Chris Inglis’ new White House office has a startup feel to it. There are desks, a few chairs, a coffee maker and a poster hanging on the wall.  But as the head of the newly established Office of the National Cyber Director, Inglis has to make due with what he has while still advising President Joe Biden on the smartest ways for the US to prevent and respond to cyberattacks.

Inglis has already had numerous conversations with the president, who has made clear that the government has a role to play in the defense of the private sector and in assisting the private sector in defending critical infrastructure.  And the president knows, says Inglis, that means the government needs to get its own cyber house in order. 

But like any real startup, Inglis’ resources are scarce.  More than three months after being confirmed by the Senate, he still doesn’t have the full staff he needs to take on his timely and critical mission.  That’s because the funding for his office – some $21 million, part of the $1 trillion infrastructure bill making its way through Congress – is still stuck in the political spin cycle.  Why does it matter?

“The threat is greater than I can ever remember,” Inglis told me during last month’s AFCEA and INSA Intelligence & National Security Summit in National Harbor, Maryland. “The audacity, the brazenness, the thresholds that have been crossed at every turn; we’re in a difficult place.”

While he’s waiting for Congress to act, he says he’s spending about fifty percent of his time defining his role, being careful not to duplicate the work already being done by other agencies and departments, while spending another fifty percent building relationships that will be important later.  Eventually, he’s expected to have a staff of some 75 people who will be expected to work hand in glove with CISA, the National Security Council’s cyber staff, the OMB and others.  The remaining fifty percent of his time, Inglis jokes, is spent figuring out how to attract the country’s best talent.   

“People are starting to flow into the organization. I’m confident that we’re coming up to a breakout moment, not for the National Cyber Director, but the contribution that we can and should make. I’m sobered by the nature of the challenge, I’m optimistic we can make a difference.”

Optimistic he is.  And he’s not even complaining about being given a critical task for US national security and then having to wait for politics to play out before being able to act on it.

“It has been a semi-silver lining in that we would not have had time to think about how we want to apply the resources coming our way.”

While Inglis has been waiting, he and his small team have had time to think about the four things they’d like to focus on right away. 

First, is streamlining the roles and responsibilities in government of who handles what when it comes to protecting the public and private sectors from cyberattacks.  He also spoke during his confirmation hearing about the importance of allocation of resources and while the Office of the National Cyber Director doesn’t have the authority to move money, it does have what Inglis calls the responsibility to account for cyber money.

“One of the most critical gaps in cyber is that the physical digital infrastructure is not built to a common standard. The executive order related to this requires that within a certain amount of time we have to install basic procedures like multifactor authentication and encryption of stored material. That is a challenge and a potential vulnerability for us. We need to make sure that we make these investments necessary to buy down the lack of investment for years.

The second gap is in talent related to number of people required to occupy these jobs. It’s not simply the folks with IT or cyber in their name, but general cyber awareness. There is some expenditure of resources of time, attention, and money to get awareness right on the part of the truly accountable parties like agency and department heads. We have to make sure they don’t see cyber as a cost center, but an enabler on the part of all the users as they understand what their roles are and what the accountability is.

He admits there is still a level of education needed within government to get there.

That is usually the case in both the government and the private sector,” he said.  “We need to think this way about cyber and invest in cyber so that we can enable the mission, not hold it back. I think that education is the most important and effective way to handle this. Then, it is to make sure that the accountability is aligned and harmonized. We tend to take risk in one place and expect someone in another place to be the mitigator of a risk they don’t understand was taken in the first place. We need to operate in a collaborative fashion and get away from divisions of effort which are an agreement not to collaborate and allow adversaries to pick us off one at a time.”

Inglis says that unity of effort must start at home.  “The executive order issued in May has begun to lay out common expectations about the hardware, software, and practices that we need to begin in those spaces,” he said.  “Externally, if we have sector risk management agencies who engage the private sector for the purposes of supporting and engaging the critical components of that infrastructure, we need to make sure you don’t need a Ph.D. in government to know who to deal with and what you’re going to get from them.”

He is arguing for the government to also put ‘valuable material’ on the table.  “That could be our convening power,” said Inglis. “We could perhaps address and reduce liability or give companies a clue as to what might be around the corner because the government has access to exquisite intelligence. If that setup is possible, we also need a venue where collaboration takes place. Information doesn’t collaborate, people do.”

Inglis likes to point to the example of CISA and the Joint Cyber Collaborative.  “They put people from the private sector and the public sector side by side to co-discover threats that hold us at common risk. That project sets up the possibility of implicit collaboration in what we then do with that common operational picture. The government could take ideas that private sector companies turn into proprietary systems and enrich and classify them to deal with it in their system.”

Using what he calls “all the tools in the toolkit,” Inglis also notes the importance of international relationships, which fits nicely into the White House’s International Summit on Ransomware last week in Washington, which zeroed in on tighter cryptocurrency standards, among other things. “Beyond the Five Eyes, what do other like-minded nations think about what is expected behavior in this? What are governmental actions that are appropriate,” he asked.  

Inglis has been an active participant in the president’s recent actions in cyber.  He took part in a White House meeting with tech leaders in August that was hosted by President Biden, who Inglis says, spent the first hour sharing his vision about how the country should focus on collaborative integration.  “The companies represented weren’t only companies like Microsoft and Apple, but people who operate in the critical infrastructure space,” said Inglis.  “The people component, educators, were represented reflecting the president’s view that cyberspace is not just technology, it is also the people component. They are a major link in the chain, and we need to get the roles and responsibilities right.”

While he’s waiting for the funding he needs to get his office fully staffed, Inglis said he’s also putting thought into reconciling resources with aspirations.  Managing expectations is going to be important.  Frustration has been growing for years over what some see as a lack of government response to some of the largest hacks in history.  The phrase ‘time and place of our choosing’ as a definition of response has grown old and some Americans are weary of a government that isn’t responding in a more public way to the beating it sees the US taking in cyberspace.

So, I asked Inglis whether there should be red lines in cyber.

“Red lines are both good and bad,” he answered.  “They are clear and crisp, and everybody knows what they are. The downside is that because of that, an adversary knows exactly how far they can go. It means that you set up a somewhat permissive environment. Red lines also don’t have context; sometimes there is a reason that a defender would make the ransomware payment. As a matter of policy, the U.S. government does not pay ransomware, but I imagine there will be a situation at some point where a hospital is against the Russian state and actual life and safety is at risk. If there is no other way to get the material back, in order to get back in the business of saving lives, they would want to rethink if a red line is a red line in that particular situation. I think the right thing to do here is not to establish hard thresholds of things with scripted responses, but outline what we are prepared to defend and what principles we will exercise in defense of those things. We commit to defending the private sector when it is held at risk by a nation state in cyberspace as much as in the kinetic space and make that clear to adversaries. I think that would be more helpful in changing decision calculus and creating a useful ambiguity about when and where we will come in.”

Inglis said he’s also thinking a lot about present and future resilience.  It’s a worthwhile focus, given that the White House estimates that nearly half a million public and private sector cybersecurity jobs are currently unfilled. 

“That is a massive problem,” said Inglis. “However, the more insidious problem is that the 320 million people in the United States who use the internet who have no idea how to properly take their place on the front lines of this issue. There is an awareness issue that requires us not to make Python programmers out of them but to make sure they understand the nature of this space.”

Everyone has heard the old saying that time is money, but in Inglis’ case, time is security so I asked him point blank whether he thought government was moving has quickly as it should on the cyber problem.

“Government is moving at speed; the question is if it is at the necessary speed. I don’t think anyone is moving at the necessary speed. Some are moving at light speed, but at the end of the day, we need an integrated, collaborative approach. While we won’t have unity of command, I think there needs to be a universally felt sense of urgency so that we will all get our heads in the game.”

Congress, are you listening?  Oh, and by the way, that poster in Inglis’ office? It reads, ‘Hours Since the Last Surprise.”

As a startup with maybe too few resources at the start and who often didn’t understand how all the wickets are run, we have our occasional surprise,” said Inglis.  “When we encounter those surprises and go to someone with the deep and sharp expertise to help us navigate that, we get what we need. However, we are not a full functioning, full featured, fully capable organization yet. We’re trying to build somebody else’s airplane while we’re free falling from our own. We have a parachute, and we can land safely, but it is a bit of a challenge at times.”

Find out more about why experts like former NSA Director General Keith Alexander (Ret.), Mandiant CEO Kevin Mandia and others have joined The Cyber Initiatives Group, powered by The Cipher Brief

Read more expert national security insights, perspective and analysis in The Cipher Brief

The post Chris Inglis and the Gathering Cyber Storm appeared first on The Cipher Brief.

find more fun & mates at SoShow now !

People around the world will need to get a jab against Covid-19 once a year, at least when it comes to the Pfizer vaccine, BioNTech’s CEO Ugur Sahin said in an interview on Sunday, as he praised the quality of its booster shot.

In an interview with Germany’s Bild newspaper on Sunday, Sahin said he considers the vaccine, co-developed by his company, to be “very effective.”

Read more

© Getty Images / sasacvetkovic33
Drastic drop in Covid vaccine effectiveness – study

When asked whether people should be worried about the “breakthrough infections” – in which those vaccinated with the Pfizer-BioNTech vaccine still developed Covid-19 symptoms – he dismissed such concerns, saying that the jab offers a “90 percent protection” against cases that require intensive care in those aged over 60.

A “very high” level of protection against severe illness lasts for up to nine months, the BioNTech CEO maintained. He said this level starts decreasing “from the fourth month,” however. To maintain the protection, Sahin strongly pushed for booster shots, arguing that they would not just restore levels of antibodies but would potentially help “to break … chains of infection.”

He also encouraged doctors to be “as pragmatic as possible” when it comes to greenlighting vaccination and “not to send people home unvaccinated even though they could be vaccinated without any problems.”

In the future, people might need to get booster shots once a year, the BioNTech CEO believes. He said that he expects protection from a booster shot to “last longer” than the initial immunity one acquires after getting two doses of the vaccine.

“Subsequent … vaccinations may only be needed every year – just like [with] influenza,” he said. Currently, the German Federal Center for Health Education – an agency subordinated to the Health Ministry – recommends a booster shot six months after one gets the second dose of a vaccine. It also says that “booster vaccination makes sense after a minimum interval of about four months.”

Read more

© AFP / MARTIN BERNETTI
FDA approves Covid booster shots for all US adults

Sahin’s interview comes days after it was revealed that Pfizer, BioNTech and Moderna are making a combined profit of $65,000 every minute – all thanks to their Covid-19 jabs. That is according to estimates made by the People’s Vaccine Alliance (PVA) – a coalition demanding wider access to vaccines.

The PVA estimated that the three companies are to earn a total of $34 billion in combined pre-tax profits this year alone, which roughly translates into more than $1,000 a second and $93.5 million a day.

PVA has slammed the three companies over their refusal to allow vaccine technology transfer despite receiving a combined $8 billion in public funding. Such a move could increase global supply and save millions of lives as well as drive down prices, the coalition said.

“Pfizer, BioNTech and Moderna have used their monopolies to prioritize the most profitable contracts with the richest governments, leaving low-income countries out in the cold,” said Maaza Seyoum of the African Alliance and People’s Vaccine Alliance Africa.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

Those making and knowingly using fake vaccination certificates in Germany could soon face up to five years behind bars, as the country’s likely future coalition government is looking to tighten the screws.

Coming under the same category are also fake test results and Covid recovery certificates, with similar penalties for the counterfeiters and the holders. Everything envisaged in the new guidelines was drafted by the Social Democrats, along with the Free Democratic and Green Parties. The three are currently in coalition talks and expected to form a new government as early as next week.

The German Parliament will decide on the regulations this Thursday, though a draft has already been seen by the media outlet DPA.

According to German media, the manufacturing and sale of fake certificates has become a booming black-market industry in the country. In just one such case reported by Der Spiegel in late October, a counterfeiter working at a pharmacy in Munich and her accomplice had churned out more than 500 fake digital certificates in the span of one month, raking in €350 for each one sold.

Read more

Felix Gottwald has spoken out as police patrol the streets of Austria to check people are vaccinated © Lisi Niesner / Reuters | © Instagram / felixgottwaldofficial
‘I am deeply ashamed of our country’: Austria’s greatest Olympian quits political role as lockdown for unvaccinated comes in

Meanwhile, Berlin authorities are planning to further ramp up restrictions in the city, where, starting Monday, having either a vaccination or recovery certificate is a must to enter restaurants, cinemas, theaters, museums, galleries, swimming pools, gyms, as well as hairdressers and beauty salons. On Tuesday, Berlin Mayor Michael Müller confirmed that authorities want to “have an additional instrument” to contain the spread of the virus. However, he declined to elaborate on what the new measures will be. Local media speculate that starting next week, in addition to the requirement to have a vaccination or recovery certificate to enter public places, people inside the venues will also need to practice social distancing and wear a mask, or have a recent negative test result.

This comes after Covid-19 numbers in Berlin hit an all-time high last Thursday, with 2,874 new cases reported that day.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

Vaccination of all Hungarian citizens against Covid-19 is inevitable, PM Viktor Orban has said, stating that even the most hardline anti-vaxxers will ultimately face a choice between dying with the virus and getting a jab.

Speaking to Kossuth radio on Friday, the Hungarian leader lashed out at those reluctant to get vaccinated against coronavirus, branding them a threat “not only to themselves but to all others.”

In the end, everyone will have to be vaccinated; even the anti-vaxxers will realize that they will either get vaccinated or die. So, I urge everyone to take this opportunity.

The EU member state is currently experiencing its fourth wave of coronavirus, Orban stated, blaming the situation on those who had not got vaccinated. “If everybody were inoculated, there would be no fourth wave or it would be just a small one,” the PM claimed.

Read more

FILE PHOTO. ESSEN, GERMANY. © AFP / Ina FASSBENDER
Covid rates take Germany to ‘nationwide state of emergency’

Apart from urging the unvaccinated to go and finally get their jabs, Orban also promoted booster shots, revealing that he had already taken three doses of a coronavirus vaccine.

“The only thing that protects us from the virus is vaccination. And we are now also seeing, at least the experts are unanimous in saying, that four to six months after the second vaccination, the protective power of the vaccine weakens. Therefore, a third vaccination is justified,” he said.

Hungary has already announced new anti-Covid measures, though somewhat short of the strict measures proposed by the nation’s Medical Chamber on Wednesday. The medical body called for a blanket ban on mass events, and suggested making entry to restaurants, theaters and other indoor venues conditional on bearing a Covid-19 inoculation certificate. Instead, Budapest rolled out compulsory mask wearing for most indoor environments, as well as making booster shots mandatory for all medical workers, starting from Saturday.

A nation of 10 million, Hungary’s total tally of logged Covid cases is hovering just below the one million mark. On Friday, it registered a new daily record, with nearly 11,300 new Covid infections. More than 32,700 people in Hungary have succumbed to the disease over the course of the pandemic.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

Once you’ve reached optimal cat lady status, there comes a time in your life where you think it’s necessary to start massaging your cat’s head. Luckily, someone has already created a cat head massager, and it is most likely the most specific niche product you could think of. You can get it on Amazon or AliExpress.

Cat head massager.

If your cat didn’t love you before, rest assured he will love you now. Your cat will be so thankful for the head massage that he might even ignore you for less time throughout the day, and if you’re really lucky, your cat may even acknowledge your existence. …Or you can use it on yourself if you have a particularly small head.

Cat head massage.

Cat massage.

Feels good, man.

Feels good.

In case you feel like you should have this thing in your (and your cat’s) life, you can get it on Amazon or AliExpress.

The post Cat Head Massager Is The Cutest Thing Ever first appeared on .

find more fun & mates at SoShow now !

For the first time since the start of the pandemic, the number of new daily Covid cases in Germany has exceeded 60,000, according to the country’s disease control and prevention agency, the Robert Koch Institute.

Authorities fear that in reality the figure is even higher, as not all cases are immediately reported or detected. Just a week ago, the number of daily infections across Germany surpassed the 50,000 mark.

Read more

(FILE PHOTO) © REUTERS/Fabian Bimmer
Germans facing ‘really terrible Christmas’

Among the country’s Covid hotspots are Thuringia, Saxony and Bavaria. In the latter region, hospitals are so overwhelmed with Covid patients that they have had to put off any non-emergency surgery.

Against this grim backdrop, lawmakers in the Bundestag on Thursday backed a new set of measures aimed at containing the spread of the disease. The package was proposed by Germany’s Social Democrats, the Green and Free Democratic parties, which are expected to form a new coalition government as early as next week.

If passed by the upper house, the rules would include mandatory daily Covid testing for employees of, and visitors to, care homes, regardless of vaccination status. Germans would also be required to show proof of full vaccination, recovery or a fresh negative Covid test in order to enter their workplace or use public transport.

On top of that, those caught selling and forging fake certificates and tests could face up to five years behind bars. Just like the Covid regulations currently in place, the new plan gives some leeway to regional authorities in terms of restrictions so that, for instance, the banning of recreational, cultural, and sporting events will be at their discretion. However, things like travel bans, curfews and massive closures of businesses would now be off-limits to local government.

If you like this story, share it with a friend!

find more fun & mates at SoShow now !

Libyan military commander Khalifa Haftar is set to challenge Gaddafi’s son for the top job, announcing his presidential bid. The election will take place on December 24.

Read more

Saif al-Islam al-Gaddafi at the registration centre in Sebha. ©Khaled Al-Zaidy / Handout via REUTERS
Gaddafi heir runs for Libyan presidency despite arrest warrant

I declare my candidacy for the presidential election, not because I am chasing power but because I want to lead our people towards glory, progress and prosperity,” the de facto leader of Eastern Libya said in a televised speech.

Haftar added that the election is the only way out of the severe crisis the country has been plunged into.

The announcement was expected; in September, Haftar announced that he was temporarily stepping down as head of the force known as the Libyan National Army, fulfilling the requirement for presidential hopefuls to suspend public work three months before an election.

Haftar will run against the son of former leader Muammar Gaddafi, Saif al-Islam Gaddafi, who represents the Popular Front for the Liberation of Libya.

Haftar’s presidential bid is likely to anger many who consider him a war criminal responsible for the indiscriminate killing of civilians during his military campaign. A number of civil lawsuits have been filed against him in a US federal court for alleged war crimes. Haftar has both US and Libyan citizenship, and owns property in Virginia.

Following years of civil war and political chaos after the NATO-backed intervention that saw Muammar Gaddafi deposed and brutally murdered, the upcoming election is widely viewed as an opportunity for political settlement and the long-awaited unification of the country, divided now between Haftar’s forces and the Tripoli-based Government of National Accord. However, there is still no consensus on the legal grounds for the election, which could become an obstacle for the peace process.

Like this story? Share it with a friend!

find more fun & mates at SoShow now !

The EU Commission has released draft legislation aimed at tackling the destruction of woodland by introducing import restrictions on products not certified as ‘deforestation-free’.

The draft proposal, which the commission hopes will become binding rules for all member states, seeks to limit the import of beef, cocoa, coffee, palm, soy, and wood if it is not proven “deforestation-free.”

Outlining the legislation, the EU commissioner for climate action policy, Virginijus Sinkevicius, called it a “ground-breaking” proposal that will help fight “illegal deforestation” and “deforestation driven by agricultural expansion.”

The bill comes after nations at the COP26 summit agreed to work to end deforestation by 2030. It would impose two criteria on imports, requiring items to have been produced in accordance with the origin country’s laws, and not on land that has been deforested or degraded since the start of 2021.

It is not clear when the rules would come into effect; legislative proposals by the commission have to be debated and considered by both the EU Parliament and the Council of the EU before they are passed. The implementation of measures could potentially impact the EU’s trade relations with countries like Brazil, where clearing of the Amazon rainforest hit a new record in October.

During the recent COP26 climate summit, 110 world leaders – whose countries contain around 85% of the world’s woodland – committed to ending and reversing deforestation by 2030, pledging around £14 billion ($18.84 billion) of public and private funds towards the goal.

Like this story? Share it with a friend!

find more fun & mates at SoShow now !

At least two people were wounded by police gunfire in the Dutch city of Rotterdam after a protest over renewed Covid-19 restrictions spiraled into a violent riot, seeing demonstrators torch a squad car and clash with officers.

A large crowd of protesters showed up at Rotterdam’s iconic Coolsingel street on Friday evening to denounce a new round of pandemic measures, including an ongoing partial lockdown, a ban on New Year’s Eve fireworks displays, as well as fears the government will impose a ‘2G’ pass system allowing only the vaccinated and those who’ve recently recovered from the virus to enter a long list of public places.

At least two people were wounded during the demonstration, a local police spokesperson told Reuters, adding the injuries were “probably” due to officers’ “warning shots” but also noting that “direct shots were fired because the situation was life-threatening” to law enforcement.

Footage of the heated protest circulated online, some clips showing a police squad car fully engulfed in flames after it was apparently torched by rioters.

Demonstrators were also seen launching fireworks at police, who appeared to respond with large quantities of tear gas, which at one point blanketed the area.

Local law enforcement said that officers deployed a mobile riot control unit to Coolsingel and unleashed water cannon on protesters who refused to clear the streets, also noting that some arrests were made after an emergency order was imposed to cordon off the area.

The Dutch government announced the fireworks ban earlier on Friday, saying it is meant to “prevent, as much as possible, extra strain on healthcare, law enforcement and first responders.” However, while private displays are prohibited, officials said that local governments may still put on fireworks shows so long as their Covid-19 restrictions allow it.

The Netherlands currently has a ‘3G’ rule in place, allowing the vaccinated, the recently recovered, as well as those who test negative for the virus to enter most public spaces. But as the country remains under a partial three-week lockdown to rein in growing infections, officials are now mulling the stricter ‘2G’ scheme, prompting the intense demonstrations seen on Friday night.

Think your friends would be interested? Share this story!

find more fun & mates at SoShow now !

AstraZeneca has announced that its preventative antibody cocktail offers 83% protection against symptomatic Covid-19 for at least six months, making it more effective than its own vaccine.

In a statement on Thursday, AstraZeneca cemented its lead in the race to develop and market a preventative Covid-19 drug, which is delivered as a shot in the arm. 

The drug, named AZD7442, reduces the risk of symptomatic Covid-19 by 83% over the course of six months, according to data from a trial in which participants were given one 300mg dose. There were no deaths or severe infections recorded within the trial group, it said. 

Read more

Paxlovid, a Pfizer's coronavirus disease (Covid-19) pill, is seen manufactured in Ascoli, Italy (FILE PHOTO) © Pfizer/Handout via REUTERS
Pfizer gets new $5.3bn boost over Covid

A separate trial showed the drug reduced the risk of severe Covid-19 or death by 88% when administered within three days of the onset of symptoms. 

“These new data add to the growing body of evidence supporting AZD7442’s potential … We are progressing regulatory filings around the world and look forward to providing an important new option against SARS-CoV-2 [Covid-19] as quickly as possible,” AstraZeneca Executive Vice President Mene Pangalos said in the statement. 

The Anglo-Swedish firm has agreed to supply the US government with 700,000 doses of AZD7442 if the Food and Drug Administration grants it emergency use, which AstraZeneca requested on October 5. The firm has similar agreements with other nations. 

The drug is created using a combination of two antibodies originating from immune B-cells donated by a recovering Covid-19 patient. 

The treatment could be used in people who are known not to respond well to vaccines, such as cancer patients. Around 2% of people are considered to be at risk of not creating enough antibodies following the administration of a Covid-19 vaccine. 

Based on the numbers, the drug appears to be more effective than the firm’s first-generation Covid-19 vaccine. Britain’s Zoe Covid study showed the effectiveness of the vaccine dropped to around 67% after four to five months. 

If you like this story, share it with a friend!

find more fun & mates at SoShow now !