(Federal News Network) It is the last week of legislating on Capitol Hill before lawmakers depart for more than a month for the August recess. And there is a lot on their plates. Between the defense authorization bill, work on a potential infrastructure package and annual spending legislation, members of Congress are hoping to get at least a few big things finished before the annual district work period. Loren Duggan is deputy news director at Bloomberg Government, and he spoke to Jared Serbu on Federal Drive with Tom Temin to talk about some of what we might see this week.

Read More

(Reuters) U.S. Senate negotiators have reached agreement on the major components of a $1.2 trillion bipartisan infrastructure bill, clearing the way for a procedural vote on Wednesday to move toward formal debate and passage, lawmakers said.

(AP News) Time running short, senators and the White House worked furiously Tuesday to salvage a bipartisan infrastructure deal, with pressure intensifying on all sides to wrap up talks on President Joe Biden’s top priority.

(Reuters) A bipartisan group of senators and the White House are debating extending a program started early in the COVID-19 pandemic to help lower-income Americans get broadband access by tucking it into the $1.2 trillion infrastructure package, according to two sources familiar with the discussions.

(MeriTalk) Federal Chief Information Security Officer (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May.

DeRusha – whose office is taking a large role in implementing the executive order – has been on the record for possible changes to FISMA, but his discussion of the issue on July 21 at CrowdStrike’s Fal.Con for Public Sector 2021 event offered a more detailed picture of what the Federal CISO would like to see.

(Wall Street Journal) Many businesses have treated Amazon. AMZN +0.17% com Inc. and Microsoft Corp. MSFT -0.06% as the only options as they look to embrace cloud-computing. But IT managers now are realizing they have leverage in an increasingly competitive industry.

Businesses and governments are signing up for a mix of providers, cherry-picking features and playing the vendors off against each other to keep costs down, company executives and cloud analysts say. It is opening up business opportunities for runners-up like Alphabet Inc.’s GOOG -0.20% Google, Oracle Corp. ORCL -0.74% and International Business Machines Corp., though Amazon and Microsoft remain dominant and still account for the lion’s share of cloud revenue.

Credit-reporting firm Experian EXPGY -0.69% PLC began its move to the cloud with Amazon Web Services in 2014. It has since added services from Microsoft, Google and more recently Oracle, whose technology it had historically used in its own data centers, said Mervyn Lally, the global chief enterprise architect at Experian.

(White House Briefing Room) Protection of our Nation’s critical infrastructure is a responsibility of the government at the Federal, State, local, Tribal, and territorial levels and of the owners and operators of that infrastructure. The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation. The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States.

Section 1. Policy. It is the policy of my Administration to safeguard the critical infrastructure of the Nation, with a particular focus on the cybersecurity and resilience of systems supporting National Critical Functions, defined as the functions of Government and the private sector so vital to the United States that their disruption, corruption, or dysfunction would have a debilitating effect on national security, economic security, public health or safety, or any combination thereof. 

(The CyberWire) US President Biden this morning issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. Among other goals, the Memorandum seeks to initiate development of "baseline cybersecurity goals that are consistent across all critical infrastructure sectors, as well as a need for security controls for select critical infrastructure that is dependent on control systems." 

REvil may have reconstituted and rebranded itself as BlackMatter, although it's difficult to be sure. Forcepoint has found chatter on the "high-tier Russian-language illicit forums XSS and Exploit" that suggests BlackMatter is REvil's successor. BlackMatter registered itself on July 19th; two days later they advertised for people willing to sell access to large Western corporations. Recorded Future says that BlackMatter claims to have incorporated the best (in a criminal sense) of both REvil and DarkSide.

If you would like to have your story featured in ADI's Member News, please contact ADI's Policy & Communications Manager, Jaishri Atri.