Tuesday, April 16, 2024
Rick has more than 30 years of experience in covering federal policy, and has worked as an editor and reporter in such key policy areas as energy and environment, health care policy, and now cybersecurity and the tech industry. Rick is a founding member of the editorial team at Inside Cybersecurity, reporting on federal cybersecurity policies since their earliest stages, and is a regular contributor to Inside Defense.
The Air Force is in preliminary talks with the new Federal Acquisition Security Council on use of the government's expanded contracting authority to remove software that poses operational risks to networks and systems, according to officials at a MITRE-hosted meeting on supply-chain security.
The Defense Department is drafting a "white paper" on the use of automation technologies for developing and using secure software, which is expected to be issued later this year for industry input, according to officials at a MITRE-hosted meeting on supply-chain security.
The Defense Department will issue a request for proposals in early November for testing the use and security of next-generation 5G networks viewed as "transformational" for the military's mission, participants at a MITRE-hosted meeting were told this week.
The Justice Department is defending the authority of Congress to ban the government and its contractors from purchasing tech products by China-based companies including Huawei, in urging a federal court to dismiss the company's lawsuit claiming the prohibition to be unconstitutional.
The Pentagon's Defense Information Systems Agency has issued blanket approval for contractors to handle certain data on cloud computing services approved by the government-wide FedRAMP security system, a move that has attracted the support of a former federal chief information security officer as a way for the Defense Department to leverage civilian agency cybersecurity services.
The wireless communications industry says the National Institute of Standards and Technology has likely underestimated the vast costs for contractors in implementing proposed changes for standards in protecting Defense Department data from foreign adversaries such as China and Russia.
A leading legal voice for the federal contracting community warns a new regulation banning purchases of products from Huawei and other China-based tech companies will prevent some U.S. suppliers from bidding on contracts, which could force the government to do without certain services and components.
The National Institute of Standards and Technology has delayed the release of cybersecurity standards used by Defense Department contractors, pending the review by the White House's Office of Management and Budget of related standards for protecting the privacy and security of all government data.
Lawyers for Huawei are disputing claims by the U.S. government to argue that a ban on its products under the Fiscal Year 2019 National Defense Authorization Act violates the Constitution, in a case that sets up a legal showdown over issues with broader implications for addressing cybersecurity threats from China.
The law firm DLA Piper is urging the Defense Department to revise its cyber-incident reporting rules for contractors, including recommending changes to core elements of the program such as deadlines, scope and the definition of data covered by the requirements.
Regulations banning the federal government from purchasing products from Huawei and other China-based tech companies take effect today, imposing sweeping requirements on widely available commercial items while also providing for some exceptions.
The Defense Department, General Services Administration and NASA have drafted interim final regulations for banning the government's purchases of IT and video surveillance equipment and components from Huawei and other China-based tech firms, a move that will likely fuel growing tensions between Washington and Beijing.
President Trump today said his administration will be looking into recent media reports that China-based Huawei has been working with North Korea in its build-out of 5G networks, while also suggesting the United States has a strong working relationship with North Korean President Kim Jong-un.
Federal acquisition officials including from the Pentagon held a public meeting Friday that did more to frame the questions, than to provide answers, for upcoming regulations on banning Huawei and other China-based companies from the government's information technology supply chain, including such basic issues as who is in charge of enforcing the new rules.
A lawyer representing Huawei Technologies told federal officials today that statutory requirements for banning foreign influence in the government's IT supply chain should be met through a broad cybersecurity risk-management process, rather than an entity-based purchasing prohibition that targets Huawei products.
The National Institute of Standards and Technology has issued draft cybersecurity guidelines for defense contractors that call for full-time security operation centers to counter advanced threats, among other recommendations for such sophisticated activities as threat-hunt capabilities and automated analytics.
The National Institute of Standards and Technology has issued for public comment draft guidelines for securing sensitive data relied on by weapon systems from attack by foreign adversaries, in response to a request for tougher requirements from the Defense Department.
China poses the greatest risks to U.S. national security since the Soviet Union during the Cold War, and may eventually surpass U.S. military superiority based in part on Beijing's investments in cyberspace capabilities that can project both economic and fighting power, according to leading defense policy strategists.
The Defense Department and NASA have announced a public meeting next month to get industry advice and concerns about implementing a ban on federal purchases of telecommunications equipment from China-based companies Huawei and ZTE, prior to an August deadline under the defense authorization law enacted last year.
The Federal Acquisition Security Council held its first meeting this week to begin developing a national strategy for securing the government's supply chain from cyber and other threats, with the Defense Department's strict cybersecurity rules likely to serve as a model.