Friday, January 22, 2021

Subscribers Only

Free

Not Your Parents’ IT: New Interim Rule to Scrutinize Acquisition of IT Products and...

On January 19, Commerce published an interim final rule (IR) which, effective March 22, 2021, will implement the May 15, 2019 Executive Order 13873 that relied on the International Emergency Economic Powers Act (IEEPA) to authorize sweeping power to block or undo any transaction – including use, purchases or importation – of virtually any “information and communications technology […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

No CMMC Penalty for SolarWinds Hack

While the Cybersecurity Maturity Model Certification system was being rolled out over the same time period that the SolarWinds breach was affecting agencies and contractors, Katie Arrington, CISO for the Office of the Undersecretary of Defense for Acquisition and Sustainment, says that companies compromised by the incident will not be penalized for falling victim to […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Can Agencies Catch up to SolarWinds Hack?

Federal agencies affected by the SolarWinds cybersecurity fiasco – and there are several of them, at least – are under a new deadline. Policy from the Cybersecurity and Infrastructure Security Agency gives them until the end of the month to complete forensic analysis and to harden their systems. Michael Hamilton, former vice chairman of the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Biden Administration Proposes $10B in “Urgent” IT and Cyber Funding for Federal Agencies

As part of his $1.9 trillion COVID relief proposal to Congress, President Joe Biden calls the need to upgrade the federal IT infrastructure “an urgent national security issue,” and requests that the Technology Modernization Fund receive a 3,600% increase over 2020, to $9 billion. The TMF has received $150 million since established in 2017. Biden […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Biden Names Rob Joyce as NSA Cybersecurity Director

Incoming President Joe Biden has named Rob Joyce, currently the NSA’s liaison at the U.S. Embassy in London, as director in the agency’s Cybersecurity Directorate. Joyce would replace Anne Neuberger, its first head, whom Biden has picked for a new cybersecurity position on the National Security Council. Joyce was previously a senior advisor for cybersecurity […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Department of Defense Amends Section 889 Reporting Requirements in Final Rule

As we have written previously, the FAR Council has issued a number of interim rules designed to align the Federal Acquisition Regulation (FAR) with the prohibitions contained at Part A and Part B of Section 889 of the FY19 National Defense Authorization Act. Those who have been following these developments know that Section 889 Part […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Biden Appoints Anne Neuberger as NSC Cybersecurity Advisor

Anne Neuberger, the NSA’s cybersecurity director, has been nominated as deputy national security adviser for cyber and emerging technology, a member of the National Security Council. Neuberger previously lead NSA’s task force to counter Russian threats to U.S. elections (“the Russia Small Group”), and has overseen cyber-operations as NSA’s assistant deputy director of the Operations […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California Privacy Rights Act: A Move Closer to GDPR? Part II

In Part II of this series, California-based Ali Baiardo, and London-based Alice O’Donovan, continue their comparison of the GDPR and California privacy law. NEW DATA PROTECTION PRINCIPLES AND OBLIGATIONS ON BUSINESSES a. Key data protection principles The GDPR revolves around seven key data protection principles: Lawfulness, fairness and transparency; Purpose limitation; Data minimisation; Accuracy; Storage […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD and GSA Take Aim at Supply Chain Risks

The Department of Defense (DoD) recently implemented additional procedures for the mitigation of cybersecurity risks in its supply chain. Designed to identify and mitigate cybersecurity and related supply chain risks throughout a program’s lifecycle, DoD Instruction 5000.90, Cybersecurity Acquisition Decision Authorities and Program Managers, requires program managers to: Assess contractors’ cybersecurity posture, including, where applicable, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

How to Make the National Cyber Director Position Work

Over the new year, Congress overrode President Trump’s veto to enact into law the National Defense Authorization Act (NDAA) for fiscal 2021—an annual piece of legislation that lays out the budget, expenditures and policies of the Pentagon for the upcoming year. This year’s NDAA also contains numerous cyber-related provisions, among them § 1752, which establishes […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.