week goes on,
more countries could follow.



INDUSTRY INTEL

CYBER’S ANNUAL BUDGET REVIEW — Despite renewed congressional interest in passing
major cybersecurity legislation in 2021, companies either went big or went home
when it came to lobbying spending. According to an MC analysis of quarterly
lobbying disclosures, including fourth quarter disclosures released last week,
at least two companies nearly doubled their budgets in 2021, and eight others
either made modest spending cuts or kept their budget flat.

— Big spenders: FireEye increased its annual lobbying spending 71 percent in
2021. Last year, FireEye spent $274,000 last year, compared to the $160,000 it
spent in 2020. The company was also navigating the sale of part of its business
to McAfee Enterprise for most of the year. A spokesperson for Mandiant, which
was a part of FireEye before the sale, attributed the increase to lobbying
efforts surrounding mandatory cyber incident reporting legislation.

Palo Alto Networks more than doubled its lobbying budget in the last year: In
2021, the company spent $708,000, compared with $334,000 in 2020. Most of that
additional money went to Palo Alto Networks’ in-house lobbyists and $260,000 of
it was spent in the last three months of 2021 to lobby on cyber issues in the
National Defense Authorization Act and on mandatory incident reporting
legislation. A spokesperson for Palo Alto Networks didn’t respond to a request
for comment.

Zscaler spent $20,000 more in the fourth quarter on lobbying to influence cyber
issues in the Democrats’ social spending package and last year’s NDAA, as well
as updates to FISMA and FedRAMP. That $20,000 increase brought its annual totals
from $110,000 in 2020 to $130,000 in 2021.

— Budget cuts: Another four companies instead made lobbying budget cuts:
Tenable, Iron Mountain, McAfee and ForeScout.

While Tenable spent more in the second half of the year than it did during the
same period in 2020, its annual 2021 budget was $40,000 less than in 2020. In
all, Tenable spent $1 million lobbying Congress and other Washington offices on
cybersecurity issues, including on incident reporting and legislation targeting
state and local cyber issues, last year.

Iron Mountain cut its lobbying spending by $75,000 in 2021, spending $1.4
million in the last year compared to $1.5 million the year before. Most
recently, the company focused on consumer data breach notification legislation
and other data security bills.

McAfee’s lobbying budget decreased $80,000 as it finalized its purchase of
FireEye from Mandiant during much of the year. Most of its focus had been on
cybersecurity provisions in the NDAA, changes to federal IT rules and
legislation targeting consumer data breach notification.

ForeScout Technologies cut its lobbying budget by $120,000, from $480,000 in
2020 to $360,000 in 2021. Its focus has been on the Pentagon and Department of
Homeland Security’s appropriations.

— Status quo: Four cybersecurity firms — Rapid7, Akamai Technologies, Cloudflare
and CrowdStrike — didn’t change their annual lobbying budgets at all, even as
lawmakers came closer than ever to passing mandatory incident reporting and
updates to agencies’ cybersecurity rules. For example, Cloudflare consistently
spent $40,000 in each quarter throughout both 2021 and 2020.


EVOLVING MALWARE THREATS — The malware wiper found on some of the Ukrainian
government’s systems earlier this month has more “components designed to inflict
additional damage” than the NotPetya wiper that targeted Ukraine in 2017,
according to researchers at Cisco Talos Intelligence Group. Ina report Friday,
the researchers said the most recent wiper, known as WhisperGate, is similar to
NotPetya because they both masquerade as ransomware that wipes the system rather
than encrypting the data and holding it for ransom. However, WhisperGate was
likely sitting on the victim’s network “for months before the attack,”
researchers said.



PEOPLE ON THE MOVE

— Peiter Zatko, Twitter’s head of security who goes by the hacker name “Mudge,”
has left the company. Rinki Sethi, Twitter’s chief information security officer,
is leaving in the next few weeks.



TWEET OF THE DAY

Some perspective on choosing security tech from J Wolfgang Goerlich, Cisco’s
advisory CISO: “Most of us learn to drive with a starter car. Maybe it's a
hand-me-down. Maybe it's all we can afford. But if anything happens, we're only
out a few thousand dollars. Once we master the road, we get a decent car. Skills
first, investment second. Same goes for security tooling.”



QUICK BYTES

— Russian state media is reporting that the country has detained four members of
the international cybercrime ring, the Infraud Organization. (Bloomberg)

— CISA added 17 vulnerabilities last week to the list of flaws agencies must
patch immediately. (Bleeping Computer)

— American Airlines is accusing travel website The Points Guy travel of
violating the Computer Fraud and Abuse Act, an anti-hacking law, because its app
syncs the airline’s frequent flyer information. (The Verge)

— Richard Grabowski, the acting program director for CISA’s Continuous
Diagnostics and Mitigation Program, discusses how the agency is adapting the
program to increase the visibility into the federal government’s security
threats. (FedScoop)

— Opinion: “The Russia Sanctions That Could Actually Stop Putin” (POLITICO)


FOR YOUR CALENDAR (Send your events to: cybercalendar@politicopro.com)

Monday

10 a.m. — Cyber Threat Alliance’s webinar about fostering collaboration in the
cybersecurity industry.

Tuesday

11 a.m. — Chris Painter, former cyber issues coordinator at State, and former
Energy Secretary Ernest Moniz participate in the Nuclear Threat Initiatives’
virtual seminar about avoiding cyber escalation.

2 p.m. — Presidio Federal and Cisco’s virtual discussion about the future of
collaborative technology.

2 p.m. — House Majority Leader Steny Hoyer and Michigan Secretary of State
Jocelyn Benson participate in the Center for Tech and Civic Life and CQ Roll
Call’s event about cyber funding for elections.

Wednesday

8:30 a.m. — Federal Computer Week’s virtual workshop about cloud security,
featuring officials from the Commerce Department, National Science Foundation,
State Department and Red Hat.

10 a.m. — The German Marshall Fund’s virtual discussion about security
resilience in Ukraine, including cybersecurity protections.

2 p.m. — The Information Technology Industry Council’s virtual discussion about
cyber planning for state and local governments.

5:30 p.m. — The Bipartisan Policy Center’s virtual discussion about technology
and national security issues.

Thursday

No events scheduled.

Friday

No events scheduled.

Chat soon.

Stay in touch with the whole team: Eric Geller (egeller@politico.com); Bob King
(bking@politico.com); Maggie Miller (mmiller@politico.com); Sam Sabin
(ssabin@politico.com); and Heidi Vogt (hvogt@politico.com).

A message from ManTech:

At ManTech, offense-informed defense is how we tackle the toughest cyber
threats. We discover vulnerabilities, reverse-engineer malware, develop tools,
exploit media and hardware, conduct advanced forensics, and support specialized
missions at scale.

Cybersecurity is integrated into everything we do, from securing our nation’s
most sensitive intelligence and protecting the homeland, to defending our troops
and securing our personal information. Decades of critical mission support, R&D
and cutting-edge innovation provide the foundation of our work. Our breadth and
depth in offensive and defensive cyber are unparalleled, resulting in
capabilities that protect sensitive intelligence, infrastructure, weapons
systems, and people. ManTech’s full-spectrum cyber operations help secure our
nation and protect our citizens today and every day. To learn more, visit
https://www.mantech.com/federal-cyber.

« View Archives

 * About Us
 * Advertising
 * Breaking News Alerts
 * Careers
 * Credit Card Payments
 * Digital Edition
 * FAQ
 * Feedback
 * Headlines
 * Photos
 * POWERJobs
 * Press
 * Print Subscriptions
 * Write For Us
 * RSS
 * Site Map

 * Terms of Service
 * Privacy Policy
 * Do not sell my info
 * Notice to California Residents

© 2022 POLITICO LLC




ABOUT YOUR PRIVACY




YOUR PRIVACY

YOUR PRIVACY

We process your data to deliver content or advertisements and measure the
delivery of such content or advertisements to extract insights about our
website. We share this information with our partners on the basis of consent and
legitimate interest. You may exercise your right to consent or object to a
legitimate interest, based on a specific purpose below or at a partner level in
the link under each purpose. These choices will be signaled to our vendors
participating in the Transparency and Consent Framework.
More information

List of IAB Vendors‎


 * STRICTLY NECESSARY COOKIES
   
   STRICTLY NECESSARY COOKIES
   
   Always Active
   Strictly Necessary Cookies
   
   These cookies are necessary for the website to function and cannot be
   switched off in our systems. They are usually only set in response to actions
   made by you which amount to a request for services, such as setting your
   privacy preferences, logging in or filling in forms. You can set your browser
   to block or alert you about these cookies, but some parts of the site will
   not then work. These cookies do not store any personally identifiable
   information.
   
   Cookies Details‎


 * PERFORMANCE COOKIES
   
   PERFORMANCE COOKIES
   
   Performance Cookies
   
   These cookies allow us to count visits and traffic sources so we can measure
   and improve the performance of our site. They help us to know which pages are
   the most and least popular and see how visitors move around the site. All
   information these cookies collect is aggregated and therefore anonymous. If
   you do not allow these cookies we will not know when you have visited our
   site, and will not be able to monitor its performance.
   
   Cookies Details‎


 * FUNCTIONAL COOKIES
   
   FUNCTIONAL COOKIES
   
   Functional Cookies
   
   These cookies enable the website to provide enhanced functionality and
   personalisation. They may be set by us or by third party providers whose
   services we have added to our pages. If you do not allow these cookies then
   some or all of these services may not function properly.
   
   Cookies Details‎


 * TARGETING COOKIES
   
   TARGETING COOKIES
   
   Targeting Cookies
   
   These cookies may be set through our site by our advertising partners. They
   may be used by those companies to build a profile of your interests and show
   you relevant adverts on other sites. They do not store directly personal
   information, but are based on uniquely identifying your browser and internet
   device. If you do not allow these cookies, you will experience less targeted
   advertising.
   
   Cookies Details‎


 * GOOGLE
   
   GOOGLE
   
   Google
   
   Allowing third-party ad tracking and third-party ad serving through Google
   and other vendors to occur. Please see more information on Google Ads here.
   
    * STORE AND/OR ACCESS INFORMATION ON A DEVICE
      
      Targeting Cookies
      
      Cookies, device identifiers, or other information can be stored or
      accessed on your device for the purposes presented to you.
   
    * SELECT PERSONALISED ADS
      
      Targeting Cookies
      
      Personalised ads can be shown to you based on a profile about you.
      
      Object to Legitimate Interests Remove Objection
   
    * SELECT BASIC ADS
      
      Targeting Cookies
      
      Ads can be shown to you based on the content you’re viewing, the app
      you’re using, your approximate location, or your device type.
      
      Object to Legitimate Interests Remove Objection
   
    * MEASURE AD PERFORMANCE
      
      Targeting Cookies
      
      The performance and effectiveness of ads that you see or interact with can
      be measured.
      
      Object to Legitimate Interests Remove Objection
   
    * APPLY MARKET RESEARCH TO GENERATE AUDIENCE INSIGHTS
      
      Targeting Cookies
      
      Market research can be used to learn more about the audiences who visit
      sites/apps and view ads.
      
      Object to Legitimate Interests Remove Objection
   
    * DEVELOP AND IMPROVE PRODUCTS
      
      Targeting Cookies
      
      Your data can be used to improve existing systems and software, and to
      develop new products
      
      Object to Legitimate Interests Remove Objection
   
    * CREATE A PERSONALISED ADS PROFILE
      
      Targeting Cookies
      
      A profile can be built about you and your interests to show you
      personalised ads that are relevant to you.
      
      Object to Legitimate Interests Remove Objection
   
   List of IAB Vendors‎ | View Full Legal Text Opens in a new Tab

Back Button


ADVERTISING COOKIES

Filter Button
Consent Leg.Interest
Select All Vendors
Select All Vendors
Select All Hosts

Select All

 * REPLACE-WITH-DYANMIC-HOST-ID
   
   
   
   View Third Party Cookies
   
    * Name
      cookie name



Clear Filters

Information storage and access
Apply
Confirm My Choices Allow All



WE CARE ABOUT YOUR PRIVACY

We and our partners store and/or access information on a device, such as unique
IDs in cookies to process personal data. You may accept or manage your choices
by clicking below, including your right to object where legitimate interest is
used, or at any time in the privacy policy page. These choices will be signaled
to our partners and will not affect browsing data.


WE AND OUR PARTNERS PROCESS DATA TO PROVIDE:

Store and/or access information on a device. Select personalised ads. Select
basic ads. Measure ad performance. Apply market research to generate audience
insights. Develop and improve products. Create a personalised ads profile. List
of Partners (vendors)

I Accept
Show Purposes