OVERNIGHT CYBERSECURITY: More cyber bills on the way

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–CYBER BILLS GALORE: House Homeland Security Committee Chairman Michael McCaul (R-Texas) this week will release a draft of a bill to make the Department of Homeland Security (DHS) the point agency on public-private cyber threat data sharing. The bill would give companies legal liability protections when sharing cybersecurity information with the DHS cyber hub. “DHS has some of the strongest privacy protection mechanisms in the federal government,” McCaul said Tuesday. “Such built-in privacy oversight is an important reason why DHS is the leading civilian interface for these exchanges.”

{mosads}–COEXIST WITH INTEL?: The Senate Intelligence Committee just passed its own cyber info-sharing bill and its House counterpart is expected to move on a similar bill in the coming weeks, McCaul said. The Senate bill encourages companies to go through the DHS, but also allows cyber data sharing directly with the National Security Agency (NSA). McCaul thinks the Intelligence panel’s efforts do not necessarily cancel out Homeland Security’s work. “We think DHS is a primary portal, a lead portal because of this civilian interface,” he said. “However, if a member company wants to go to NSA as a portal, we’re going to allow for that as well.” To read our full piece, click here.

–GOP BUDGET IGNORES CYBER: Cybersecurity received no mention in the House Republican budget released Tuesday, a stark contrast with President Obama’s spending proposal, which increased funding for cyber defenses by $14 billion. The House GOP seeks to balance the budget in nine years and cut $5.5 trillion in projected government spending over the next decade. It would also provide an additional $90 billion in war funding while keeping the 2011 spending limits in place. Some of the $90 billion could be used for cybersecurity activities, though it is technically earmarked for the overseas contingency operations fund, an account that has been used to finance the Iraq and Afghanistan wars. To read our full story, click here.

–HEALTH INSURER BREACHED: Healthcare insurer Premera Blue Cross has suffered a data breach that may have exposed the information of 11 million customers, the company revealed on Tuesday. It would be the second major breach in as many months in the healthcare industry. Anthem, the nation’s second largest insurer, was hit by a cyberattack last month that compromised 80 million customers’ sensitive data, including Social Security numbers. Similar information has been pilfered in the Premera Blue Cross hack, including names, dates of birth, Social Security numbers and bank account information. To read our full piece, click here.

UPDATE ON CYBER POLICY:

THERE’S A POTENTIAL APRIL GLUT of cyber bills on the horizon.

House Homeland Security Committee Chairman Michael McCaul (R-Texas) said Tuesday he intends to get his upcoming cyber data-sharing bill marked up in the coming weeks and onto the House floor in April. That could cause a collision with the Senate Intelligence Committee’s cyber data sharing bill, which is expected to get a Senate vote in April and head to the House shortly after if it passes.

Some lawmakers, like McCaul, believe the parallel efforts can pass separately. But many observers aren’t so sure. If the Senate Intelligence panel’s bill is felled by privacy concerns, Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-Wis.) has said he’s willing to combine forces and merge aspects the Intelligence bill with a Homeland Security bill. That could further complicate the House’s cyber legislative calculus.

LIGHTER CLICK:

JAMES FRANCO IS APPARENTLY still trying to get past the Sony hack, the topic people won’t stop asking him about. The 36-year-old actor is at the Sundance Film Festival this week promoting three other projects, but he’s having trouble avoiding questions about The Interview. “There was nothing for me to do,” he told one reporter. “I wasn’t making any decisions. Sony was making the decisions so I was just kind of sitting around and hoping the movie got out in some way or another.” To read more, click here. 

WHO’S IN THE SPOTLIGHT:

–LT. GEN. EDWARD CARDON, the Army’s top cyber commander, has become a leading proponent of the military’s cyber expansion and key voice in describing the challenges of that transition. Carson, who recently discussed the problem of retaining top cyber talent on Capitol Hill, took up his role Sept. 2013. He previously served as commanding general of the 2nd Infantry Division in South Korea and deputy commanding general for support for U.S. Forces-Iraq. Carson spoke about the Army Cyber Command in the first episode of a podcast by CSM Passcode and the New America Foundation. To listen to the interview, click here.

A LOOK AHEAD:

WEDNESDAY

–The House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade will discuss newly unveiled data breach legislation.
–The House Oversight Subcommittee on Information Technology will hold a hearing on cybersecurity threats to the private sector.
–The Atlantic Council will hold a panel discussion on the healthcare Internet of Things.

THURSDAY

–The House Intelligence Committee will hold a hearing on cyber threats.
–The Senate Armed Services Committee will hold a hearing on the fiscal year 2016 request for the U.S. Cyber Command. Commander and National Security Agency Director Adm. Mike Rogers will testify.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

What if the key to your house was shared with 28,000 other homes? That’s essentially what researchers discovered last week determining how many devices were still vulnerable to the “FREAK” security flaw. (IT World)

Researchers also discovered that roughly 2,000 popular apps on Google Play and the Apple App Store left users wide open to a “FREAK” attack. (Ars Technica)

Cybersecurity jobs are turning Washington’s revolving door. (Washington Post)

The NSA is mapping communications of top corporations worldwide, including two of Canada’s largest companies. (The Globe and Mail)

A new Facebook bug uses explicit photos to lure people into clicking on malicious links. (Infosecurity Magazine) 

Tesla Motors CEO Elon Musk predicted that drivers will become like elevator operators — obsolete. (DCInno)

Facebook is introducing friend-to-friend payments, raising some security concerns. (TechCrunch)

Microsoft is getting ready to kill Internet Explorer. (The Verge)

We’ll be working to stay on top of these and other stories throughout the week, so check The Hill’s cybersecurity page early and often for the latest. And send any comments, complaints or cyber news tips our way, via cbennett@digital-staging.thehill.com or eviebeck@digital-staging.thehill.com. And follow us at @cory_bennett and @eliseviebeck.

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A