Topic: Cybersecurity Act

The State Department Inspector General released a report titled "Evaluation of Email Records Management and Cybersecurity Requirements." The document details how Hillary Clinton violated department policies by using a private server and failing to seek authorization. The report highlights a 2010 exchange where Clinton expressed a desire to keep personal emails inaccessible, contradicting her claims of transparency.

The Senate passed the Cyber Information Sharing Act (CISA), which mandates that internet service providers and tech companies share "cyber threat indicators" with the federal government. The hosts examine the broad definitions in the bill, noting that common activities like pinging servers or using VPNs could be flagged as "malicious reconnaissance."

Department of Homeland Security Secretary Jeh Johnson faced criticism for using a personal Gmail account at work despite a push for an $8 billion cybersecurity bill. Johnson admitted to receiving a waiver from his Chief Information Officer to access personal email on his government desktop. The hosts mock his defense that he will now simply use his iPhone to check Gmail, noting the inherent security risks.

The signing of the USA Freedom Act coincided with a series of high-profile security incidents, including bomb threats against aircraft and the OPM data breach attributed to China. Shortly after President Obama called for stronger cybersecurity laws, the Syrian Electronic Army claimed responsibility for hacking the U.S. Army website. These events are characterized as a pattern of using "phony" attacks to push legislation through Congress.

FireEye became the first cybersecurity firm to receive the Safety Act certification from the Department of Homeland Security. This certification provides the company and its clients with legal immunity regarding data shared with the government, positioning FireEye as a central intermediary in public-private data exchange.

The National Cybersecurity and Critical Infrastructure Protection Act of 2014 mandates information sharing between the government and private sectors, including chemical, energy, and financial services. Section 205 of the act ostensibly prohibits the collection of data for the purpose of "tracking" individuals' personally identifiable information. However, analysts suggest the language is "nefarious," potentially allowing for monitoring and exfiltration as long as it is not explicitly defined as tracking.

The Cybersecurity Act fails to pass the Senate again, leading to predictions of an upcoming executive order. The hosts argue the bill was primarily about protecting corporate copyrights rather than national security. They mention the existence of a classified Presidential Policy Directive (PPD-20) regarding cyber warfare.

Senators Mark Udall and Chuck Grassley debate the Cybersecurity Act of 2012, with Udall comparing the threat to a "cyber 9/11." Grassley criticizes the lack of transparency, noting the bill was introduced and rushed to the floor without committee debate or public access to the text. The legislation is being handled through "huddled backroom meetings" despite promises of government transparency.

Senator Joe Lieberman and other national security leaders are advocating for the Cybersecurity Act of 2012, using the term "Cyber 9-11" to describe an impending threat. A letter signed by Leon Panetta and James Clapper warns that the window to pass necessary legislation is closing. Critics argue the bill encourages invasive data sharing between private corporations and the government.

HR 2096, the Cybersecurity Enhancement Act of 2012, aims to build a federal cybersecurity workforce through university grants and scholarships. The bill also mandates a comprehensive strategy for the adoption of cloud computing by the federal government. Concerns are raised that this creates a "cyber army" of government-funded researchers and facilitates a "straight pipe" for the NSA into private cloud services.

The Cybersecurity Act of 2012, introduced by Senator Joe Lieberman, proposes giving the Department of Homeland Security (DHS) oversight of critical infrastructure. The bill includes provisions for national "hacking competitions" to recruit talent from high schools and colleges. The hosts suggest these competitions may serve as "honeypots" to identify and monitor skilled hackers.

The U.S. Senate is considering the Cybersecurity Act, which includes language granting the President the authority to declare a "cybersecurity emergency" and potentially trigger an internet "kill switch." The hosts speculate that companies like Cisco may have built-in mechanisms to facilitate such a shutdown.

Senators Jay Rockefeller and Olympia Snowe have introduced the Cybersecurity Act of 2009, which critics claim grants the President an "internet kill switch." The bill would allow the Secretary of Commerce access to critical network data regardless of existing privacy laws. The hosts call for voters in Maine to remove Senator Snowe from office in response to the legislation.