Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Cybersecurity Lobbying Spending Mounts as Privacy, Security Laws Take Shape

Tuesday, May 5, 2020

Categories: ASCF News Emerging Threats Cyber Security

Comments: 0

Cybersecurity companies are spending millions of dollars on lobbying efforts in Washington, seeking to influence policy makers as they reshape privacy and security laws.

As the cybersecurity industry has grown, these companies have increasingly sought to get time with lawmakers and help shape bills and issues in their early stages, including standards for the security of the Internet of Things, a potential federal privacy law and the rollout of 5G networks. Government initiatives such as defense programs also have grown in prominence for cybersecurity providers, which seek to win lucrative contracts with the Pentagon and other agencies.

The collective lobbying spending of 12 large publicly traded cybersecurity firms more than tripled to $3.94 million in 2019 from $1.21 million in 2015, according to an analysis by WSJ Pro Cybersecurity of federal disclosures collated by the nonprofit Center for Responsive Politics.

Efforts range from traditional advocacy related to specific bills to advising lawmakers on the security dimensions of current events, including the coronavirus pandemic.

The uptick in lobbying by the industry appears designed to capture commercial opportunities stemming from heightened awareness of cybersecurity threats, said John Pescatore, director of emerging security trends at the SANS Institute, a cybersecurity research and training organization.

One of the lobbyists’ main messages is “help make people spend more on security,” he said.

Cybersecurity companies’ spending figures cover more than just money paid to lobbyists for talking to lawmakers. Sums can include expenses such as travel, lodging and membership dues for trade associations that lobby on companies’ behalf. Still, cybersecurity companies’ lobbying bills are dwarfed by those of larger technology companies such as Facebook Inc. and Microsoft Corp., which spend millions of dollars every quarter on lobbying.The Cyber Lobby in 2019A review of 12 publicly traded cybersecurity firms showed $3.94 million in spending last year, up from $2.97million in 2018.

Cloud and security services company Akamai Technologies Inc. spent $160,000 in each of the past two years lobbying Congress and the Department of Homeland Security on topics related to telecommunications, cybersecurity and data privacy, disclosures show. A company spokesperson described the sum as a retainer for lobbying agencies and declined to comment further.

Forescout Technologies Inc. spent significantly more. The company, which has supplied its device-management software to local governments, bumped up its budget for lobbying on issues including Pentagon cyber capabilities to $680,000 in 2019 from $510,000 the previous year, according to the disclosures. A spokesperson declined to comment.

Cybersecurity and the Coronavirus

The scramble to adapt to the coronavirus pandemic also has changed what cybersecurity lobbyists are doing in Washington.

Stacy O’Mara, who lobbies U.S. lawmakers as director of government affairs at security and consulting company FireEye Inc., said she has changed the focus of her efforts in recent weeks toward coronavirus-related cybersecurity measures. That includes advising congressional aides on remote-voting tools for lawmakers as they consider additional funding for state and local governments. FireEye’s annual lobbying spend has held steady at $160,000 since 2016, according to federal disclosures.

Ms. O’Mara said she aims to highlight cybersecurity challenges faced by state and local governments as they navigate telework and remote schooling.

“We are talking with staff right now and providing threat briefings to help them understand what is actually going on with the states and what they need to build up their capabilities,” Ms. O’Mara said.

FireEye, which previously focused much of its lobbying on Pentagon spending, has begun holding biweekly briefings that encourage remote Hill staffers to keep cybersecurity threats top of mind during the public-health crisis, Ms. O’Mara said. FireEye spokeswoman Melanie Lombardi said Ms. O’Mara’s efforts to build relationships have directly or indirectly brought $10 million of revenue to the company since 2017.

Other security firms, such as the risk-management company Rapid7 Inc., have tilted at specific areas of larger bills. The company helped push for the Library of Congress to carve out an exemption for security researchers under the Digital Millennium Copyright Act, said Jen Ellis, the company’s head of public affairs. Rapid7, which has spent $180,000 annually on lobbying since 2016, according to filings, successfully argued along with other companies that the exemption would give researchers more freedom to study copyright material without express permission of its owner.

Rapid7 has lobbied—so far, unsuccessfully—for a similar tweak to the Computer Fraud and Abuse Act, an antihacking law, Ms. Ellis said. She expects much of her attention to return to privacy topics, including the possibility of a federal privacy law. Ms. Ellis said she plans to argue for bolstered security requirements in any such statute.

Amplified Voices

Some companies do their lobbying through trade groups, which can amplify the voices of companies that share the same views.

In a letter dated April 20, software trade association BSA and six other trade groups urged House Speaker Nancy Pelosi (D., Calif.) and Minority Leader Kevin McCarthy (R., Calif.) to include additional cybersecurity funding for state and local governments in future pandemic relief packages. The funding, proposed by senior Democrat lawmakers on the House Homeland Security Committee, would amount to $400 million.

In March, several technology trade groups weighed in on Defense Department cybersecurity standards that require certifications for contractors, saying they lacked clarity in certain sections. At the state level, trade associations also asked the California attorney general’s office to delay enforcement of the 2020 California Consumer Privacy Act, considered the strictest privacy rule in the U.S., due to confusion created by the pandemic. The attorney general’s office appeared to leave the door open to tweaking the implementation schedule given the health crisis.

“The software industry really needs to be at the table for those policy discussions,” said Craig Albright, vice president of legislative strategy at BSA. He says Congress members often miss the technical nuance that companies represented by trade groups can provide.

Privately held cybersecurity companies, such as industrial cybersecurity firm Dragos Inc. and training company KnowBe4 Inc., also have cracked open their checkbooks to exert influence on issues such as critical infrastructure cybersecurity and education efforts, according to lobbying disclosures.

Even if lobbying doesn’t result in policy changes or budgets that are directly beneficial to a company, it buys face time with policy makers and aides who may consider legislation in the future, said Robert Lee, founder of Dragos. Lobbying efforts by the company have run to at least $350,000 since 2017, according to disclosures.

Mr. Lee testified about threats to critical infrastructure from nation-state hackers before the Senate Energy Committee in 2018.

Lobbying can be beneficial in providing technical know-how to policy makers, he said, but can carry a certain stigma in the public eye. “I don’t think anybody says the word ‘lobbying’ and doesn’t hurt their soul a little bit,” he said.

Photo: House Speaker Nancy Pelosi (D., Calif.) and House Minority Leader Kevin McCarthy (R., Calif.) after the House passed the Cares Act providing coronavirus relief in March. Trade groups have asked for additional cybersecurity funding for state and local governments in future relief packages. - ANDREW HARNIK/ASSOCIATED PRESS

Link: https://www.wsj.com/articles/cybersecurity-lobbying-spending-mounts-as-privacy-security-laws-take-shape-11588619239?mod=tech_lead_pos7

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search