In one look.

• Could US privacy and data protection law be US GDPR?
• The White House signs three cybersecurity bills.
• A US senator commissions Cybercom to report on election security.
• The US Navy sets its sights on cybersecurity.

Could US privacy and data protection law be US GDPR?

The United States has yet to enact a comprehensive privacy law at the federal level. In an attempt to remedy this, bipartisan House and Senate leaders released a discussion bill on June 3 titled the American Data Privacy and Protection Act (ADPPA), a far-reaching measure that is compared to the General Privacy Regulation. EU data protection. CSOs online Explain that the bill would cover all entities subject to the jurisdiction of the Federal Trade Commission (FTC) that collect, process or transfer covered data. In addition, the bill would make these entities responsible for ensuring that they do not collect or use covered data unnecessarily, regardless of user consent or transparency. Although many influential lawmakers support the bill, the ADPPA is already experiencing a setback. The U.S. Chamber of Commerce has called the bill “unworkable” because some parties are concerned that the bill will give individuals the right to sue businesses that fail to comply with the provisions of the legislation, and the fact that the bill would override state and local privacy. The laws have also caused friction. The House Energy and Commerce Subcommittee on Consumer Protection and Commerce was scheduled to annotate the bill yesterday, and a full committee markup is expected after the recess. 4th July.

The White House signs three cybersecurity bills.

MSSP Alert reports that the Biden administration has passed three bipartisan cybersecurity bills focused on protecting federal information technology supply chains by promoting coordination between the Cybersecurity and Infrastructure Security Agency (CISA) and state governments and premises. The State and Local Government Cybersecurity Act will require CISA to provide state and local actors with access to enhanced security tools, policies, and procedures, and encourage CISA to collaborate in the implementation by through joint cybersecurity exercises. Rep. Joe Neguse said of the measure: “For hackers, state and local governments are an attractive target – we need to increase support for these entities so they can harden their systems and better defend against hackers. harmful cyber-attacks”, Dark Reading reports. The Federal Rotational Cyber ​​Workforce Program Act establishes a civilian rotation initiative that will allow cybersecurity professionals to broaden their experiences and skills by completing short stints with various government agencies. And the Supply Chain Security Training Act directs the General Services Administration to implement a supply chain security training program in coordination with the Department of Homeland Security, the Department of Defense and the Office of Management and Budget.

A US senator commissions Cybercom to report on election security.

Maine Senator Angus King of the US state of Maine is pushing for a measure that would require US Cyber ​​Command (Cybercom) to release two unclassified reports related to each biennial election. The first report would focus on assessing foreign threats before an election is held, and the second would be a post-election assessment of vote security. King, who is also co-chairman of Cyberspace Solarium, Told the Washington Post, “We want to be kept informed of what the threats are, how they are evolving, where they are going. We also want to be able to reassure people about the security of our elections. Public confidence in election security has plummeted in recent years, and King says having the assessment come from a trusted, independent source like Cybercom — while making the information as transparent and accessible as possible — could rebuild. Americans’ confidence in the electoral process. . To improve the measure’s chances of passage, King included it in the National Defense Authorization Act (NDAA), an annual defense policy bill that Republicans and Democrats already support.

The US Navy sets its sights on cybersecurity.

As the battlespace and cyberspace increasingly overlap, the US Department of the Navy prepares to release a unified cybersecurity strategy and vision statement, FedScoop reports. According to the Navy’s Chief Cyber ​​Advisor (PCA), Chris Cleary, the overriding motto of the mission will be “Secure, Survive and Strike”. When he became PCA in 2020, Cleary was tasked with working with the Navy’s CIO to create a clear and comprehensive cybersecurity mission statement, and after years of development, the document is currently underway. review, hoping that it will be released next month. . The goal of the strategy is to provide Navy personnel with guidance on activating cyber forces, acquiring the necessary tools, and securing critical infrastructure. Cleary explained that the Navy is already savvy when it comes to enterprise information technology, so now is the time to focus on “critical infrastructure, weapon systems, and weapon system security.” , and then, ultimately, about how we embrace cyber as a combat domain in the service.”