Overnight Cybersecurity: DHS funding down to the wire

DHS funding down to the wire February 26, 2015 By Cory Bennett and Elise Viebeck Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ... THE BIG STORIES: --DOWN TO THE WIRE ON DHS DEADLINE: Tomorrow's the day. DHS funding expires at midnight on Friday and lawmakers still haven't reached a final agreement. Current and former DHS officials have warned that any funding hiatus could damage the agency's cyber efforts, leaving government networks at risk, delaying the rollout of new protections and reducing the department's ability to respond in the event of a cyber emergency. Check back on Friday morning, when the Senate could vote on a measure to fund DHS through September. The House is considering several shorter-term measures to fund the department for a week or a month. For the latest details, visit The Hill. --WHITE HOUSE HOLDING UP INTEL CYBER BILL? It seems the White House is not on board with a Senate Intelligence Committee bill to enhance cybersecurity information-sharing. "The White House is not a supporter, which is troubling," said Sen. Ron Johnson (R-Wis.), a key cyber player who chairs the Senate Homeland Security and Governmental Affairs Committee. And that lack of support may be holding up the measure, which was expected this week. Could Intelligence be making a last-minute effort to get the administration on board? Lawmakers were mum. "What's holding it up is that people need to look at it, talk about it a little bit, consider the process," said Sen. Dianne Feinstein (D-Calif.), Intel ranking member. To read our full piece, click here. --VENMO FACES SECURITY QUESTIONS: Cue the outcry from millennials. The popular mobile payment Venmo is apparently slow to tell users when their account settings have been changed, allowing for hackers to surreptitiously gain access and sometimes steal funds. The company is also said to be slow responding to user questions and complaints about account fraud. These accusations were part of a Slate piece critical of the company's handling of cybersecurity. "There are basic security holes that you could drive a truck through," said Chris Grey, a New York City web developer whose account was compromised. To read our full piece, click here. --IN DC, ZERO PERCENT CYBER UNEMPLOYMENT: IT professionals trained in cybersecurity are in high demand in Washington, D.C. -- so high that they face virtually no unemployment, according to Hexis Cyber Solutions CTO Steve Donald. This unusual situation has led to salary inflation and productivity problems, and reflects a wider dearth of highly experienced cyber professionals around the country, Donald told an event this week. To read more about his comments, click here. Hexis is based in Hanover, Md. UPDATE ON CYBER POLICY: Senate Commerce Committee Ranking Member Bill Nelson (D-Fla.) expressed hope Thursday for his data breach notification bill. "It's bipartisan," he told The Hill off the Senate floor. "So we'll see if we can move it." The measure, which mirrors a White House legislative proposal, would require companies to notify customers of a data breach within 30 days. It would also set minimum data security standards. It's not clear when the committee will move on the measure, though. "I don't have a timeline yet," Nelson said. LIGHTER CLICKS: --YOUR GUIDE TO SAFE SEXTING. For anyone who is worried about the security of their explicit photos, Wired has a solution: take photos that look kind of explicit but really aren't. Fleshy inner arms can stand in for cleavage, the magazine suggests at one point. To read the sort of NSFW piece -- complete with example photos -- click here. --CAN HACKERS BE LEADING MEN? Today's con men are mostly online and that is bad for entertainment purposes, Vulture argues in a new piece. The petty grifters and pickpockets of yesteryear -- the kind of guys who gave the con-artist movie its allure -- are gone, replaced by a lot of people staring at screens. To read the piece, click here. A LOOK AHEAD TO NEXT WEEK: --MONDAY: Director of National Intelligence James Clapper will speak at the Council on Foreign Relations on the current state of the U.S. spy community. Clapper said this week that cyber threats pose a danger to the United States, though he downplayed the likelihood of a "catastrophic" online attack. "We envision something different. We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security," he wrote in a declassified intelligence report. IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. European companies have joined the chorus of U.S. firms imploring their governments to stop pending Chinese cybersecurity regulations. (The Hill) The "Snowdenites" don't need to be in the majority to win. (Slate) A billion-dollar lawsuit against the producers of CitizenFour keeps getting weirder. (TechDirt) Cybersecurity is a growing concern for companies considering acquisitions. (Washington Business Journal) Twitter added a "report dox" option to abuse alert system. (Ars Technica) The job of Northrop Grumman's CFO? Attack the hackers. (CFO) Wall Street regulator says there could be a 'cyber 9/11' coming. (The Hill) We’ll be working to stay on top of these and other stories throughout the week, so check The Hill’s cybersecurity page early and often for the latest. And send any comments, complaints or cyber news tips our way, viacbennett@thehill.com or eviebeck@thehill.com. And follow us at@cory_bennett and @eliseviebeck. If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A