SECURE NETWORKS, COMPLIANT TECH MAY NOT BE ENOUGH TO PREVENT FED SNOOPING OF YOUR IT INFRASTRUCTURE
Federal investigators may need new authorities to probe cybersecurity breaches in sensitive non-government networks, according to a recently-released unclassified report from the Senate Intelligence Committee and originally reported on FCW.com. Though the report dealt primarily with security issues in elections, recommended remedies may not be restricted to entities in that field. The report, for example, calls for the FBI’s Cyber Division to develop policies to “pressure” victims of hacking to cooperate with federal investigators. While the most severe consequences, the potential use of compulsory cooperation, are reserved for election-related breaches, that distinction by no means excludes government contractors or others whose sensitive data systems may have been hacked from being “encouraged” to cooperate with the FBI under other circumstances. Cooperation would extend, also, to third-party companies hired by hacked entities to conduct incident response. Contractors should pay close attention to this report, just one in a series of Senate Intelligence Committee reports where recommendations may find their way into legislation. While companies involved in elections may be initial targets, they are likely not the only ones that could ultimately be covered. Securing your network, purging covered equipment, and reporting breaches all place different kinds of costs on contractor operations. Understanding those costs are critical to successfully navigating the waters of the federal market.