 |
|
|
|||||
The Federal Emergency Management Agency faced fresh upheaval Thursday just weeks before the start of hurricane season when the acting administrator was pushed out and replaced by another official from the Department of Homeland Security.The abrupt change came the day after Cameron Hamilton, a former Navy SEAL who held the job for the last few months, testified on Capitol Hill that he did not agree with proposals to dismantle an organization that helps plan for natural disasters and distributes financial assistance.“I do not believe it is in the best interest of the American people to eliminate the Federal Emergency Management Agency,” he said Wednesday.President Donald Trump has suggested that individual states, not the federal government, should take the lead on hurricanes, tornadoes and other crises. He has been sharply critical of FEMA’s performance, particularly in North Carolina after Hurricane Helene.David Richardson, a former Marine Corps officer who served in Afghanistan, Iraq and Africa, will run FEMA for the time being. He does not appear to have any experience in managing natural disasters. He currently serves as the Department of Homeland Security’s assistant secretary for countering weapons of mass destruction.The administration made no statement about any potential permanent nominee. Nor did the White House answer questions about Richardson’s background, the impact of Hamilton’s testimony or whether the president personally ordered his dismissal.An administration official, who requested anonymity to discuss a personnel matter, said Hamilton was offered another government job that would be a better fit for him, but did not say what that job would be.FEMA staff were notified of the change in leadership through a brief email.Through a January executive order, Trump established a review council tasked with “reforming and streamlining the nation’s emergency management and disaster response system,” according to Homeland Security. The 13-member council is chaired by Noem and Defense Secretary Pete Hegseth.During Hamilton’s appearance before a House Appropriations subcommittee Wednesday, he shared concerns about how FEMA assistance is administered. He also said the agency had “evolved into an overextended federal bureaucracy, attempting to manage every type of emergency no matter how minor.”But when Rep. Rosa DeLauro, a Connecticut Democrat, asked Hamilton how he felt about plans to eliminate FEMA, Hamilton said he did not believe the agency should be eliminated.“Having said that,” Hamilton continued, “I’m not in a position to make decisions and impact outcomes on whether or not a determination such as consequential as that should be made. That is a conversation that should be had between the president of the United States and this governing body.”In a statement Thursday afternoon, DeLauro expressed support for Hamilton and accused the Republican president of firing “anyone who is not blindly loyal to him.”“The Trump administration must explain why he has been removed from this position,” said DeLauro. “Integrity and morality should not cost you your job.” Chris Megerian and Gabriela Aoun Angueira, Associated Press
Category:
E-Commerce
Since 1974, William Stout Architectural Books in San Franciscos Jackson Square has been one of the citys most iconic destinations for its seemingly endless stock of art, design, and architecture books. As the store was approaching its 50th year in business with a fresh owner, the Eames Institute for Infinite Curiosity, it discovered a problem: It had run out of stickers to label its books. Then it discovered another problemit didnt have a formalized logo to print more.But as luck would have it, a fairly competent design firm resided just across the street that offered to help: LoveFrom.Its a store we loved. And if we didnt get to design [their brand], it would have been like, we wish we could have done that! says Chris Wilson, designer at LoveFrom. Its something that falls into that category of projects we do for the love of doing themquite organic by just being in the neighborhood and going in the store.[Image: LoveFrom]The ongoing health and legacy of San Francisco is a core reason that Jony Ive founded his studio in his favorite neighborhood, Jackson Square, which sits in the shadow of the Transamerica Pyramid. Ive first visited the neighborhood in 1989, and fell in love with William Stout, along with other local gems. When he left Apple to build LoveFrom, he did so here, right next door to Laurene Powell Jobss Emerson Collective, around the corner from his hardware startup with Sam Altman called io Products. After acquiring nearly $90 million in real estate, Ive is a landlord to several businesses in the neighborhood where hes offered to lower rents, and LoveFrom has offered pro bono design services to many of its neighbors, like the local three Michelin star restaurant Quince, hoping that rising tides raise all boats. It all makes for a nice story. But the effect of this financial and creative investment on the ground level really has been something to watch. Ive visited the neighborhood several times over the past few years, and have witnessed firsthand how the once sleepy blocks are now bustling with activitylike a successful game of SimCity playing out IRL.The William Stout bookstore is a preservation project unto itself, acquired by the Eames Institute in 2022, ensuring that the beloved destination will stick around into the foreseeable future. We dont want it to disappear, says Lauren Smith, chief experience officer at the Eames Institute, who takes our call from deep in the William Stout stacks. Its important to the San Francisco design community and the neighborhood. There arent many architecture book stores left in the world.[Image: LoveFrom]Rebuilding a brandWhen Wilson and fellow LoveFrom designer Antonio Cavedoni (who in a past life developed Apples San Francisco typeface) began searching for the stores original logo, they learned William Stout never really had one; instead, the companys small sign wrote out the stores name in the typeface Washington upon a square placard, and that seemed to inform letterheads and other brand assets. It was a bit quirky and a bit architectural, but it didnt feel codified into a larger, scalable brand system. We kind of thought there was something to hold onto there, says Wilson. Theres a lot of stuff that was a bit odd and a bit weird. We loved some of that, but we just wanted to rationalize these things.The team started by breaking down the core square into five equal quadrants. Then, they looked more closely at the typeface to fill them. Washington was a contemporary (albeit retro) typeface when the store opened. A mix of serif and sans serifs, some of its cleaner geometries (like a perfect circle O) made it appealing for a design store, but the Art Deco stylewhile spiritedfelt too prescriptive of one particular era to represent the entirety of William Stouts purview.[Image: LoveFrom]The obvious choice would have been to do what many do in this situation (and indeed, what William Stout had to do fill some of its brand needs throughout the years): opt for Futura, a now ubiquitous geometric typeface that has similar qualities to Washington. But instead, LoveFrom modified Washington into a new typeface it calls LF Washington with permission from Russell Bean, the creator of the typeface. Designers evened out the cap heights of Washington, while lowering the midlines that made for the high waisted Art Deco look. Meanwhile, LoveFrom drew new numbers that moreclosely align with the new letterforms.LF Washington sings on William Stouts new sign. (The LoveFrom industrial design team created it custom out of enameled steel.) But it also looks straightforward as it balances atop photos to promote William Stout events. For times that the typeface needs to be more expressive, or playful, Cavedoni was inspired by another 1970s typefacesAvant Gardeapproach to ligatures with its overlapping Os and letters nested inside other letters. Later, Cavedoni was joyed to discover that Frank Lloyd Wright took an all-around similar approach in his own branding, making all these decisions feel pretty appropriate for an architectural bookstore.[Image: LoveFrom]The brand beyond the typeAs the team considered the brand colors, it started with those on the original sign: black, white, and red. LoveFrom mostly stuck with this color system, but it expanded a palette of synergistic hues inspired by two of Le Corbusiers famed color studies. LoveFrom contracted illustrator Satoshi Hashimoto to create a series of illustrations. His vaguely mid-century cartoon style captures a kinetic energy that, as Wilson explains, juxtaposes the more formal architectural typography. We wanted to soften [the type] with the warmth of what it feels like to walk in the store, says Wilson. Theres some jazz playing, the doors open, and you see the light inside the store.Its yet another illustration of LoveFroms sense of whimsy offsetting its stricter approaches to geometry. These illustrations are perfect tote bag or T-shirt fodder, but they also introduce a subtle and sweet part of William Stouts e-commerce UX.Anyone visiting the newly launched William Stout website will be welcomed by an illustration of the shops storefront, drawn by Hashimoto. But what they might not realize until visiting again is that this storefront (and its solitary tree) changes with the seasonsyellow in the fall and adorned with multicolor lights in the winter. The front door is sometimes open and sometimes closed (matching the open/closed hours of the building). And if you look really closely, you will spot a bird somewhere in the scenewhich was something of a mascot for Ray and Charles Eames. Click on it, and youll be ushered to the Eames Institute. While not technologically complex, the evolving illustration a clever way to bridge a physical store with a digital shop that Im a bit surprised I havent seen before.The website is definitely a way for us to get a bigger reach; were a very small square foot storefront in San Francisco, says Smith. But we want that shopping experience to feel like coming into the store.The new William Stout brand and website is live today.
Category:
E-Commerce
When the state of New York adopted a new whole-of-state approach to cybersecurity a few years ago, encompassing everything from transit to schools to power and water supplies, officials were still reeling from an attack that plunged part of Long Island into the paper-and-fax era of the 90s. Just before Christmas in 2021, a group of hackers, leveraging aging systems and outdated firewalls, quietly slipped into a computer in the Suffolk County clerk’s office and began spreading out across the network. It didnt help that, over the following months, local officials ignored multiple warningsincluding from the FBIthat something was amiss. When a ransomware attack eventually began months later, city services, including 911 operations, were knocked offline; some websites were out for months. Even though it didnt pay the ransomthe hackers, linked to the group AlphV/BlackCat, would lower their demand to $650,000the county eventually paid over $25 million to get its systems back up. The damage didn’t stop there either, with the data of residents and employees, such as Social Security numbers and drivers license numbers, still floating around the dark web. The next year, Gov. Kathy Hochul made moves to step up the states cyber posture, including boosting cyber spending and launching a statewide cyber strategy, an approach that unifies services and integrates local governments into its larger plan. As part of a 2023 regulatory overhaul, public and private entities across the state are now required to take specific measures to secure systems and to disclose cyber incidents and ransomware payments to the state. In 2022, Hochul also appointed the states first chief cyber officer, Colin Ahern, to lead cross-agency efforts to keep New York safe from attacks. Previously first deputy director of New York Citys Cyber Command and acting chief information security officer for the city, Ahern got his start in cybersecurity in the Army reserves. He retired as a company commander in the Army Cyber Brigade, where he oversaw the creation of a specialized cyberspace operations organization. Gov. Hochul named Colin Ahern New York’s first chief cyber officer in 2022 [Photo: Office of Governor Kathy Hochul] Given his resumé, Ahern is particularly attuned to the ways governments at all levels can collaborate around better cybersecurity. For years, New York and other states have relied on federal support in the form of information sharing and technical resources backed by the Cybersecurity and Infrastructure Agency (CISA), as well as millions in cyber funds. A four-year, $1 billion federal grant program that launched in 2022 has proved especially helpful for cash-strapped localities, where IT resources are stretched thin, technology is be out-of-date, and security practices may be minimal. Still, states need more help: Nearly two in five state-level CISOs say they are not getting the support they need to keep threats at bay, according to a Deloitte survey last fall. And that number could rise: at CISA, recent budget cuts have decimated technical services states rely on, and put those federal funds at risk. Fast Company spoke with Ahern about the impact of the federal cuts on states, the role that Washington can and should play in state-level cybersecurity, and the AI-backed threats that keep him up at night. This interview has been edited for clarity. There are big questions now about how cuts in Washington are impacting cybersecurity at the state and local level. But before all that: what does the threat landscape look like right now? The threat landscape continues to deteriorate really across two axes. Number one: we see a significant convergence, really accelerating in the last three or four years, that collapses the distinction between different threat actors. There are the advanced persistent threat actors [APTs], aka nation-state actors, like those interested in espionagelike the so-called Salt Typhoon hacks allegedly perpetrated by the Chinese Ministry of State Security against the telecommunications industryor military-focused preparations for cyber warfare. That includes Volt Typhoon, the alleged penetration by the People’s Liberation Army of China into our critical infrastructure, including water and power and other things. The third category has always been financially motivated cybercrime of varying degrees of sophistication. On the low end, script kiddies, hacktivists, individuals. And on the high end, the increasingly accelerated professionalization of the cybercrime industry, magnified by a couple of things. Most principally, the ability to rapidly monetize the access to these systems via ransomware, and then extract value from those compromises in the form of a double extortion. And the whole ransomware ecosystem. Right now, what we’ve seen is this convergence, a collapse from these three distinct groups, with their three distinct capabilities and three distinct target sets and three distinct motivations. We’re now seeing a collapse into everything and all of the above. You’re seeing Russian state-affiliated actors, astroturfing or moonlighting as ransomware operators. You’re seeing an increasingly blurred distinction between espionage and cyber warfare, like Salt Typhoon and Volt Typhoon. And then you’re seeing the capabilities resident in these three different threat actor groups really not become that distinct at all. And that’s not because everyone’s getting worse. That’s actually because everyone’s getting better. And on top of that, everyone’s getting better at the same time as increasing government digitization, post-COVID consumer expectations, and other things. People have more and more technology systems, and they expect more and more of them. And that increases the threat surface. So the convergence along these two axes really means that everyone really has to raise their game. How has New York State’s upped its ame in recent years? I think New York State has a very important and powerful story to tell. In August of ’23, the governor released the state’s first ever whole-of-state cybersecurity strategy, and it really laid out a vision for making the state more unified by increasing access to cybersecurity tools and services, and making us more resilient by continuing to invest in critical infrastructureespecially lifeline critical infrastructureboth from a capital, grant perspective, but also in minimum standards that the state can promulgate. There’s also a focus on preparation, because we can either succeed together or we can fail separately. We’re in the final stages of our budget, and we have several legislative and financial enhancements to the state cyber posture that the governor has made since she got into office. For example, she’s doubled the size of the Cyber Analysis Unit, the Computer Crimes Unit, and the Internet Crimes Against Children’s Center at the New York State Police. She’s invested tens of millions of dollars in shared services for local governments. Her shared services program covers nearly 100,000 government computers in 55 counties in more than 30 cities, villages, towns, police departments and sheriff’s offices across the state. So the governor has, I think, an extremely impressive record of delivering efficient, scalable, value-added services to local governments and county governments especially, who are under-resourced to say the least. Are there things that are really keeping you up at night now, in terms of types of attacks and types of targets? I have two little kids, so a lot of stuff keeps us up at night but I would say artificial intelligence. We’ve really seen the ability of AI to rapidly enhance the capability of moderately sophisticated threat actors. A person who knows their way around Kali Linux, a person who knows what a git commit is, who now can, with the use of AI, really enhance their own capabilities. Say you have a situation in which you have a very popular open source package, then there’s a new path release for that open source package. Previously, to reverse engineer a security vulnerability from a recent software patch is both time consuming, tedious, error-prone and requires non-trivial expertise. So we’re not saying that Joe, Josephine, anybody could do this, but you take a person who kind of knows what they’re doing already and knows what they want: Now, with the aid of AI, they themselves can do work that used to take other very highly-skilled people days or even weeks. They now have the ability to rapidly reverse engineer software packagesin particular, open source packages where the source code is therefore widely known and inspectableand then rapidly extract the vulnerability, weaponize that vulnerability in the form of an exploit, and then use that. So AI is really reducing the flash-to-bang time of patch-to-exploit: Where it used to be seven days, 15 days, 30 days, now we’re seeing one day, two days, three days. And those were capabilities that only APTs used to have. Now you can go on Hacker News and find out how to do it. How would you describe the role of the federal government in the state’s cybersecurity? We think the state has been a good partner to the federal government. We have partnered closely. And it’s no secret that we’re watching with concern, like many, the cuts across federal agencies, the lack of confirmed leaders in key positions, and overall signs of that nature. In a circumstance where world events continue to conspire to make cyber increasingly relevant and important, states have tools. But states need the federal government to lead on coordination, unification, major incident response. And that’s not even to mention there’s things that only the federal government can do, be they offensive or interstate or other issues. Are there other things that you think the federal government is best positioned to do when it comes to cybersecurity? And what benefits to states are you most worried about losing? I actually led a bipartisan public comment at the end of the Biden administration on the CIRCIA (the Cyber Incident Reporting for Critical Infrastructure Act). This was actually legislation passed in Trump 1 about the required disclosure of cyber attacks. So we think that one of the things that only the feds can really do is this information sharing and operational collaboration. Our commentwhich was signed by South Carolina and Ohio and New Jersey and on and onreally talked about how states and the federal government need to not just share information, but collaborate, in order to resolve the impacts that we potentially see from devastating cyber attacks, especially those against critical infrastructure. Everyone’s talking about supply chains these days, but a damaging cyber attack could very well take a long time to replace if those systems need to actually be replaced. Many are confused about what the funding cuts in Washington will mean for state cybersecurity. I wonder what it looks like from your side: are people scrambling to try to figure out contingencies for the future? Are they scratching their heads? All the above. Good information can be difficult to come by, but we continue to engage with our federal partners and our elected representatives in both houses, in both parties. But we’ve made very clear publicly and otherwise to the administration that we have partnered with the federal government for decades on these issues, and we want and expect that to continue. And obviously we’ve been worried about some of the enormously concerning reporting we’ve seen out of Elon Musk’s DOGE about data. We want Republicans, we want Congress to exercise their oversight powers, like the governor has said on numerous occasions. Do you think that there are certain things that need to change in terms of how the federal government and the states think about cyber? Do you see reasons for optimism? I think there is some optimism. I would note that the two most significant advancements in the capabilities of the US governmentto coordinate defensive activity and even prosecute and hold our adversaries at riskhappened really under Trump’s first administration, with the creation of the Cybersecurity Infrastructure and Security Agency, and the significant expansion of their capabilities, resources, and appropriations. Then, I think there were some significant coordination advancements under Biden’s term, including the first national cyber director. So we’d like that forward momentum to increase and even increase in pace. But it remains to be seen how that’ll play out. One thing I would note is, there have been some recent bipartisan moves to take a hard look at how we’re organized in cyber. In December of last year, there was an amendment added to the National Defense Authorization Act talking about the need to study how the U.S. government and especially the Dept. of Defense is organized in cyber, a.k.a., The Cyber Forces study [to examine the viability of a new armed service]. It was actually watered down at the end of the Biden administration, but it remains in the law, and I think there’s wide acknowledgement that we need to take a look at how we’re organizing. And that amendment had bipartisan support and multiple sponsors in both parties in Congress, so I think there’s some optimism on that front. Speaking of bipartisanship, how do you think about the political tint that’s shaded the conversation about cybersecurity? It’s unfortunate, because I think there’s wide acknowledgement that we need to essentially do two things at once, and do them even faster and better than before. On the one hand, we all need to collectively raise our game because the adversaries are continuing to raise theirs, and that means falling in love every single day with the basics: multi-factor authentication, patching systems, risk management, certain response plans, et cetera. And on the other hand, our adversaries are seeking to do bad things, and we need the capabilities, especially those that can only be resident in the federal government, to deter them in cyberspace. And we should be very clear about what we find not acceptable: attacks against critical infrastructure, hospitals and schools, et cetera. And we could be somewhat circumspect in the manner in which we will deter our adversaries. We wouldn’t wanna give ’em a playbook or anything like that, but certainly the use of economic tools, sanctions, some of the indictments that have come down from the Dept. of Justice, naming and shaming cyber actors, including Russians and Chinese ones, and obviously offensive cyberspace operations. We need all of those tools to be ready, willing, and able to be used in furthering our national interest. Where do you see the US’s interest in offensive capabilities, in more aggressive actions, fitting in alongside a defensive mindset? Retired Rear Admiral Mark Montgomery and I wrote a piece in the Washington Post talking about some recent reportingwhich was later denied in some fashion, ex post factoabout cessation of planning for Title 10 [offensive] Russian cyber operations. So we’re on the record as saying that we need an all-of-the-above approach, and we need to be planning. But in addition to that, I do think that the Trump administration has been very clear that they seek to hold our adversaries at risk, that they are interested in deterrence. They’ve made no secret of that, and I applaud that. It just seems reasonable that we can’t expect different results with the same capabilities, the same organizations, so time will tell. Senator Kristin Gillibrand from New York has been extremely influential on the issue of the Cyber Forces for many years. We’ve worked closely with her staff, and I’ve written publicly in support of her amendment [requiring the Pentagon to study the creation of a Cyber Force]. But like I said, it would be unfortunate for that to be caught up in the political maelstrom that it potentially could be. Trade wars tend to escalate cyber tensions too. How much of a concern are the White House’s tariffs from a cybersecurity perspective? I think a significant concern, and the governor has been extremely vocal and clear on the role of uncertainty and the importance of our trade partnerships, especially our partnerships with our NATO allies. New York is the gateway to Europe, as she said. But we also have an extremely close relationship with Canada. One thing I’d say on the tariff front isand the governor actually has met with the counsel general, and has discussed this ad nauseum publicly: we have important projects that deliver power from Canada, our close trading partner. One is called the Champlain Hudson Power Express. It brings hydro electric power north from Canada and south into New York. And I don’t know if you’ve heard of this thing called artificial intelligence, but it requires enormous amounts of power [laugh]. And for us to maintain our competitive edge, New York is actually in the process of building one of the largest semiconductor software foundries in the world: Micron Technologies, tens of billions of dollars of investment, tens of thousands of direct and indirect jobs. And so these tariffs: obviously the economic uncertainty, the impact to real people’s lives, bank accounts, is important. But for us to maintain an edge in cyber, AI and semiconductors, we need our trading partners. We need clean energy. And these are not issues that happen in silos or vacuums from each other.
Category:
E-Commerce
All news |
||||||||||||||||||
|
||||||||||||||||||