Weekly Wrap-Up
Week of July 26, 2021
Upcoming August Congressional Recess
Last Week of Legislating Before Congress Departs for August Recess
(Federal News Network) It is the last week of legislating on Capitol Hill before lawmakers depart for more than a month for the August recess. And there is a lot on their plates. Between the defense authorization bill, work on a potential infrastructure package and annual spending legislation, members of Congress are hoping to get at least a few big things finished before the annual district work period. Loren Duggan is deputy news director at Bloomberg Government, and he spoke to Jared Serbu on Federal Drive with Tom Temin to talk about some of what we might see this week.
Infrastructure Bill Gains Bipartisan Support
Senators Reach Deal on Major Points of U.S. Infrastructure Bill
(Reuters) U.S. Senate negotiators have reached agreement on the major components of a $1.2 trillion bipartisan infrastructure bill, clearing the way for a procedural vote on Wednesday to move toward formal debate and passage, lawmakers said.

The agreement, which follows months of talks between Senate Democrats and Republicans, is also backed by President Joe Biden and expected to gain strong support from lawmakers on both sides of the party aisle.

Democratic Senator Kyrsten Sinema and Republican Senator Rob Portman, the two lead Senate negotiators, announced the agreement to reporters in the Capitol. Details on transit and broadband were still being finalized but lawmakers said legislative text would be completed soon.
Senators, White House in Crunch Time on Infrastructure Deal
(AP News) Time running short, senators and the White House worked furiously Tuesday to salvage a bipartisan infrastructure deal, with pressure intensifying on all sides to wrap up talks on President Joe Biden’s top priority.

Despite weeks of closed-door discussions, several issues are still unresolved over the nearly $1 trillion package. Spending on public transit remains in question and a new dispute flared over the regulation of broadband access. Patience was running thin as senators accused one another of shifting the debate and picking fights over issues that had already been resolved.

Still, all sides — the White House, Republicans and Democrats — sounded upbeat that an accord was within reach as senators braced for a possible weekend session to finish the deal. No new deadlines were set.
White House Wants Broadband Funding in Infrastructure Bill - Sources
(Reuters) A bipartisan group of senators and the White House are debating extending a program started early in the COVID-19 pandemic to help lower-income Americans get broadband access by tucking it into the $1.2 trillion infrastructure package, according to two sources familiar with the discussions.

Lawmakers passed a $3.2 billion emergency program last year to help struggling Americans secure broadband internet access during the pandemic. The program provides a discount of up to $50 per month toward broadband services to eligible households and up to $75 per month for households on tribal land, plus a one-time discount of up to $100 for a computer or tablet.
FISMA Update
Federal CISO DeRusha Maps FISMA Reform Priorities
(MeriTalk) Federal Chief Information Security Officer (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May.

DeRusha – whose office is taking a large role in implementing the executive order – has been on the record for possible changes to FISMA, but his discussion of the issue on July 21 at CrowdStrike’s Fal.Con for Public Sector 2021 event offered a more detailed picture of what the Federal CISO would like to see.
Cybersecurity & Procurement
Battle for the Cloud, Once Amazon vs. Microsoft, Now Has Many Fronts
(Wall Street Journal) Many businesses have treated Amazon. AMZN +0.17% com Inc. and Microsoft Corp. MSFT -0.06% as the only options as they look to embrace cloud-computing. But IT managers now are realizing they have leverage in an increasingly competitive industry.

Businesses and governments are signing up for a mix of providers, cherry-picking features and playing the vendors off against each other to keep costs down, company executives and cloud analysts say. It is opening up business opportunities for runners-up like Alphabet Inc.’s GOOG -0.20% Google, Oracle Corp. ORCL -0.74% and International Business Machines Corp., though Amazon and Microsoft remain dominant and still account for the lion’s share of cloud revenue.

Credit-reporting firm Experian EXPGY -0.69% PLC began its move to the cloud with Amazon Web Services in 2014. It has since added services from Microsoft, Google and more recently Oracle, whose technology it had historically used in its own data centers, said Mervyn Lally, the global chief enterprise architect at Experian.
National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
(White House Briefing Room) Protection of our Nation’s critical infrastructure is a responsibility of the government at the Federal, State, local, Tribal, and territorial levels and of the owners and operators of that infrastructure. The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation. The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States.

Section 1. Policy. It is the policy of my Administration to safeguard the critical infrastructure of the Nation, with a particular focus on the cybersecurity and resilience of systems supporting National Critical Functions, defined as the functions of Government and the private sector so vital to the United States that their disruption, corruption, or dysfunction would have a debilitating effect on national security, economic security, public health or safety, or any combination thereof. 
US Issues Critical Infrastructure Cybersecurity Memo. Ransomware Successors: BlackMatter & Haron. iOS Fix Addessed Pegasus?
(The CyberWire) US President Biden this morning issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. Among other goals, the Memorandum seeks to initiate development of "baseline cybersecurity goals that are consistent across all critical infrastructure sectors, as well as a need for security controls for select critical infrastructure that is dependent on control systems." 

REvil may have reconstituted and rebranded itself as BlackMatter, although it's difficult to be sure. Forcepoint has found chatter on the "high-tier Russian-language illicit forums XSS and Exploit" that suggests BlackMatter is REvil's successor. BlackMatter registered itself on July 19th; two days later they advertised for people willing to sell access to large Western corporations. Recorded Future says that BlackMatter claims to have incorporated the best (in a criminal sense) of both REvil and DarkSide.
If you would like to have your story featured in ADI's Member News, please contact ADI's Policy & Communications Manager, Jaishri Atri.
Questions? Inquiries? Please e-mail: info@hq.alliance4digitalinnovation.org