NSA Nominee Wants Agency Aware of IoT Developments
NSA should be aware of the ballooning number of IoT devices, but the private sector will be largely responsible for setting cybersecurity standards for the devices, said President Donald Trump's nominee to lead the agency, Lt. Gen. Paul Nakasone, at a Senate Intelligence Committee hearing Thursday. He was responding to questions from Vice Chairman Mark Warner, D-Va., who said the federal government should use its buying power to drive IoT cybersecurity standards (see 1803130045). Projections show the global number of IoT devices growing to between 20 billion and 25 billion in the next five years, Warner said, and the Defense Intelligence Agency emphasized that the weakest IoT devices are highly vulnerable. Warner said he would “hate to find” the government spending billions on devices that increase cybersecurity risks. Policy decisions for IoT will be up to DOD, Nakasone said.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Debate has heated up over whether tech companies should be required to modify encryption technologies and permit law enforcement access to criminal data, said Sen. Ron Wyden, D-Ore. The FBI said it needs special access to communication and criminal data, but many technology experts say police access would undermine cybersecurity for all communication and make it easier for perpetrators to exploit systems, Wyden said. He asked Nakasone if he agrees with the experts.
NSA has been at the forefront of the encryption debate for 65 years, Nakasone said. The private sector has been accused of impeding data investigations, but there's a lot to learn, he said. Wyden pressed for a yes or no answer, and Nakasone offered a “conditional yes” in agreement with experts.
Chairman Richard Burr, R-N.C., described Nakasone as the right person at the right time. Nakasone has held Army command and staff positions, including in South Korea, Iraq and Afghanistan.
Warner in opening remarks said NSA needs to balance cyberthreat response while ensuring that the agency operates within the law -- namely the Foreign Intelligence Surveillance Act -- and protects the privacy and civil liberties of Americans. Nakasone must ensure Americans aren't targeted without warrant, and that criminal investigations are subject to robust oversight from Congress and the judiciary and executive branches, Warner said. He urged NSA to be wary of China positioning itself as a leader in artificial intelligence, quantum computing and bioengineering, which have privacy, national security and economic implications.