Rep. Jim Langevin, D-R.I., reintroduced legislation this week that would require companies that experience a breach to notify affected individuals within 30 days of the breach’s discovery and that they coordinate with the Federal Trade Commission to do so.[…]
Information sharing about cybersecurity threats has to go beyond fulfilling requirements and instead include informal relationships and discussions between agencies, according to government experts who spoke at the MeriTalk Cyber Security Brainstorm on Sept. 20.
The Modernizing Government Technology Act passed the Senate as a part of the Manager’s Amendment to the National Defense Authorization Act on Sept. 18. “By incentivizing the transition to modern technology, we will allow the government to harness cutting-edge technologies, use each dollar more efficiently, strengthen our digital infrastructure and improve government services for everyone,” said Rep. Will Hurd, R-Texas, the bill’s author.[…]
Though officials working on the Continuous Diagnostics and Mitigation program have been aware of the importance of cloud from the beginning, Phase 3 of the program will shift to include cloud concerns, according to Kevin Cox, CDM program manager at the Department of Homeland Security.[…]
As Federal agencies and the Office of Management and Budget work to develop reorganization plans as part of a March executive order, Congress needs to improve its oversight of those agencies, Sen. Heidi Heitkamp D-N.D., said at a Senate Homeland Security and Government Affairs Committee hearing.[…]
Rep. Will Hurd, R-Texas, said that he expects his Modernizing Government Technology Act to pass the Senate within the next week as an add-on to the Senate’s 2018 National Defense Authorization Act deliberations. “Buying IT goods and services in the Federal government is pretty silly,” said Hurd, criticizing the fact that agencies must use all of their IT funding for the year or risk losing it. “That is an insane way to purchase things to defend our digital infrastructure,”[…]
Acting Secretary of Homeland Security Elaine Duke released a binding operational directive on Sept. 13 requiring agencies to identify and plan to remove all Kaspersky Lab products within the next 90 days. “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS noted.[…]