The project, dubbed #ShareTheMicInCyber, aims to steer the cybersecurity community’s often frenetic Twitter chatter to focus on the experiences of Black people in the industry.
About 9 percent of the U.S. cybersecurity workforce identifies as Black and 26 percent identify as members of a minority group, according to a 2018 report by ISC2, a nonprofit that conducts extensive cyber workforce surveys. But those employees tend to be concentrated in nonmanagerial positions with lower pay, the report found.
“It’s still a shock that typically I am the only person of color on a project,” said Talya Parker, a cyber professional at Google and executive director of the nonprofit group Black Girls in Cyber. Parker will be talking about her experiences using the Twitter handle of Rob Joyce, director of NSA’s Cybersecurity Directorate.
- Participants plan to spend part of the day talking about their own career paths and the difficulty of often working with few, if any, other Black cyber pros, several told me.
- They also plan to weigh in on major issues in cybersecurity policy. The event is partly focused on improving cyber cooperation between government and industry — a topic that’s also top of mind for government leaders.
Hope Goins, staff director at the House Homeland Security Committee, is taking over the account of Philip Reiner, executive director of an industry-led ransomware task force and CEO of the Institute for Security and Technology. She plans to promote the value of diversity in cyber policy discussions.
“When you don’t have diversity, you make policy that inadvertently leaves some constituents out,” she told me.
This is the fourth iteration of the Share the Mic event, which launched in June 2020 shortly after the murder of George Floyd in Minneapolis. This is the first time that top government cyber officials are participating in a major way. Ayan Islam, a cybersecurity strategist at the Cybersecurity and Infrastructure Security Agency, will be taking over the account of CISA Director Jen Easterly.
“Hopefully my story can encourage others that they can join the mission too and contribute with their unique perspectives and skills,” Islam told me in an email.
The event comes as DHS is launching a complete reworking of how it hires cyber workers. That includes working with universities and professional organizations to increase racial diversity.
One big component is reducing requirements for academic degrees in cybersecurity that often shut out people with estimable cyber skills who are self-taught, learned their skills through non-university credentialing programs or moved into cybersecurity after careers and academic training in other fields.
The social media campaign’s goal is more than just sharing stories.
“We hope that talking about career paths and diversity can create conversations that go beyond one-day interactions,” Camille Stewart, a Google executive and co-founder of the project, told me.
After past iterations, Black practitioners have partnered with the people whose accounts they took over on additional projects. Parker launched Black Girls in Cyber with advice from Phil Reitinger, a former DHS official whose account she took over, she told me. It’s a six-month training program for Black women making a career change into cyber.
“I was really frustrated by always being the only Black woman in the room, and I wanted to do something about it,” she told me.
The U.S. government is going on offense against the REvil hacking gang
A U.S. government effort forced the gang responsible for the Kaseya ransomware attack to abandon operations, Reuters’s Joseph Menn and Christopher Bing report.
The operation marks a signal victory in U.S. efforts to impose costs on the criminal gangs that are increasingly threatening U.S. economic and national security. The effort was conducted by the FBI, U.S. Cyber Command, the U.S. Secret Service and in cooperation with at least one other government, Reuters reported.
The Justice Department previously clawed back more than $2 million from a DarkSide cryptocurrency wallet after the Colonial Pipeline hack – effectively erasing the gang’s ill-gotten gains.
But the government also doesn’t have a perfect track record. The Justice Department faced significant criticism from Democratic and Republican lawmakers and industry officials after it withheld a decryption key that could have helped Kaseya victims get back online faster.
The department held onto the key for three weeks while it planned an earlier operation to take REvil offline. That plan was foiled when REvil shut down its own operations in mid-July. The gang reemerged last month without explaining its absence.
Pranksters defaced Trump’s new social media network soon after he announced it
Trump Social took down an unreleased test site after pranksters were able to post a picture of a defecating pig to a “donaldjtrump” account, Drew Harwell reports. The episode shows how challenging it will be for Trump to build a stand-alone Internet business.
“The site’s early hours revealed lax security, rehashed features and a flurry of bizarre design decisions,” Drew writes. “An open sign-up page allowed anyone to use the site shortly after it was revealed.”
Drew was able to set up an account under the name of former vice president Mike Pence.
Daily Dot reporter Mikael Thalen set up an account in Trump's name.
The site also appeared to use a mostly unmodified version of Mastodon, an open-source social networking software. Mastodon founder Eugen Rochko said he has contacted the company’s legal counsel to determine whether it has broken Mastodon's terms of use.
The violation: Truth social claims its code is proprietary, which runs afoul of Mastondon's open source license, which states anyone can use it, Vice's Joseph Cox explains.
Trump officials didn't commit violations in appointing former NSA lawyer
Trump officials did not inappropriately push the National Security Agency to select Michael Ellis as general counsel, the Defense Department’s inspector general said. NSA Director Paul Nakasone was also justified in sidelining Ellis during security inquiries, the watchdog said, Ellen Nakashima reports.
Ellis resigned in April after Nakasone placed him on administrative leave in January. At the time, the NSA was investigating Ellis’s involvement in two alleged security incidents, the watchdog said:
- Unauthorized disclosure of a classified NSA notebook
- The retention of information on an NSA program involving “some of the most sensitive information that NSA possesses” in a nonsecure White House archive
The NSA wasn’t faultless. The watchdog said Nakasone shouldn’t have used an inspector general review of the selection process as further justification for Ellis’s sidelining.
The agency welcomed the report. “We cooperated fully throughout the process of this investigation and welcome the review,” a spokesperson said.
The Texas governor appointed a former Trump attorney to run the state’s elections
John Scott, who represented former president Donald Trump in his lawsuit challenging Pennsylvania’s 2020 election results, will be Texas’s new secretary of state, Eugene Scott reports. The post will give Scott the power to oversee next year’s elections in the state. It also comes as Texas reviews the 2020 election results in four of the state’s largest counties.
“The Lone Star State has been without a top election official since May, when Ruth Hughs, the former secretary of state, resigned after the Senate refused to confirm her,” John writes. “Scott will serve as interim secretary of state until he is up for confirmation by the legislature, which is not scheduled to meet again until 2023.”
Texas Gov. Greg Abbott (R) described Scott’s experience in election law and litigation as a plus. “John understands the importance of protecting the integrity of our elections and building the Texas brand on an international stage,” Abbott said. “I am confident that John’s experience and expertise will enhance his oversight and leadership over the biggest and most thorough election audit in the country.”
Trump received more than 600,000 more votes than President Biden in Texas. But the former president nevertheless called for Abbott to launch a “real audit” in September. Trump argued without evidence that “Texans know voting fraud occurred in some of their counties.” The Texas secretary of state’s office announced the review of four counties soon after.
