Pentagon Might Share US Data with Foreign Militaries

ss.jpg

 

As Ashton Carter unveiled the Pentagon’s new Cyber Strategy recently he underscored its importance by revealing that DOD networks had been infiltrated by actors within Russia. The defense secretary did not emphasize a provision of the strategy that could send private data about US citizens and companies to foreign militaries.
The new strategy indirectly, but unequivocally, ties into information-sharing legislation that’s slowly making its way to the President’s desk. Among the various bills moving around Capitol Hill, the most important is the Cyber Information Sharing Act. Among other things, CISA would protect companies from being sued for sending data about their users to DHS, which would be permitted to send it in real time to DOD and other US agencies and outfits. In turn, DOD’s new strategy claims the right to share cyber threat data beyond the United States. Presumably, that would include information obtained via CISA.
In particular, the new strategy pledges DOD cyber assistance, including information sharing, to allies in the Middle East. “As a part of its cyber dialogue and partnerships, DOD will work with key Middle Eastern allies and partners to improve their ability to secure their military networks as well as the critical infrastructure and key resources upon which U.S. interests depend. Key initiatives include improved information sharing to establish a unified understanding of the cyber threat, an assessment of our mutual cyber defense posture, and collaborative approaches to building cyber expertise.”
Robyn Greene, who serves as policy counsel for the Open Technology Institute at the New America Foundation, argued that the bills would allow companies to collect and share a lot more information about the people that they interact with online. Moreover, there would be few limits on how the U.S. government could use that information. It could, for example, be used to investigate or prosecute crimes that have nothing to do with stopping hacks.
This authorization, it has been argued, would not just seriously undermine Americans’ Fourth Amendment rights, which would otherwise require the government to obtain a warrant based on probable cause to access much of that same information, it would create an expansive new means of general-purpose government surveillance. 
Others say that better sharing of certain kinds of information would help predict cyber threats without particularly imperiling privacy or constitutional rights.
Defense One: http://bit.ly/1Rk6qUk

 

« Top Security Tools to Fight Against Cybercrime
Cybersecurity: Don’t Bank On It With 3rd Parties »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Wizard Computing

Wizard Computing

Wizard Computer Services is a full service IT solutions provider that offers managed services, consultation, installation, and support to small and large businesses in New England.

GovCERT.CZ

GovCERT.CZ

GovCERT.CZ is the Government Computer Emergency Response Team of the Czech Republic.

TokenOne

TokenOne

TokenOne is a Cyber Security software company that makes it easy to replace passwords, tokens and other forms of authentication with a more secure solution.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija is the national accreditation body for Slovenia. The directory of members provides details of organisations offering certification services for ISO 27001.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Gallarus Industry Solutions

Gallarus Industry Solutions

Gallarus leads innovation within industrial Manufacturing, Production and Management Systems, including Cyber Security solutions specifically developed to protect against the latest cyber criminality.

Absio

Absio

Absio provides the technology you need to build data security directly into your software by default, and the design and development services you need to make it happen.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

HiddenLayer

HiddenLayer

HiddenLayer is a provider of security solutions for machine learning algorithms, models and the data that power them.

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.

InfoSecTrain

InfoSecTrain

InfoSecTrain are a leading training and consulting organization dedicated to providing top-tier IT security training and information security services to organizations and individuals across the globe

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.