By Tim Starks | 10/12/2017 10:00 AM EDT

With help from Eric Geller, Martin Matishak, Ashley Gold and Li Zhou

'SAVVY' AT THE TOP - Cybersecurity experts are hailing President Donald Trump's decision to nominate Kirstjen Nielsen to be the next secretary of Homeland Security, as POLITICO first reported on Wednesday. Nielsen, who is White House Chief of Staff John Kelly's deputy and was his chief of staff when he led DHS, would be the first permanent secretary to have once served in the department. She is also an expert on cyber issues, having founded a consulting firm specializing in cyber risk and critical infrastructure resiliency. "Kirstjen Nielsen is a great choice. Her cyber experience will be quite valuable," tweeted Philip Reitinger, a former deputy head of DHS's cyber wing, the National Protection and Programs Directorate.

Before taking her DHS job earlier this year, Nielsen was a senior fellow at George Washington University's Center for Cyber and Homeland Security. During the Bush administration, she was a special assistant to the president and senior director for prevention, preparedness and response at the National Security Council. Frank Cilluffo, director at the GW center, told MC that Nielsen was "cyber savvy" and possessed "real expertise." Said Cilluffo: "This is someone who can speak to cyber from a governance perspective but also go toe-to-toe with an intelligence analyst on threat indicators." He said Nielsen developed a real understanding of cyber resilience before it was "in vogue," meaning she understands that successful attacks are inevitable and the need to withstand attacks is vital. She also understands the international side of cyber especially well, Cilluffo said, because she focused on it during a stint at the World Economic Forum. And Cilluffo said she'll naturally be well-equipped to pick a leader for the vacancies atop NPPD.

Nielsen's understanding of DHS's cyber responsibilities makes her a wise choice for the job, said Andrew Grotto, a former senior director for cybersecurity policy at the NSC. Grotto, who joined the NSC during the Obama administration but stayed to help the Trump team craft the president's cybersecurity executive order, praised Nielsen for her "awareness that DHS' ability to execute its cyber missions across critical infrastructure and federal networks requires the DHS secretary to remain actively engaged in managing her Department, engaging Cabinet peers, and building relationships with C-suite leaders within industry." He also told MC she was "smart, tough and experienced, and clearly has strong relationships with the West Wing - critical attributes for succeeding in one of the toughest jobs in the Cabinet."

The White House touted Nielsen's "extensive professional experience in the areas of homeland security policy and strategy, cybersecurity, critical infrastructure and emergency management." Senate Homeland Security Chairman Ron Johnson, whose committee will vet her nomination, also heralded her "cybersecurity experience." But Nielsen isn't guaranteed a smooth ride through Congress. Her very act of serving in the White House prompted worries from top House Homeland Security Democrat Bennie Thompson that she must not be a "political pawn" for the Trump administration. Thompson also raised questions about her role in the "botched" response to Hurricane Katrina.

HAPPY THURSDAY and welcome to Morning Cybersecurity! Your MC host wishes his cat would come over to him with this gesture. Send your thoughts, feedback and especially tips to tstarks@politico.com and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

FIRST IN MC: GAO TO PROBE FCC DDoS - The Government Accountability Office will investigate the FCC's cybersecurity posture, MC has learned, in the wake of what the commission said was a cyberattack on its comment filing system. Sen. Brian Schatz and Rep. Frank Pallone, both senior Democrats on their respective chambers' technology panels, requested the probe on Aug. 17, and a Pallone spokesman told MC on Wednesday that the GAO agreed on Sept. 8 to add the probe to its queue. "The work on this request will not begin until about six months when staff will become available," the GAO told the lawmakers in a letter, according to a Schatz spokesman. The GAO confirmed to MC that the agency would probe the FCC's digital security practices and that the work would not start for "several months."

TODAY: NORTH KOREAN CYBER WARNING HEARING - House Homeland Security subcommittee today will examine North Korean threats against the U.S. homeland, including cyber threats. The aforementioned Cilluffo plans to warn of an uptick in North Korean cybercrime, highlight steps Pyongyang is taking to fortify its own cyber defenses and urge greater cooperation between DHS, the FBI and Defense Department as key to defending federal networks and aiding the private sector.

An official from Symantec will testify to the panel about the North Korean government-linked Lazarus Group. "Lazarus' technical capabilities have improved dramatically in recent years, and we now view them as above-average in overall skills, and expert in some areas," reads written testimony from Jeff Greene, the senior director at the company for global government affairs and policy. "In particular, Lazarus has shown excellent skills when conducting reconnaissance and researching operations, and over the past three to four years the quality of the malware they are producing has increased dramatically." Lazarus Group didn't profit much off of the global WannaCry ransomware outbreak earlier this year, according to Greene, because it botched its collection mechanism, but it won't take the group much work to fix that for next time.

MORE ASPERSIONS ON KASPERKY - The House Science Committee announced Wednesday that it plans multiple hearings about Kaspersky Lab, the Russian antivirus firm whose products have become controversial in the United States due to suspicion it's a vessel for Russian spying. The first hearing is Oct. 25, when CEO Eugene Kaspersky is not scheduled to be a witness. Fears have prompted a ban for federal agencies - reportedly in part because Israel warned the United States that Russia was using Kaspersky products as a vehicle for espionage to find U.S. secrets, according to a report this week from The New York Times. But U.S. allies are taking no similar action. "There are no plans to warn against the use of Kaspersky products since the BSI has no evidence for misconduct by the company or weaknesses in its software," German spy agency BSI told Reuters in response to questions about recent media reports. "The BSI has no indications at this time that the process occurred as described in the media." There was a similar message in the U.K.

Despite vehement protests from Kaspersky, U.S. officials are increasingly convinced the company is a "witting partner" to Russian intelligence, reported The Wall Street Journal Wednesday, which first reported on how Russia infiltrated Kaspersky software used by an NSA contractor, nettng a trove of agency hacking tools. Per the Journal: "'There is no way, based on what the software was doing, that Kaspersky couldn't have known about this,' said a former U.S. official with knowledge of information gleaned in 2015 about how the software was used to search for American secrets. He said the nature of the software is such that it would have had to be programmed to look for specific keywords, and Kaspersky's employees likely would have known that was happening, this former official said."

AN RT PLOY FOR RTs? - State-owned news outlet Russia Today is trolling New York City and Washington, D.C. with a series of ads that garnered social media attention Wednesday. "Watch RT and find out who we are planning to hack next," one read. "Stuck in traffic? Lost an election?" another asked. "Blame us." Yet another: "The CIA called us a 'propaganda machine.' Find out what we called the CIA." Some of them ran within blocks of the White House. But the ad campaign is coming down in D.C. after federal officials said RT would have to register as a foreign agent, according to the network; some are skeptical of RT's claims, suggesting it was all a public relations stunt. An RT spokesperson scoffed at suggestions the "lost an election" line was a jab at Hillary Clinton.

TODAY: SANDBERG & CONGRESSIONAL BLACK CAUCUS - Our friends at Morning Tech have an extensive preview: Facebook Chief Operating Officer Sheryl Sandberg is set to huddle today with members of the Congressional Black Caucus, who've been pressing the social network to boost the diversity of its workforce and prevent Russian-linked entities from targeting groups like Black Lives Matter to sow racial discord. "We can't conclusively say these actions impacted the outcome of the election. But we can say that these ads caused harm and additional resentment to young people who unselfishly fight for justice and equality for African Americans and other marginalized communities," CBC Chairman Cedric Richmond said in a statement ahead of the meeting.

- A packed schedule: Sandberg huddled Wednesday with Reps. Adam Schiff and Mike Conaway, the heads of the House Intel Committee investigation, as part of her slate of meetings. Conaway noted that it's unlikely they will release the 3,000 Facebook ads that have been shared before the scheduled Nov. 1 hearing with tech companies. "We've asked for Facebook's help to help scrub any personally identifiable information, but it's our hope that when they conclude, then we can release them publicly," Schiff added. Conaway said he expects all
three tech companies to be present at the upcoming hearing. Google and Twitter have yet to announce their commitment for the House panel.

- Is self-regulation a possibility? Conaway told MT there wasn't enough information yet to
determine what the best next steps forward would be on the matter. "Before we can decide on a prescription for how you stop all of that, let's make sure we understand what happened," he said. Conaway said he hoped to share the targeting information behind the Facebook ads as well. "Not only here's what they did, but here's who they tried to influence," he said.

- And that's not all: Rep. Greg Walden was also among the lawmakers to meet with Sandberg Wednesday, along with House Majority Leader Kevin McCarthy. A Republican aide said Walden and Sandberg talked about the digital economy and cybersecurity along with Facebook's efforts to protect personal information and enforce its terms of use. She also met with House Minority Leader Nancy Pelosi as well as Rep. Anna Eshoo, whose district covers part of Silicon Valley.

- More questions: Rep. Eric Swalwell, a member of the House Intelligence Committee, said he didn't meet with Sandberg Wednesday but has had phone conversations with high-level Facebook executives in which he's urged them to identify "duplicate" advertisements - a Russian-sourced ad that may exist in the same form with a different funding source elsewhere on the platform. "It's knowable...they might have to write an algorithm to do it, but it would be interesting to know if the Russians were paying for it," he told Ashley. "If duplicates were sourced to other individuals we want to know who they are." Sen. James Lankford's office also confirmed that they he was among the ones that had gotten a call from Facebook related to the Russia investigation. Lankford has previously said that he's concerned about ongoing activity from Russian trolls aimed at stirring dissent over the NFL protests on social media.

RHODE ISLAND TAKES 'CRITICAL STEP' - Voting security experts are thrilled that Rhode Island will begin implementing sophisticated audits to check the results of its elections. The legislation , which Gov. Gina Raimondo signed last week, "is a critical step toward securing elections and acknowledging that computerized machines are not infallible and election interference from a foreign actor is no longer theoretical," Barbara Simons, president of the election technology group Verified Voting, said in a statement on Wednesday. The bill mandates risk-limiting audits, which analyze a statistically determined sample of ballots to evaluate the possibility that the overall results are incorrect. The state House passed the bill in a marathon session on Sept. 19. Rhode Island now joins Colorado as one of the few states to require risk-limiting audits after statewide elections. "We hope other states will follow Rhode Island's lead and adopt comparable measures," Simons said.

SMALL BUSINESSES GET A BOOST - The House on Wednesday approved legislation aimed at increasing resources for small businesses to safeguard their assets from hackers. The NIST Small Business Cybersecurity Act of 2017 (H.R. 2105) , approved by voice vote, directs the technical standards setting agency to consider small businesses when updating its widely-utilized cybersecurity framework. It also orders the agency to offer resources to small businesses that decide to use the federal guidelines. "While many small businesses do not have the expertise to protect their computer systems and confidential information, it is crucial to our economy and our citizens' security that these businesses secure their data," House Science Committee Chairman Lamar Smith said in a statement. Rep. Daniel Webster, who introduced the measure, noted reports that 43 percent of digital assaults target small businesses and they "are more susceptible to attacks due to the limited access to the tools they need to prepare for such an event." The Senate approved a companion measure (S.770) last month.

TAKING HOME THE CYBER GOLD - Hackers could target the increasingly digital Olympic Games, releasing sensitive personal information about athletes, infiltrating stadium systems or even disrupting scorekeeping that would send the wrong person home with the gold, a new report warns. The study from the Berkeley Center for Long-Term Cybersecurity names eight areas of risk for Olympic cybr meddling, including photo or video replays, transportation and "panic-inducing" hacks like broadcasting a fake terror alert on a stadium's visual systems. "Most serious would be physical harm caused to the athletes or spectators; in such a case, the event would be overshadowed and likely cancelled as a result of these more serious harms," the report states. "Attacks on the integrity of the sporting event would also be serious; though physical effects are less likely, interference with the outcome could result in a decreased sense of trust that would have lasting impacts on the sport," it adds. In a statement, Betsy Cooper, the lead author of the report and the center's executive director, said the hope is that "our research will help organizers of the Olympics and other major sporting events as they think about planning for security today and into the future."

RECENTLY ON PRO CYBERSECURITY - Senate Democrats up for reelection in 2018 are worried the Trump administration isn't doing enough to counter Russian election threats. ... The Justice Department won't say if Trump himself was ever a target of its Russia probe. ... "Tax professionals should beware of a new email that urges them to renew user agreements for web-based tools with the IRS, known as e-Services, because of a new phishing scam that's circulating, the agency said." ... Chinese industry groups said the Trump administration's investigations into tech transfer and intellectual property theft risks a trade showdown.

TWEET OF THE DAY - When you're absolutely not mad online.

PEOPLE ON THE MOVE

- Will Carty is leaving his job as Twitter's director of public policy for the United States and Canada to join the Network Advertising Initiative, an online advertising trade group, where he will serve as vice president for public policy. As a former aide to the House Energy and Commerce and Senate Commerce panels, he developed legislation on cyber and data security, among other issues.

QUICK BYTES

- Hackers say it's really easy to steal from the NSA's hacking squad. Daily Beast.

- "Russia Scores Temporary Win Against US on Cybercrime Suspect." The New York Times.

- Russian organizations have obtained Microsoft software despite sanctions. Reuters.

- Crypto anchors? Crypto anchors. Wired.

That's all for today. (Meow Ming is a friendly boy, but still a cat.)

Stay in touch with the whole team: Cory Bennett (cbennett@politico.com, @Cory_Bennett); Bryan Bender (bbender@politico.com, @BryanDBender); Eric Geller (egeller@politico.com, @ericgeller); Martin Matishak ( mmatishak@politico.com , @martinmatishak) and Tim Starks (tstarks@politico.com, @timstarks).

To view online:
http://www.politico.com/tipsheets/morning-cybersecurity/2017/10/12/a-cyber-expert-is-up-for-the-dhs-secretary-gig-222766

To change your alert settings, please go to https://secure.politico.com/settings

This email was sent to contact@emailingnewsletter.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to unsubscribe.