Eric Geller

Eric Geller @ericgeller

Trays of frozen blood 😱 ... very on-brand for Spooky Month. 💀 — PolitiTweet.org

Eric Geller @ericgeller

@darth I never had one darth but I think these would be like QR codes — PolitiTweet.org

Eric Geller @ericgeller

The Biden administration will use feedback from today's session to update its cyber label proposal and bring it back to partners, the senior official said. The administration hopes to launch labels for high-risk devices like routers and cameras next spring. — PolitiTweet.org

Eric Geller @ericgeller

“We’re really excited about the potential here, because it tries to bring together market incentives and consumers who are hungry for more security," a senior administration official told reporters during a briefing this afternoon. — PolitiTweet.org

Eric Geller @ericgeller

The meeting featured briefings from the organizers of three existing labeling efforts, including @CTATech and @csaiot. @CarnegieMellon presented survey data showing that consumers want and are willing to pay more for more secure devices. — PolitiTweet.org

Eric Geller @ericgeller

Participants debated questions such as "should this be mandatory or voluntary" and "should a third party certify compliance or should it be self-attestation," per an attendee at the meeting. — PolitiTweet.org

Eric Geller @ericgeller

The consensus was that label should take form of barcode that consumers can scan to get info about latest patch, software development practices, etc. This would address the fact that, unlike an Energy Star sticker, a cyber label is dependent on factors that constantly change. — PolitiTweet.org

Eric Geller @ericgeller

The four discussion groups focused on: * the role of governments in promoting global acceptance of a labeling standard * how labels can push vendors to improve their security * how to generate awareness and acceptance of labels * how to enforce compliance with requirements. — PolitiTweet.org

Eric Geller @ericgeller

One attendee said the meeting included "remarks by high profile government officials, presentations by academic and associations involved in the space, an overview of a strawman* labeling proposal, and discussion groups around key topics." (*i.e. designed to provoke feedback) — PolitiTweet.org

Eric Geller @ericgeller

The White House held a listening session today to get feedback on its IoT cyber labeling project. Agency officials met with IoT vendors, ISPs, standards groups, and other orgs to discuss need for global standards, consumer education, and compliance. https://t.co/FJtxU2yI8z — PolitiTweet.org

Eric Geller @ericgeller

ONCD is "looking at the rollout of the National Security Strategy as a potential model" for rolling out the National Cyber Strategy, the senior official said. "There is likely going to be an event and a pretty large rollout." But again, that might not be until February. — PolitiTweet.org

Eric Geller @ericgeller

ONCD wanted to be really explicit about a "notion of shared responsibility" in cyberspace — a "social contract" b/w govt and industry where each holds the other accountable. It's not "as explicitly stated" as ONCD wanted, sr official said, but it "runs throughout" the strategy. — PolitiTweet.org

Eric Geller @ericgeller

There have been dozens of formal interagency meetings to craft the strategy, sr official said, along w/ "well over a hundred" smaller, less formal meetings b/w agency employees. ONCD met w/ Hill committees to get their input. There were "hundreds" of industry/nonprofit meetings. — PolitiTweet.org

Eric Geller @ericgeller

A few more tweets with comments from a senior U.S. official on the National Cyber Strategy. “Industry feedback has been really good," this person says. There have been "table reads" with various policy and industry experts. — PolitiTweet.org

Eric Geller @ericgeller

@nycsouthpaw obviously they were tiny leashes paw, don't be daft — PolitiTweet.org

Eric Geller @ericgeller

ONCD will craft an implementation plan for the strategy w/ specific steps for turning its high-level vision into action, sr official said. ONCD will use its authority to review agencies’ cyber budgets to ensure they’re requesting enough $ to do what the strategy expects of them. — PolitiTweet.org

Eric Geller @ericgeller

This official predicted that as part of implementing the strategy, the administration will begin making more use of interagency bodies that bring together and deconflict the work of independent and non-independent regulators. Notably: https://t.co/Ro6Bd4selY — PolitiTweet.org

Eric Geller @ericgeller

Unsupervised and uncoordinated regulations “would create a very onerous … and burdensome impact on industry and run counter to what we’re trying to achieve,” one senior U.S. official said. — PolitiTweet.org

Eric Geller @ericgeller

As others have reported, the strategy does indeed include strong new language calling for expanded cybersecurity regulations. But it will also stress need for WH to oversee regulators' work — including, somehow, independent regulators not subject to presidential control. — PolitiTweet.org

Eric Geller @ericgeller

(For those unfamiliar with the jargon, the NSC Deputies Committee is composed of No. 2 officials from key cabinet departments and agencies, along with other senior administration officials.) — PolitiTweet.org

Eric Geller @ericgeller

The backlog of docs that the staff secretary has to review helps explain why @ncdinglis said today that the strategy might not be published for three months. In the meantime, sr official says “I would expect there’d be a [Deputies Cmte] meeting on it within the next few weeks.” — PolitiTweet.org

Eric Geller @ericgeller

Scoop: @ONCD is submitting the National Cyber Strategy to the NSC this wk for Deputies Committee review, per 3 ppl familiar. One sr official says already submitted. After deputies approve, strategy goes to WH staff sec. But it could sit there for months. https://t.co/lJeshyYIlb — PolitiTweet.org

Eric Geller @ericgeller

Kudos to Aaron and Leon for this blockbuster investigation about a serious market failure that's hobbling vulnerable people's ability to fully participate in society. — PolitiTweet.org

Eric Geller @ericgeller

Only about a quarter of election websites use .gov domains, according to @CenDemTech — contradicting @CISAgov's recommendations and making it easier for malicious actors to spoof election sites and spread misinformation. https://t.co/w7ARmyNWvp — PolitiTweet.org

Eric Geller @ericgeller

No fireworks at the incident reporting listening session, which ended several hours early after only nine people spoke. Comments followed familiar themes around limiting the scope of incidents that need reporting, the range of companies that need to report, etc. — PolitiTweet.org

Eric Geller @ericgeller

Republicans' cultural standard-bearer ⤵️ — PolitiTweet.org

Eric Geller @ericgeller

@selenalarson tbh i would never f with ben when he's serving that lewk — PolitiTweet.org

Eric Geller @ericgeller

I'm at a CISA listening session where the agency will be receiving input on the development of its cyber incident reporting program. And they say being a reporter isn't glamorous. https://t.co/ke1TfFhtT8 — PolitiTweet.org

Eric Geller @ericgeller

@selenalarson that icy stare is positively spooky — PolitiTweet.org

Eric Geller @ericgeller

The Russians "find themselves having to beat many to beat one," Inglis says. "That's a new day. That's different than what we would have experienced 5, 10 years ago, when we were all defending in our stovepipes, fighting alone, being picked off one at a time." — PolitiTweet.org