House Science Chair Attacks Kaspersky, Wants Vote on NIST Cyber Framework Bill
The House should take up HR-1224 to move forward with the cybersecurity framework developed by the National Institute of Standards and Technology, said House Science Committee Chairman Lamar Smith, R-Texas, at a Wednesday hearing. The NIST Cybersecurity Framework, Assessment, and Auditing Act would require the agency to ensure the framework builds security standards at the beginning of a system's life cycle, builds trustworthy and secure components into systems and applies well-defined security design principles throughout systems. Smith took aim at Kaspersky Lab, calling the company a once-reputable firm creating "significant risk to U.S. security" by enabling the Russian government and global criminal hackers to exploit government software, now banned by the General Services Administration. Kaspersky defended its performance, saying it did a "thorough review" and was aware of only one malware breach. Smith said the committee would continue its investigation into Kaspersky's activities and asked the public to share any information about threats from the company's products.