Senate Unanimously Passes IoT Security Act, Paving the Way for the President’s Signature
On November 17, 2020, by unanimous consent, the United States Senate passed bipartisan legislation to secure internet connected devices—The Internet of Things (IoT) Cybersecurity...
Bill to Secure Federal Government’s Connected Devices Heads to the President’s Desk
In a rare bipartisan move, a bill that would bar federal agencies from purchasing internet-of-things devices that do not adhere to NIST security guidelines has unanimously passed in the Senate. The bill passed the House in September, and now goes to the president’s desk to be signed. The bill calls for NIST to develop guidelines […]
NIST Has a New Cybersecurity Companion Guide
Having just finished a multi-year revision of what you might call the bible of cybersecurity controls, the National Institute of Standards and Technology cybersecurity crew has a new, companion guide. NIST Fellow Ron Ross joined Federal Drive with an update. Listen to the podcast at Federal News Network
OMB Sets New CDM Data Standards Deadline for Agencies
In a recent memo on FY2021 requirements under the Federal Information Security Management Act, Office of Management and Budget director Russ Vought established new agency deadlines for implementation of continuous diagnostic and mitigation programs. By the end of FY2021, agencies must certify that they have implemented the CDM Program Data Quality Management Plan and are […]
Naval Academy Cyber Operations Awarded NSA Designation
The Naval Academy is now one of 22 educational institutions to be granted a Center of Academic Excellence in Cyber Operations by the National Security Agency, the only one designated so far this year. The academy had to meet several “knowledge points” to demonstrate that it met NSA standards. For the midshipmen who graduate from […]
Canada’s Proposed New Privacy Law – Summary of Business Impacts
Bill C-11 (the Digital Charter Implementation Act) was introduced on November 17, 2020. It consists of two parts – Part I, which would enact the new Consumer Privacy Protection Act (CPPA), and Part II, which would enact the legislation to establish the Personal Information and Data Protection Tribunal (Tribunal). It also incorporates previous amendments made to PIPEDA in […]
New Federal Bill Set to Reform Canada’s Private-Sector Privacy Law
On November 17, the Honourable Navdeep Bains, Minister of Innovation, Science and Industry, introduced Bill C-11, the Digital Charter Implementation Act, 2020. If passed, this highly anticipated bill would overhaul the federal government’s approach to regulating privacy in the private sector by repealing the parts of the Personal Information Protection and Electronic Documents Act (PIPEDA) that regulate the […]
New “Basic Assessment” is a Bridge to CMMC for Defense Contractors
The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to...
More GSA Guidance on Section 889’s Prohibition on Contracting with Entities Using Certain Telecommunications...
Federal agencies, particularly the General Services Administration, continue to publish guidance relating to the prohibitions of Section 889 of the FY 2019 National Defense Authorization Act, which prohibits the federal government from obtaining, and federal contractors from using, certain telecommunications equipment and services offered by Chinese companies, such as Huawei and ZTE. More recently, GSA published […]
5 Minutes with Jason Soroko – The Importance of Zero Trust during COVID-19
In an interview with Security Magazine, Jason Soroko, Chief Technology Officer at Sectigo, says that organizations should implement a zero-trust security strategy to strengthen cybersecurity as more employees work from home. “As employees continue to work from home for the foreseeable future, the zero-trust approach better addresses today’s distributed environments and is critical for operational […]