Pentagon Might Share US Data with Foreign Militaries

ss.jpg

 

As Ashton Carter unveiled the Pentagon’s new Cyber Strategy recently he underscored its importance by revealing that DOD networks had been infiltrated by actors within Russia. The defense secretary did not emphasize a provision of the strategy that could send private data about US citizens and companies to foreign militaries.
The new strategy indirectly, but unequivocally, ties into information-sharing legislation that’s slowly making its way to the President’s desk. Among the various bills moving around Capitol Hill, the most important is the Cyber Information Sharing Act. Among other things, CISA would protect companies from being sued for sending data about their users to DHS, which would be permitted to send it in real time to DOD and other US agencies and outfits. In turn, DOD’s new strategy claims the right to share cyber threat data beyond the United States. Presumably, that would include information obtained via CISA.
In particular, the new strategy pledges DOD cyber assistance, including information sharing, to allies in the Middle East. “As a part of its cyber dialogue and partnerships, DOD will work with key Middle Eastern allies and partners to improve their ability to secure their military networks as well as the critical infrastructure and key resources upon which U.S. interests depend. Key initiatives include improved information sharing to establish a unified understanding of the cyber threat, an assessment of our mutual cyber defense posture, and collaborative approaches to building cyber expertise.”
Robyn Greene, who serves as policy counsel for the Open Technology Institute at the New America Foundation, argued that the bills would allow companies to collect and share a lot more information about the people that they interact with online. Moreover, there would be few limits on how the U.S. government could use that information. It could, for example, be used to investigate or prosecute crimes that have nothing to do with stopping hacks.
This authorization, it has been argued, would not just seriously undermine Americans’ Fourth Amendment rights, which would otherwise require the government to obtain a warrant based on probable cause to access much of that same information, it would create an expansive new means of general-purpose government surveillance. 
Others say that better sharing of certain kinds of information would help predict cyber threats without particularly imperiling privacy or constitutional rights.
Defense One: http://bit.ly/1Rk6qUk

 

« Top Security Tools to Fight Against Cybercrime
Cybersecurity: Don’t Bank On It With 3rd Parties »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

Arthur J Gallagher & Co

Arthur J Gallagher & Co

Arthur J. Gallagher & Co. is a global insurance brokerage and risk management services firm. Services include Cyber Liability insurance.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

Cyber Security Expo

Cyber Security Expo

Cyber Security EXPO is a unique one day recruitment event for the cyber security industry.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

SlashNext

SlashNext

The SlashNext Internet Access Protection System (IAPS) provides Zero-Day protection against all internet access threats including Social Engineering & Phishing, Malware, Exploits and Callback Attacks.

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

Saudi Federation for Cyber Security and Programming (SAFCSP)

Saudi Federation for Cyber Security and Programming (SAFCSP)

SAFCSP is a national institution under the umbrella of the Saudi Arabian Olympic Committee, which seeks to build national and professional capabilities in the fields of cyber security and programming.

Seekurity

Seekurity

Seekurity is an information security consulting firm specialized in all areas of Cyber Security including Penetration Testing, Vulnerability Assessments and Risk Management.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

Southwest Research Institute (SwRI)

Southwest Research Institute (SwRI)

Southwest Research Institute SwRI are R&D problem solvers providing independent services to government and industry clients. Areas of expertise include Cybersecurity, Intelligent Networks and IoT.

L3Harris Technologies

L3Harris Technologies

L3Harris Technologies is a global aerospace and defense technology innovator, delivering solutions to meet mission-critical needs across air, land, sea, space and cyber domains.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.