By Tim Starks | 12/06/2017 10:00 AM EDT

With help from Eric Geller, Martin Matishak and Doug Palmer

BIG CYBER TASKS AHEAD FOR NIELSEN - A new secretary's on her way to the Homeland Security Department, and she will have her hands full with cybersecurity the moment she walks in the door. The Senate voted to confirm Kirstjen Nielsen for the job on Tuesday.

She inherits a great deal of work. The department is in the midst of implementing two high-profile government-wide directives, one for agencies to remove software manufactured by Russia-based antivirus company Kaspersky Lab and another for agencies to subscribe to a standard that would prevent their emails from being spoofed. DHS officials have also been pushing Congress to get its main cybersecurity wing, the National Protection and Programs Directorate, renamed and reorganized into a Cybersecurity and Infrastructure Security Agency. Nielsen said she backs that proposal. And as it stands, NPPD has no permanent leader.

She also has her own ideas. Nielsen has said she would like to explore whether FEMA's disaster response model could apply to cyber incidents. She also has talked about reevaluating FEMA grants and how they could potentially be better used on cybersecurity, deploying DHS cybersecurity personnel to the private sector for short-term assignments and establishing a way for the private sector to give DHS the best feedback possible on cyber threat information sharing.

Then there are the threats of the future. Amit Yoran, a onetime cyber chief at DHS, said internet-connected devices will be a challenge for Nielsen. "The explosive growth of [the internet of things] has created a massive gap in agencies' ability to understand their cyber exposure," said Yoran, now chairman and CEO of Tenable. "DHS plays an important role in closing the cyber exposure gap through efforts like the Continuous Diagnostics and Mitigation program, which helps agencies get real visibility into their networks and systems." Yoran said he was confident Nielsen was up to the task.

The 62-37 Senate vote suggests Nielsen will have partial bipartisan backing of Congress at least early on, but she will have to win over some skeptics. "There is still much we do not know about Ms. Nielsen's plans for the department," said Rep. Bennie Thompson, the top Democrat on the House Homeland Security Committee. "She still must show us she has the ability lead a workforce of 240,000 while keeping the country safe and secure," he added, echoing a theme of the concerns some have about her management experience. Others worry about her prior role serving under White House chief of staff John Kelly. "Ms. Nielsen failed to demonstrate that she would provide the steady, experienced leadership - free from political interference from the White House - that the department needs," said Senate Homeland Security panel member Maggie Hassan, who voted against confirming Nielsen.

HAPPY WEDNESDAY and welcome to Morning Cybersecurity! Dear editor Cory: Your MC host is showing up dressed as Batman tomorrow because I'll do my job better. Send your thoughts, feedback and especially tips to tstarks@politico.com and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

TERRORISTS FINDING NEW HOME IN CYBERSPACE? - The Islamic State in Iraq and Syria has seen its territory shrink and are turning to cyberspace to push their agenda, Senate Homeland Security Chairman Ron Johnson is expected to say at a hearing of his committee today. "The enemies we defeated in [ISIS headquarters] Raqqa are exploiting the frontier of cyberspace," Johnson's prepared opening remarks read. "There they seek to leverage social media to recruit vulnerable minds to carry out attacks on their behalf. This is the new phase of the threat facing our homeland." The hearing is focused on how "terrorist recruitment, planning, and attacks are evolving with new technology," according to an announcement. Witnesses include experts from the Defense Department, Office of the Director of National Intelligence, FBI and Homeland Security Department.

BAD NEWS FOR BEIJING - Eight in 10 companies are concerned about a new Chinese cybersecurity law that could force tech firms to hand over decryption keys to Beijing, according to the U.S.-China Business Council's annual member survey . And almost nine in 10 said they were worried about China's "policies on data flows and technology security" in general, according to the survey, which was released today. Intellectual property theft - a major point of contention in the U.S.-China cyber relationship - concerned 51 percent of respondents, while China's domestic restrictions on foreign IT providers concerned 55 percent of respondents.

Of the 82 percent of companies that said China's cyber law worried them, 37 percent said they were "very concerned." Beijing has defended the law, arguing it is necessary to help the country protect its digital ecosystem from hackers and criminals.

** A message from Leidos: As cyber threats continue to grow broader and more nefarious, modernizing and securing the government's IT infrastructure is increasingly critical. Tim Reardon, president of Leidos' Defense and Intelligence group, answers our questions on what it takes to modernize defense and intelligence in a complex world: http://politi.co/2ilnK4K **

HIGH PROFILE FRIENDS OF THE COURT - A roster of former top national security and cybersecurity experts filed a legal brief Tuesday supporting a challenge to the president's voter fraud commission, saying its data collection presents a privacy threat because it's a lure for hackers. Among the top officials signing the brief are the former director of national intelligence, James Clapper, and the former head of the National Counterterrorism Center, Matt Olsen. In a statement, Olsen invoked the 2016 digital election meddling.

"We should do everything we can to increase our defenses against such attacks," he said. "To that end, the Commission on Election Integrity should ensure that it has established basic data security measures as it sets about gathering the highly sensitive information of millions of Americans into one centralized, potentially vulnerable location where the database may quickly become an appealing target for foreign powers and criminal enterprises alike."

FRAMEWORK, FORWARD! - The technical standards agency NIST on Tuesday released a new draft of the planned update to its cybersecurity framework, adding information about supply chain security, vulnerability disclosure and identity verification. The second draft of Version 1.1 of the framework also adds an emphasis on the importance of metrics in companies' self-assessments.

NIST first published the framework in 2014 to help companies assess their cyber risks, and it has spent the past three years tweaking and adding details based on pubic feedback. For the second draft of the update, NIST incorporated feedback from January's first draft and a May workshop. The agency will accept comments on the new version until Jan. 20, and it said it plans to publish the final 1.1 update in the spring.

"While this document was developed to improve cybersecurity risk management in critical infrastructure, the framework can be used by organizations in any sector or community," NIST says in the document's executive summary. "The framework enables organizations - regardless of size, degree of cybersecurity risk, or cybersecurity sophistication - to apply the principles and best practices of risk management to improving security and resilience."

THE PLOT THICKENS - Russia's former top cyber spy - who was arrested for treason earlier this year - is linked to the digital attacks on the 2016 U.S. presidential election, Russian startup news site The Bell reported . Sergei Mikhailov, the deputy chief of the cyber wing of Russia's Federal Security Service, or FSB, was arrested in January along with three others, including the leader of a hacking ring. The arrests - which occurred weeks after the U.S. intelligence community released a report blaming Russia for meddling in the presidential campaign - sparked rumors that the Kremlin was searching for an American mole. "The four men have been hidden away from everyone, to make sure they don't give away any sensitive information," according to a lawyer for one of the defendants.

As the English-language Moscow Times noted: "The New York Times in January had already connected the arrest of Mikhailov and his team to the DNC hack, citing unidentified sources, but this is the first time Russian sources have linked the former FSB official with leaking information about the hack."

RECENTLY ON PRO CYBERSECURITY - Cyber researchers believe the suspect behind the dismantled Andromeda botnet is "one of the oldest and more highly respected members of the criminal underground." ... House Democrats touted a report that found President Donald Trump has failed to curb Russia's digital antagonism. ... Senate Judiciary Committee Democrats are wondering if the GOP-led panel really wants to dig into ties between administration officials and Russia. ... "The Justice Department has spent $6.7 million on its probe into Russian meddling in the 2016 election in the four-and-a-half months after special counsel Robert Mueller's appointment." ... European regulators said the EU-U.S. data transfer deal has a "number of significant concerns" on privacy. ... Former House Judiciary Committee ranking member John Conyers is resigning.

TWEET OF THE DAY - You know, spearphishing kinda sounds like an Olympic sport.

QUICK BYTES

- Donald Trump Jr. asked a Russian lawyer in a summer meeting for dirt on the Clinton Foundation, according to documents. NBC News.

- Chinese hackers have designed phishing campaigns mentioning Roy Moore, Harvey Weinstein and Hillary Clinton in an attempt to target law firms, according to FireEye. CyberScoop.

- The new head of the National Cybersecurity Federally Funded Research and Development Center said he wants to demystify cyber. The Hill.

- U.K. regulators don't think banks are telling them about all the cyberattacks they're facing. Bloomberg.

- Barclays Bank is no longer offering free Kaspersky Lab software to new users. The Register.

- "Facebook Allowed Political Ads That Were Actually Scams and Malware." ProPublica.

- The Army launched a cyber pilot program. Military.com.

That's all for today. It's a good thing MC responsibilities do not include bomb disposal.

Stay in touch with the whole team: Cory Bennett (cbennett@politico.com, @Cory_Bennett); Bryan Bender (bbender@politico.com, @BryanDBender); Eric Geller (egeller@politico.com, @ericgeller); Martin Matishak (mmatishak@politico.com , @martinmatishak) and Tim Starks (tstarks@politico.com, @timstarks).

** A message from Leidos: For nearly three decades, Tim Reardon has helped solve some of the world's toughest security problems, first as a CIA officer, now as the president of Leidos' Defense and Intelligence Group. Each year, his job gets tougher: "The environment gets more dynamic, more complex, and broader" Reardon notes.

With customers spread across many sectors, from deep in the government to the private sector, Reardon leads a group with an ever-expanding mission. Fortunately, Reardon has access to a Leidos team of thousands of experienced security professionals, ranging from leading academic voices to veterans of the defense and intelligence communities. "The intellectual power of our workforce," he says, "is the winning Leidos advantage."

POLITICO Focus recently sat down with Tim Reardon to discuss how Leidos is taking the lead in solving the world's toughest security challenges. Read more here: http://politi.co/2ilnK4K **

To view online:
https://www.politico.com/newsletters/morning-cybersecurity/2017/12/06/newly-confirmed-nielsen-inherits-expansive-dhs-cyber-agenda-042364

To change your alert settings, please go to https://secure.politico.com/settings

This email was sent to contact@emailingnewsletter.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to unsubscribe.