| A NEW CYBER SCHEME — The EU's cloud cybersecurity certification scheme may be nearing the finish line as soon as today after years of tensions over sovereignty requirements aimed at curbing U.S. cloud access looks to be on its way out. The sovereignty criteria, which sought immunity from foreign laws like the U.S. CLOUD Act, had raised concerns from American tech giants like Amazon, Microsoft and Google — who feared being locked out of Europe’s most critical cloud services. — Why things are moving along: Those controversial criteria look set to be scrapped in the latest Belgian compromise text ahead of today’s European Cybersecurity Certification Group meeting. That prompted optimism from critics like the Dutch State Secretary Alexandra van Huffelen, who told our colleagues at Cyber Insights that "some kind of compromise" looks like it can be reached. — Tit for tat: Now, both sides are launching last-ditch advocacy blitzes as the certification group prepares to discuss the new text today. European industry groups like Airbus, Deutsche Telekom and OVHcloud are urging negotiators to reinsert the sovereignty rules, warning of "the risk of unlawful access" by China or the U.S. without them. But a coalition of industry groups with U.S. cloud members, including The Software Alliance, is praising the new draft's "focus on technical and functional requirements which should rightfully remain at the core of cybersecurity certification in Europe." They're calling for a swift drafting of the implementing act sans sovereignty language. PURA VIDA — Two of the nation’s top cybersecurity officials stirred up a beef with Beijing during a recent trip to Costa Rica to rally opposition to Chinese telecom giants. Nate Fick, the State Department's top cyber diplomat, and Anne Neuberger, the White House's deputy national security adviser for cyber and emerging tech, were in San José last week for a Regional 5G Workshop. The event pushed countries across Latin America and the Caribbean to embrace "trusted suppliers" from democratic nations for their wireless networks, satellites, undersea cables and cloud services — aka keep Huawei out. — Big turnout: More than a dozen countries sent reps, including Argentina, Paraguay, Guyana and Trinidad and Tobago, per a State Department readout of the event provided to Maggie. — China wasn’t having it: The Chinese Embassy in Costa Rica put out a statement Friday strongly condemning the meeting, naming Fick and Neuberger in noting that “we regret U.S. officials have spread ‘pure lie’ in a country known for its ‘pura vida.’” The embassy accused the U.S. of carrying out mass cyberattacks and surveillance activities of its own. “The Chinese government has never asked any company or used telecommunications services to obtain user data or key intellectual property from other countries,” the statement reads. “The relevant claims by U.S. officials ignore the facts and are unsubstantiated.” U.S. officials have tended to point to a 2017 Chinese intelligence law in citing concerns about Huawei and other Chinese-based tech companies, as the law requires all Chinese companies to support and assist Chinese national security work if asked, potentially compromising data. — Friendly relations: Costa Rican President Rodrigo Chaves vowed last year to only buy telecommunications gear from democratic nations, effectively boxing out Huawei. And the State Department last year gave $25 million in cyber aid to help the country bounce back from major 2022 ransomware attacks.
| 
No comments:
Post a Comment