HUMAN UTILITIES WHOLE ARMOUR ®

"My people are destroyed for lack of knowledge...." Hosea 4:6-7


hgn@hgn.news

 
 
Home
HU DIS
IntraHuman
HGN News America
HGN International
HGN Financial
HGN SouthWest

NEW ORLEANS
HU SHOPPING
HGN White House
HGN U.S. CONGRESS
HGN Alerts

HGN Editorial
HGN Recalls/Safety
HU Shalom 2
HU Shalom Medical
HGN WEATHER
HGN Nat'l Hazard
HGN Hurricane
HGN Marine Flood Data
HGN Nat'l Radar
HGN Voyage
HGN Time Zone
HGN Auto
HU Gulf
HU Canon
NEWS ARCHIVES
RELATED LINKS
Rights/Privacy/Refunds
CONTACT
Foundation Page
HGN NEWS® ©2024 All Rights Reserved

THE WHITE HOUSE

 

How To Sign Up for the Affordable Connectivity Program

Step 1: Claim Your Affordable Connectivity Program Benefit. 

Step 2: Contact a participating internet service provider to choose an internet plan. 

  • Once your application is approved, contact a participating internet service provider to choose a plan and apply your benefit to that plan.
  • More information on how to apply can be found at https://acpbenefit.org/how-to-apply/ or by calling (877) 384-2575.

Participating Service Providers

These internet service providers offer a high-speed internet plan for $30 per month or less. If you apply your ACP benefit to one of these plans, you will have no out-of-pocket cost for internet.

*OFFER AVAILABLE ONLY TO NEW SUBSCRIBERS.  

You can also choose to apply your ACP benefit to a different provider. There are over 1,300 providers that accept the ACP benefit. To find one near you, visit https://acpbenefit.org/companies-near-me/.

 

 

 

FOR IMMEDIATE RELEASE
July 20, 2021
 
 

President Biden Announces Jonathan Kanter for Assistant Attorney General for Antitrust

 
WASHINGTON – Today, President Joe Biden announced his intent to nominate Jonathan Kanter for Assistant Attorney General for the Antitrust Division at the Department of Justice.
 
Jonathan Kanter, Nominee for Assistant Attorney General, Antitrust Division, Department of Justice
Jonathan Kanter is a distinguished antitrust lawyer with over 20 years of experience. Throughout his career, Kanter has also been a leading advocate and expert in the effort to promote strong and meaningful antitrust enforcement and competition policy. He is currently a partner at The Kanter Law Group LLP, which is a boutique antitrust law firm that advocates in favor of federal and state antitrust law enforcement.  
 
Prior to founding The Kanter Law Group, Kanter was Co-Chair of the antitrust practice at Paul, Weiss, Rifkind, Wharton, and Garrison LLP. Jonathan also served as an attorney for the U.S. Federal Trade Commission’s Bureau of Competition.  Kanter earned his J.D. from Washington University in St. Louis and his B.A. from State University of New York at Albany.
 

###

 

By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.), and section 301 of title 3, United States Code,

I, JOSEPH R. BIDEN JR., President of the United States of America, find that it is appropriate to elaborate upon measures to address the national emergency with respect to the information and communications technology and services supply chain that was declared in Executive Order 13873 of May 15, 2019 (Securing the Information and Communications Technology and Services Supply Chain).  Specifically, the increased use in the United States of certain connected software applications designed, developed, manufactured, or supplied by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary, which the Secretary of Commerce acting pursuant to Executive Order 13873 has defined to include the People’s Republic of China, among others, continues to threaten the national security, foreign policy, and economy of the United States.  The Federal Government should evaluate these threats through rigorous, evidence-based analysis and should address any unacceptable or undue risks consistent with overall national security, foreign policy, and economic objectives, including the preservation and demonstration of America’s core values and fundamental freedoms.

By operating on United States information and communications technology devices, including personal electronic devices such as smartphones, tablets, and computers, connected software applications can access and capture vast swaths of information from users, including United States persons’ personal information and proprietary business information.  This data collection threatens to provide foreign adversaries with access to that information.  Foreign adversary access to large repositories of United States persons’ data also presents a significant risk. 

In evaluating the risks of a connected software application, several factors should be considered.  Consistent with the criteria established in Executive Order 13873, and in addition to the criteria set forth in implementing regulations, potential indicators of risk relating to connected software applications include:  ownership, control, or management by persons that support a foreign adversary’s military, intelligence, or proliferation activities; use of the connected software application to conduct surveillance that enables espionage, including through a foreign adversary’s access to sensitive or confidential government or business information, or sensitive personal data; ownership, control, or management of connected software applications by persons subject to coercion or cooption by a foreign adversary; ownership, control, or management of connected software applications by persons involved in malicious cyber activities; a lack of thorough and reliable third-party auditing of connected software applications; the scope and sensitivity of the data collected; the number and sensitivity of the users of the connected software application; and the extent to which identified risks have been or can be addressed by independently verifiable measures.

The ongoing emergency declared in Executive Order 13873 arises from a variety of factors, including the continuing effort of foreign adversaries to steal or otherwise obtain United States persons’ data.  That continuing effort by foreign adversaries constitutes an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.  To address this threat, the United States must act to protect against the risks associated with connected software applications that are designed, developed, manufactured, or supplied by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary.

Additionally, the United States seeks to promote accountability for persons who engage in serious human rights abuse. If persons who own, control, or manage connected software applications engage in serious human rights abuse or otherwise facilitate such abuse, the United States may impose consequences on those persons in action separate from this order. 

Accordingly, it is hereby ordered that:

Section 1.  Revocation of Presidential Actions.  The following orders are revoked:  Executive Order 13942 of August 6, 2020 (Addressing the Threat Posed by TikTok, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain); Executive Order 13943 of August 6, 2020 (Addressing the Threat Posed by WeChat, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain); and Executive Order 13971 of January 5, 2021 (Addressing the Threat Posed by Applications and Other Software Developed or Controlled by Chinese Companies).

Sec. 2.  Implementation.  (a)  The Director of the Office of Management and Budget and the heads of executive departments and agencies (agencies) shall promptly take steps to rescind any orders, rules, regulations, guidelines, or policies, or portions thereof, implementing or enforcing Executive Orders 13942, 13943, or 13971, as appropriate and consistent with applicable law, including the Administrative Procedure Act, 5 U.S.C. 551 et seq.  In addition, any personnel positions, committees, task forces, or other entities established pursuant to Executive Orders 13942, 13943, or 13971 shall be abolished, as appropriate and consistent with applicable law.
     (b)  Not later than 120 days after the date of this order, the Secretary of Commerce, in consultation with the Secretary of State, the Secretary of Defense, the Attorney General, the Secretary of Health and Human Services, the Secretary of Homeland Security, the Director of National Intelligence, and the heads of other agencies as the Secretary of Commerce deems appropriate, shall provide a report to the Assistant to the President and National Security Advisor with recommendations to protect against harm from the unrestricted sale of, transfer of, or access to United States persons’ sensitive data, including personally identifiable information, personal health information, and genetic information, and harm from access to large data repositories by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary.  Not later than 60 days after the date of this order, the Director of National Intelligence shall provide threat assessments, and the Secretary of Homeland Security shall provide vulnerability assessments, to the Secretary of Commerce to support development of the report required by this subsection.
     (c)  Not later than 180 days after the date of this order, the Secretary of Commerce, in consultation with the Secretary of State, the Secretary of Defense, the Attorney General, the Secretary of Homeland Security, the Director of the Office of Management and Budget, and the heads of other agencies as the Secretary of Commerce deems appropriate, shall provide a report to the Assistant to the President and National Security Advisor recommending additional executive and legislative actions to address the risk associated with connected software applications that are designed, developed, manufactured, or supplied by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary.  
     (d)  The Secretary of Commerce shall evaluate on a continuing basis transactions involving connected software applications that may pose an undue risk of sabotage or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States; pose an undue risk of catastrophic effects on the security or resiliency of the critical infrastructure or digital economy of the United States; or otherwise pose an unacceptable risk to the national security of the United States or the security and safety of United States persons.  Based on the evaluation, the Secretary of Commerce shall take appropriate action in accordance with Executive Order 13873 and its implementing regulations.

Sec. 3.  Definitions.  For purposes of this order:
     (a)  the term “connected software application” means software, a software program, or a group of software programs, that is designed to be used on an end-point computing device and includes as an integral functionality, the ability to collect, process, or transmit data via the Internet;
     (b)  the term “foreign adversary” means any foreign government or foreign non-government person engaged in a long-term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons;
     (c)  the term “information and communications technology or services” means any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display;
     (d)  the term “person” means an individual or entity; and
     (e)  the term “United States person” means any United States citizen, lawful permanent resident, entity organized under the laws of the United States or any jurisdiction within the United States (including foreign branches), or any person in the United States.

Sec. 4.  General Provisions.  (a)  Nothing in this order shall be construed to impair or otherwise affect:
          (i)   the authority granted by law to an executive department or agency, or the head thereof; or
          (ii)  the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.
     (b)  This order shall be implemented consistent with applicable law and subject to the availability of appropriations.
     (c)  This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

                             JOSEPH R. BIDEN JR.  


THE WHITE HOUSE,
    June 9, 2021.

 

05/03/2021 05:40 PM EDT

Antony J. Blinken, Secretary of State

Today, the President affirmed the United States’ commitment to humanitarian values by issuing an Emergency Presidential Determination on Refugee Admissions that raises the refugee admissions ceiling to 62,500 for Fiscal Year 2021.  Together with the April 16 Emergency Presidential Determination that made U.S. resettlement available to more refugees from all regions of the world based on vulnerability, this Emergency Presidential Determination reflects the urgent, global nature of the refugee crisis and the part the United States will play by permitting more eligible refugees to be admitted to the United States.

In my consultations with Members of Congress, I underscored the President’s commitment to welcoming refugees and ensuring that the U.S. Refugee Admissions Program resettles those most in need of protection, in line with our long tradition of offering hope and safe haven to persons fleeing persecution, without discrimination.  We have already started rebuilding the infrastructure of the program and will continue our close partnership with domestic resettlement partners while launching new, innovative initiatives like community and private sponsorship.

A robust refugee admissions program is not only critical to U.S. foreign policy interests and national security objectives, it is a reflection of core American values.  As part of addressing the broader migration crises around the world, our refugee admissions program must be restored so that those fleeing persecution can enter the United States.  The United States can and will protect its national security, including by ensuring the integrity of the U.S. Refugee Admissions Program, while championing the principle that our country benefits from welcoming refugees and celebrating their tremendous contributions.  The United States continues to be a global leader in supporting refugees.  In Fiscal Year 2020 alone, we provided more than $10.5 billion in humanitarian assistance, including assistance for refugees.  It is in our DNA as a nation to open our door to those seeking refuge, and it remains in our national interest to treat individuals applying for these programs fairly and with dignity and respect.


 

This notification is provided consistent with Section 1264(b) of the National Defense Authorization Act (NDAA) for Fiscal Year 2018, as amended (50 U.S.C. § 1549).1 It provides notice of a change in the legal and policy frameworks since the last annual “Report on the Legal and Policy Frameworks Guiding the United States’ Use of Military Force and Related National Security Operations,” which President Trump submitted to the appropriate congressional committees on October 16, 2020.2

On January 20, 2021, as clarified on February 19, 2021, the President established new interim guidance concerning the United States’ use of military force and related national security operations. The justification for the issuance of the interim guidance is to ensure the President has full visibility on proposed significant actions in these areas while the Assistant to the President for National Security Affairs coordinates interagency reviews of the extant authorizations and delegations of Presidential authority with respect to these matters.

1 Section 1264, National Defense Authorization Act for Fiscal Year 2018, Pub L. No. 115-91 (2017), as amended by Section 1261, National Defense Authorization Act for Fiscal Year 2020, Pub. L. No. 116-92 (2019).

2 Report on the Legal and Policy Frameworks Guiding the United States’ Use of Military Force and Related

National Security Operations, October 16, 2020. See Text of a Letter from the President to Certain Congressional Committees, October 16, 2020, available at https://www.trumpwhitehouse.gov/briefings-statements/text-letter­president-certain-congressional-committees/.

 

SENIOR ADMINISTRATION OFFICIAL:  Thank you, everyone, for joining us this afternoon.  This call is going to be on background, attributed to a “senior administration official.”  And the contents of this call will be embargoed until its conclusion.

With that, I’m happy to turn this over to our speaker, [senior administration official].  Over to you.

SENIOR ADMINISTRATION OFFICIAL:  Thank you so much.  Good afternoon, everyone.  It’s good to have the opportunity soon to hear your questions and engage with you.

I want to talk with you about two incidents today: an update on SolarWinds and some information on the Microsoft Exchange hack.  And I’ll use the same format that we use as we look at cyber incidents.  First, what happened?  Why did it happen?  And what are we doing about it?

I’ll start with a quick update on SolarWinds.  You know what happened and you know why it happened. I’ll give an update on what we’re doing about it.

As we talked about then, three parts.  First, finding and expelling the adversary.  We’re in week three of a four-week remediation across the federal government.  The compromised agencies all were tasked to do a particular set of activities and then were tasked to have an independent review of their work to ensure that we felt confident the adversary had been eradicated.

Most of the agencies have completed that independent review. For those who have not yet, they will complete it by the end of March.

We’ve had regular Deputies meetings here at the White House on this topic — deputy heads of agencies, particularly the nine compromised agencies — and we’ve discussed the methodology throughout.  In fact, we standardized the methodology for incident response based upon this.  And we also made a decision on the key pieces of part two, which is “Building Back Better to Modernize Federal Defenses.”

As we talked about during a press event a number of weeks ago, we cannot defend a network if we can’t see a network.  And in our review of what caused SolarWinds, we saw significant gaps in modernization and in technology of cybersecurity across the federal government.

So we will be rolling out technology to address the specific gaps we identified, beginning with the nine compromised agencies.  We want to make the federal government a leader, not a laggard, in cybersecurity.  And we know we need to be able to defend against the adversaries who pursue the nation’s diplomatic, law enforcement, and health efforts.

Those will be rolled out in the near term, beginning, as I said, with the nine compromised agencies and then more broadly across the federal government to ensure we have the visibility we need to have trust in our networks, that we can protect the important work the federal government does on behalf of the American people.

We also learned key lessons regarding visibility and market.  Today, the cost of insecure technology is borne at the end: by incidence response and cleanup.  And we really believe it will cost us a lot less if we build it right at the outset.

And I give two exemplars to help characterize what we want to do here.  One is: Mayor Bloomberg, a number of years ago, when he wanted to address restaurant sanitation, he realized, you know, the health department kept rating restaurants, and it just wasn’t changing anything.  So he required restaurants to put a simple rating — A, B, C, D — in their front window to make a market — to make a market around health and sanitation.

And we’re looking to do a very similar thing with cyber and the cybersecurity of software companies we buy software from.  More to follow on that.

And then, similarly, Singapore has an interesting model where they provide cybersecurity standards for different Internet of Things devices, like baby monitors, so that moms who want to buy secure products have a really easy way to put their money on it.  And we don’t have that in the U.S. today; we don’t have that transparency so that people can make a market for cybersecurity.

There will be ideas coming in both of those in an executive action in the next couple of weeks — or in the next few weeks.

And then, finally, the third part of what we’re doing about it is responding to the perpetrators of the attack.  You can expect further announcements on that in weeks, not months.

I’ll move now to the Microsoft Exchange hack.  First, what happened?  Bad actors discovered four vulnerabilities on Microsoft Exchange servers that they exploited.  Microsoft has made a patch available the vulnerabilities, but those already infected, they’ll need to remediate in addition to patch.

As you all know, when any critical patch is released, criminal actors immediately begin to reverse-engineer it so they can exploit the underlying vulnerabilities.  We’re always in that race.  Once they do, they’ll able to copy the attack to deploy ransomware and other potential disruptive attacks on an unpatched server.  We really have a short window to get vulnerable servers patched, measured in hours, not days.

The impact and significance: First, the impact overall is both concerning regarding datasets and the concerns we talked about regarding ransomware.  The effort is still evolving, as you’ve seen.  We put — I’ll get to that in a moment.

So, first, how did this happen?  From a “them” and “us” perspective, “them”: Yes, they appear to be sophisticated and capable.  But they took advantages of weaknesses that were in that software from its creation.  As we talked about a moment ago, insecure software and hardware is a key challenge we face.

And then, on our end: First, lack of domestic visibility.  The U.S. government largely does not have visibility into U.S. infrastructure.  And many of these actors operate out of U.S. infrastructure.  And as we talked about, the “us” part of really needing to start prioritizing security in the way we build and buy software; we can do innovation and security.

I’ve seen certain reporting questions regarding how adversaries are enabled out of U.S. infrastructure, and I want to be clear: We believe the model for the U.S. government in addressing cybersecurity issues involves working closely with the private sector.  We’re not looking at additional authorities for any government agencies to do additional monitoring within the U.S. at this time.  We are focused on tightening the partnership between the U.S. government and the private sector, who does have visibility into the domestic industry and into private sector networks, to ensure we can rapidly share threat information and we can address the liability barriers and disincentives that disincentivize U.S. companies from both addressing some of these issues and rapidly sharing information when there are incidents.

Back to the key question of what are we doing about the Microsoft Exchange work?  We have been working incredibly hard across government and the private sector, across all elements of the U.S. government.

First, we’re leaning forward to alert Americans and convey the seriousness.  The National Security Advisor tweeted early and more than once, signaling how important this is.  I think this is the first-ever National Security Advisor to tweet on a cybersecurity incident.  And tweeting also that insecure software is a threat to national economic security.

Second, securing federal systems and expelling the adversary.  We’re leading this directly from the National Security Council.  We’ve stood up a Unified Coordination Group, and we’ve done something totally different this time.  Under the authority under which the Unified Coordination Group is stood up, it allows for private-sector participation.  For the first time, we’ve invited private-sector companies to participate in the Unified Coordination Group because we still believe that public-private partnership is foundational in cybersecurity, and we want to ensure we’re taking every opportunity to include key private sector participants early and directly in our remediation efforts.

I briefed the President earlier in the week.  He was very engaged on this topic.  He asked a lot of questions on this topic and made clear that he directed that we address cybersecurity vulnerabilities and that we take on this topic with seriousness of purpose.

Finally, we’re working very closely with Microsoft.  They’ve released a series of patches to make it easier for people to patch, including those out of support who are not up to date with previous patches.

They also developed and released a tool that customers can use to scan their system to determine if they’ve been compromised, and, if so, to eliminate it.  And they messaged repeatedly that everyone with Exchange Server needs to patch and then run the tool to see if they’re compromised.  And anyone having problems can call Microsoft customer support for assistance.  In addition, we’re actively discussing methods that can be used to more rapidly address the scope and scale of compromise.

And then, finally, as we’ve said, we’re working to really build back better to modernize defenses, thinking through rebooting the approach to software security, rebooting the approach to software security standards, and trying to get to a goal we have: that the level of trust we have in our systems is directly proportional to the visibility we have to their cybersecurity.  And the level of that visibility needs to match the consequences if those systems fail.

My ask from all of you is urging your readers to patch their systems, check if they haven’t already been compromised.  And we’ll have White House Press forward Microsoft links and additional information directly to you.

And then, finally, I’m just struck by the professionalism of so many of the CIOs and CISOs, and other more technical parts of the federal government I’ve had the privilege of speaking with over the last few weeks.  And I’m struck by the cooperative spirit of the private sector.  No kidding.  These have been some really busy weeks to our industry, and I want to compliment so many of these companies who’ve taken time to jump on calls with us over the weekend, jump on calls to share their insights, to think creatively of how we can do defense at scale, and really think about how we move to a place where the kind of incidents we’re talking about here, and the scope and scale of those incidents, become a thing of the past.

So with that, I’ll pause, and I’m really looking forward to your question.

SENIOR ADMINISTRATION OFFICIAL:  Thank you.  Operator, if you could please open the lines for questions and share instructions with our guests.

Q    Hi, thanks for doing the call.  I’m interested to hear more about the role of private sector in the UCG.  Can you talk a little bit about what changes needed to be made to the interagency process or to classification levels, or things like that, to allow private-sector participants in that process?

SENIOR ADMINISTRATION OFFICIAL:  Really great question.  First, the policy had always allowed for it, so this was a great opportunity to use to use the policy fully.  And cybersecurity really needs to be done unclassified.  So many — in cases in government sometimes we — because we have the option of classified comms, we did that.  We defaulted to change it to make these unclassified calls.  But we do that discussion and coordination.

And if we need to have a classified discussion, which we expect we regularly will, we have mechanisms where the private-sector participants can join us if that’s geographically convenient for them.

Q    Hey, thanks so much for doing this.  Good to — good to reconnect.  You mentioned — you mentioned, just a minute ago, that, you know, in both of these hacks, and that (inaudible) in general are operating on domestic infrastructure and that there is often a struggle just to have visibility there.

But you said that, you know, the model going forward, you — the administration believes is — is working closely with private-sector and (inaudible) authorities.  I was just hoping you could elaborate a little on that.  Is that due to privacy concerns or, you know, other reasons? Just given that there has been some discussion among lawmakers and then others about whether or not this is something that maybe — maybe should be looked at.  Thanks.

SENIOR ADMINISTRATION OFFICIAL:  Absolutely.  So I was speaking specifically really — thank you, [reporter name] for the question.  I was speaking specifically to new authorities regarding monitoring those domestic systems and saying we’re not looking at that at this time because we believe that, you know, the additional visibility into domestic incidents, into domestic compromises is really had by the private sector — really a small number of key companies who have broad visibilities: Internet service providers, cloud providers, some of the cybersecurity providers.  They really see the larger number of victims.

And what we’d like to do is figure out how we fix the barriers in information-sharing.  And I’ve sent — I have a team looking at that, and they’ve listed them, and they’ve done some really thoughtful work on them: how we fix those barriers that prevent the private sector who has this visibility, doing that effective back-and-forth sharing with the government.

And we think that would be an optimal first approach to really address — in order to get to where we need to, which is visibility into threats that come out of domestic infrastructure.

Did I get at your question,[reporter name]?  Because it was a very specific authorities change I was talking about.  And my point was to say, “Not yet, not now,” because we first want to fully address and try to fix the issues preventing effective information sharing that we believe can get at that issue, while still fully protecting the civil liberties and privacy of Americans.

Q    Absolutely.  That’s very helpful.  Thank you.

Q    Thanks.  I was wondering if you could give us a look forward in what you think the private sector could do (inaudible).  In the case of SolarWinds, it looks like some of the infrastructure (inaudible) servers that you can just rent out.  Amazon come to testify on the (inaudible) hearing the other day.  But tell us a little bit about what they could do (inaudible) and whether or not the reason that you are not going back (inaudible) fundamentally, the Biden administration believes the foreign intelligence services need to stay focused on foreign.

And maybe give us some insight as to why they didn’t see these being planned in foreign networks before they came to the U.S.

SENIOR ADMINISTRATION OFFICIAL:  Thank you, David.  So the connection is not great, but I think I heard the questions.  You’ll have to —

So, the first piece is the — in the waning days of the Trump administration, they issued an executive order focused on infrastructure, as a service, knowing your customer.  And it essentially requires cloud providers to do some more work to understand who are the entities creating virtual accounts, gaming virtual services.

That’s one of the key areas we’re looking at.  As you know, the Commerce Department is moving forward with that.  And it’s really to address this particular threat: adversaries operating on the U.S. infrastructure.

To the second part of your question of whether that represents the administration’s beliefs that foreign intelligence should focus on foreign — no, it doesn’t.  It instead represents a desire to address our cybersecurity issues while fully protecting the civil liberties and privacy of Americans.  So if we can find — and building a deeper partnership with the private sector, which is foundational to effective cybersecurity.

It really comes from saying our goals are: building a tight partnership with the private sector.  They have the information.  There’s less concerns of civil liberty and privacy when it’s private sector versus government, as we know from other discussions on social media privacy, for example.  And as such, let’s work to make this work.  Let’s do the hard work to really understand the legal barriers, the disincentives that would make this work.

And having now, you know, a team, as I said, dedicated who’s now spent a lot of time, across legal and policy and technical, finding what those issues are, as part of our review of SolarWinds and the causes — we had a four-week strategic review of that that’s coming to a close — coming out of that, there will be a set of thoughtful, we hope, policy and potential —

(The call experiences technical difficulties.)

Q    On the subject of building back better to modernize federal defenses, you said that the review has found significant gaps in modernization and technology across the federal government.  More and more agencies in recent years have moved to hosted services and cloud services.  Is there any — is there any consideration being given to moving federal agencies off of these off-the-shelf commercial platforms and possibly onto a built-from-the-ground system, maybe open-source based, that might be more difficult for malign actors to get a foothold in so easily?

SENIOR ADMINISTRATION OFFICIAL:  The federal government, as you know so well, is very large.  And what we want to do is move to best-of-breed commercial technology and take advantage of the innovation of our private sector.  I think we don’t even need to build something new from the ground up when we think that there is much stronger, innovative technology available that we can move to — including cloud, including security implemented in the cloud, zero-trust based principles, and other related areas.

So that’s our plan right now.  We’re on a tight timeline to move there, as I said, (inaudible) beginning with the compromised agencies, as well as addressing, in the upcoming executive action, some of the foundational areas that we think will help the federal government use procurement to be a leader in this space, and, really, in meeting in this space, address both private-sector and government challenges in finding, buying, and using innovative, usable, and secure software and hardware — and systems, to your point.

SENIOR ADMINISTRATION OFFICIAL:  All right, everyone.  That has to be our last question.  We have a hard stop.

Thank you all for joining us today.  With the conclusion of this call, the embargo was lifted and friendly reminder that we are on background, attributable to a “senior administration official.”

Thanks all for joining.

END

 

 

 

 



















"Human Utilities Whole Armour is DNA for your creative DNA."

In a World of Lack, Human Utilities Whole Armour is the World's Cornicopia.™

HUMAN UTILITIES WHOLE ARMOUR ®

"My people are destroyed for lack of knowledge...."  Hosea 4:6-7  
 © 1973-2024 ALL RIGHTS RESERVED

"In a World of Lack, Human Utilities Whole Armour is the World's Cornucopia"™

     

hgn@hgn.news