Cybersecurity

Wyden wants better cyber protections for lawmakers, staff

By Orhan Cam Royalty-free stock photo ID: 546416560 United States Capitol Building in Washington DC USA 

While the federal government and Congress offer a variety of cybersecurity resources to members and staff, they are apparently unable to make use of one resource that oversees Senate security, the U.S. Senate Office of the Sergeant at Arms, to protect their personal devices and accounts.

In a Sept. 19 letter to Senate leaders, Ron Wyden (D-Ore.) complained that cybersecurity personnel for the Sergeant at Arms office recently rebuffed requests for assistance made by unnamed senators and staff after they learned their personal devices and email were being targeted by nation-state hacking groups.

At least one major tech company, Wyden wrote, has been warning senators and staff that their personal accounts and devices were being targeted by nation-state hacking groups. Google later confirmed to AP that it had alerted Senate targets.

Wyden wrote that he was "alarmed" to hear from Sergeant at Arms office cybersecurity personnel that they believe they "may only use appropriated funds to protect official government devices and accounts."

Noting that the Department of Defense and intelligence community provide resources for employees to protect their personal digital communications, Wyden said he plans to introduce legislation to extend the cybersecurity authority of the Sergeant at Arms to the personal devices and email accounts used by members of Congress.

He cited an April 2018 letter from former NSA Director Michael Rogers calling personal devices and accounts for senior government officials "prime targets for exploitation."

In 2016, Linus Barloon, currently director of cybersecurity at the Office of the Sergeant at Arms, characterized his authority to mandate security protocols for individual members and staff as limited, because members have a large degree of autonomy over their own systems and networks.

"You can kind of look at it like state police," said Barloon. "We're responsible for securing the roads, securing the alleys, securing the streets and securing all those types of functions, but our security to some degree stops at the doorstep of the member's office," he said.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.