Recorded Future News Recap: The Biggest Stories Coming Out of RSAC 2023

Posted: 1st May 2023
By: Tom Wentworth
Recorded Future News Recap: The Biggest Stories Coming Out of RSAC 2023

In case you could not attend last week’s RSA 2023 Conference, we have prepared a comprehensive recap of the most significant cybersecurity stories reported across the Recorded Future News network. You’ll find stories about:

  • UN Cybercrime Treaty's first draft, set to be released in June
  • US Navy's progress in enhancing its cyber capabilities under Principal Cyber Advisor Chris Cleary
  • The Department of Homeland Security's advocacy for the establishment of the Cyber Safety Review Board
  • The NSA's warning regarding ransomware attacks on Ukraine and Western supply chains
  • Ukraine's appeal for the International Criminal Court's involvement in addressing destructive cyberattacks
  • The forthcoming implementation of the Biden administration's national cyber strategy
  • The Department of Justice's guidance for CISOs
  • The successful efforts of US cybersecurity agencies in countering Iranian hackers during the 2020 presidential election

Not a subscriber yet? Click here to sign-up and stay informed of all the latest developments in cybersecurity, including insights from industry leaders and experts.

First draft of controversial UN Cybercrime Treaty slated for June

The first draft of the UN Cybercrime Treaty will be released in June after years of debate and concern over what the document might cover.

The UN General Assembly voted in December 2019 to begin negotiating a treaty centered around cybercrime after Russia took issue with a previous agreement – the Budapest Convention – and demanded something new to address the issue.

Jane Lee, senior counsel for computer crime and intellectual property at the U.S. Justice Department, said at the RSA Conference Thursday that she had just returned from the fifth negotiating session in Vienna, explaining that progress was made on an initial draft that will be released on June 28.

US Navy’s top cyber adviser on why the service ‘fell behind’ and how it’s catching up

Chris Cleary’s tenure as the Department of the Navy’s principal cyber advisor (PCA) got off to an awkward start.

The post, created by the fiscal 2020 National Defense Authorization to give each military department a single voice on cyber, came after the Navy revamped its chief information officer and its portfolio of responsibilities.

“When the PCA showed up in the beginning, most people might have looked at it as a redundancy,” according to Cleary, who previously worked as the service’s CISO.

“Trust me, that was not lost on me.”

Today, the position is “a lot better established” and helmed the rollout of the department’s Cyberspace Superiority Vision, a two-page preamble to its forthcoming cyber strategy that stresses the principles of “Secure, Survive, and Strike.”

The Record interviewed Cleary on the sidelines of the RSA Conference in San Francisco to discuss the new mantra, how Congress has pushed the department to step up its cyber game and the future of warfare.

DHS pushes Congress to formally establish Cyber Safety Review Board

A senior Department of Homeland Security official confirmed Wednesday that DHS is working with Congress and the White House on a bill that would codify the Cyber Safety Review Board (CSRB) — a brand-new effort for examining significant cybersecurity incidents.

DHS wants legislation that would formally authorize the board’s funding and grant it subpoena power to compel victims to speak honestly, said Rob Silvers, the undersecretary for strategy, policy and plans, at the RSA Conference.

NSA cyber director warns of ransomware attacks on Ukraine, Western supply chains

Russian hackers are attempting to inject ransomware into Ukraine's logistics supply chain and those of the Western countries that back Kyiv in its fight against Moscow, a senior National Security Agency official said on Wednesday.

“Wars are won and lost by logistics. And Russia painfully appreciates that because they are doing so poorly in their own logistics,” NSA Director of Cybersecurity Rob Joyce told reporters during a roundtable at the RSA Conference.

Ukraine cyber chief: Destructive cyberattacks should be referred to International Criminal Court

Ukraine’s chief of cyber and information security said destructive Russian cyberattacks on critical infrastructure should be referred to the International Criminal Court.

During a panel at the RSA Conference here, Illia Vitiuk, chief of the department of cyber and information security within Ukraine’s Security Service, told assistant director of the FBI’s cyber division Bryan Vorndran that he believes Russian military commanders responsible for cyberattacks on infrastructure like schools and power plants should be charged and convicted as war criminals.

National cyber strategy implementation will be ‘dynamic and iterative,’ acting National Cyber Director says

A plan to enact the Biden administration’s recently released national cyber strategy could be published within the next few months, according to a senior White House official.

An implementation plan for the policy blueprint could be available by “early summer,” Acting National Cyber Director Kemba Walden told reporters on Tuesday during a roundtable discussion at the RSA Conference.

DOJ urges CISOs to continue working with law enforcement ahead of Uber security chief’s sentencing

Deputy Attorney General Lisa Monaco urged cybersecurity and compliance leaders to continue working with law enforcement agencies, tacitly responding to concerns raised by cybersecurity officials after the conviction of Uber’s former security chief.

Joe Sullivan, who was himself a prosecutor before becoming Uber’s head of cybersecurity, will be sentenced next week after being convicted in October of two charges related to his attempted cover-up of a 2016 security incident at Uber, where hackers stole the personal details of 57 million customers and the personal information of 600,000 Uber drivers.

US gov’t stopped Iranian hackers who ‘gained access’ to 2020 election infrastructure

Two U.S. cybersecurity agencies took actions to protect the 2020 presidential election from Iranian hackers, and thwarted digital criminals who targeted a trio of federal agencies, senior officials revealed on Monday.

The two previously undisclosed incidents were shared by Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA) and Army Maj. Gen. William Hartman, the chief of the Cyber National Mission Force (CNMF), at the RSA conference here.

Besides covering all of the biggest stories from RSAC, Recorded Future also showcased their new Recorded Future AI product at this year’s conference. Get a personalized look at Recorded Future AI and other product innovation: