Weekly Wrap-Up
Week of December 6, 2021
Cyber Incident Reporting Mandates Suffer Another Congressional Setback
(CyberScoop) House and Senate negotiators have excluded provisions from a must-pass defense bill that would have mandated many companies to report major cyberattacks and ransomware payments to federal officials.
Zero Trust, Cloud Security Pushing CISA to Rethink Its Approach to Cyber Services
(Federal News Network) The Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security is putting the final touches on several guidance documents to help ease the transition to a zero trust cybersecurity environment.
Government Accountability Office Report on CMMC Raises Issues Over Initial Pilots, Communication with Industry
(Inside Cybersecurity) The Pentagon should develop a plan to “measure the effectiveness” of its pilot efforts for the Cybersecurity Maturity Model Certification program, according to a report from the Government Accountability Office, which identifies deficiencies in the pilot review process and directs the Defense Department to provide “sufficient and timely communication” with industry.
FedRAMP Program Evolves to Meet Directives in Cyber EO, Stakeholder Feedback on Training
(Inside Cybersecurity) The General Services Administration’s FedRAMP program is engaging with industry stakeholders to update its processes to authorize cloud service provider offerings for government use, while working with agencies including CISA to spread cloud adoption across the federal government as mandated in a May cyber executive order, according to acting FedRAMP director Brian Conrad.
DOD CIO Updating Cyber Reciprocity Guidance After Audit Finds Weaknesses
(FedScoop) The Department of Defense said it will take steps to strengthen reciprocity guidance for IT systems security authorization after the department’s inspector general found its existing processes to be lacking.
DoD to Hire First-Ever Chief DIgital and Artificial Intelligence Officer, Form New Office
(Nextgov) The Defense Department will hire its first chief digital and artificial intelligence officer and formally establish a new office under their purview—by next summer—via an organizational restructure it deems necessary to advance data and technology integration and innovation across its massive enterprise.
VA Exploring Emerging Tech for Healthcare Products
(MeriTalk) The Department of Veterans Affairs (VA) has issued a presolicitation on SAM.gov, detailing its plans to utilize emerging technologies to improve healthcare products and in turn, patient care.
DOD Elevates CTO and Launches New Steering Group
(FedScoop) The Department of Defense is trying to shift the focus of its chief technology officer more towards innovation and also to elevate the role, the deputy secretary of defense said Wednesday.
Federal Judge Blocks Vaccine Requirements for Federal Contractors
(Greenville News) A federal judge in Georgia has blocked the vaccine requirement for federal contractors nationwide, who would have had to get vaccinated by Jan. 18.
NIST Plans to Release Request for Information in Kicking Off Cybersecurity Framework Update
(Inside Cybersecurity) The National Institute of Standards and Technology is working on a request for information to gather input on potential considerations in the next version of the framework of cybersecurity standards, with a focus on adding value from various NIST publications and other resources, and examining how to leverage cybersecurity supply chain risk management work.
If you would like to have your story featured in ADI's Member News, please contact ADI's Policy & Communications Manager, Rachel Nathanson.
Questions? Inquiries? Please e-mail: info@hq.alliance4digitalinnovation.org