Inside Cybersecurity

New CYBER REGULATION NEWS

September 17, 2021

Home Page

Home Page

By Charlie Mitchell

Industry and other cyber policy players are closely watching as House lawmakers move to advance an incident reporting requirement for critical infrastructure operators by amendment to the annual National Defense Authorization Act, while Senate Homeland Security Chairman Gary Peters (D-MI) is emphasizing that legislation must include mandatory reporting of ransomware payments.

By Charlie Mitchell

Phil Reitinger, who led cybersecurity efforts at DHS during the Obama administration, is raising cautionary notes about a proposal to set a five-year term for the Director of CISA, which could be added to the national defense policy bill headed to the House floor.

By Sara Friedman

The Defense Department is not planning to release the final rule cementing the implementation of its Cybersecurity Maturity Model Certification program in September, due to an ongoing internal review expected to conclude toward the end of 2021.

By Charlie Mitchell

House Homeland Security leaders have submitted their bipartisan cyber incident reporting legislation as a proposed amendment to the annual defense policy bill, among a handful of key cybersecurity proposals offered for inclusion in the fiscal 2022 National Defense Authorization Act headed to the House floor next week.

By Sara Friedman

Officials from three federal agencies discussed their approaches to establishing product labeling programs for the energy sector and other consumer protection efforts at a NIST workshop on cybersecurity labeling, providing a wide range of considerations for how NIST can make its pilot programs most impactful.

By Sara Friedman

Leaders from the House Small Business oversight subcommittee are working to get an amendment into the fiscal 2022 National Defense Authorization Act that would direct the Pentagon to assess the small business impacts of DOD’s CMMC program.

RECENT NEWS

NIST plans to release draft consumer software criteria for public comment ahead of White House deadline
Stakeholders: NIST approach to cyber labeling must thread needle between security, innovation
Inglis discusses priorities for new office, while Rep. Katko touts CISA Director legislation
FCC unveils members of security advisory council, with enhanced role for CISA on 5G
House Homeland Security panel clears new CISA funding, but fate of ‘reconciliation’ package is uncertain
NIST workshop on consumer software, IoT labeling addresses requirements in Biden EO
ITI calls for ‘outcomes-based’ approach in development of NIST artificial intelligence framework

MORE NEWS ›

Working Remotely?

If you are unable to access this service in the usual way because you are working remotely, let us know and we’ll provide you with temporary access credentials. Contact us at access@iwpnews.com.

Topics

Biden's Executive Order
NCD Inglis outlines priorities for new office, including work on ‘federal coherence’ and reviews of cyber budgets
Industry groups seek more transparency around Pentagon cyber certification program
Industry stakeholders: Federal ‘maturity model’ approach moves government toward better security
NIST proposes baseline criteria for development of IoT labeling program
5G
FCC approves notice opening up ‘innovation zones’ for Open RAN development, testing
House Energy and Commerce panel considers proposals on communications sector coordination, fast tracking 6G
Southern Company submits new test results in urging FCC to ‘pause’ unlicensed mid-band spectrum use
FCC chief Rosenworcel plans for July vote on final rip-and-replace rulemaking
Internet of Things
NIST launches project on addressing cybersecurity risk in telehealth
Biden executive order’s upcoming milestones include updates to federal contracting rules, software supply chain work
NIST publishes Internet of Things security baseline guidance for manufacturers
Senate Commerce panel leaders urge Secretary Raimondo to prioritize NIST cyber activities
Solarium
Cyber Solarium leader highlights threat information collaboration included in House defense bill
Long-awaited DHS rulemaking establishes new pathway for cyber workforce hiring, while implementation remains uncertain
At White House summit, industry leaders pledge support for wide-ranging cyber initiatives
House Democratic leaders commit to September vote on Senate infrastructure package containing cyber measures
Zero Trust
NIST considers combining enterprise patching project with zero trust effort
NIST issues draft guide on using risk management framework to implement zero trust architecture
NDIA report proposes expanding Pentagon zero trust effort, defining use of intellectual property
Senate Armed Services authorizes funding increase for Pentagon cyber efforts in annual defense policy bill
Info-Sharing
Congressional Research Service offers primer for lawmakers considering action on pipeline cybersecurity
Incident reporting draft from Senate Homeland Security panel emphasizes ransomware, includes pilot program and task force
Senate Homeland Security circulates incident reporting language as House cyber panel hears from industry
Cyber subcommittee chair Clarke emphasizes collaboration, benefits to industry in incident reporting bill
Framework
General Services Administration issues proposed rulemaking to streamline IT contract cyber requirements
NIST publishes ransomware risk management profile to provide guidance on securing networks
NIST seeks comment on supply chain assurance research project, enterprise risk management publication
Tenable’s Shapiro: ‘Unprecedented opportunity’ in infrastructure bill to advance cyber
Supply Chain
Defense assessment agency provides details on CMMC scoping, lessons learned
CMMC accreditation body clarifies details of approval process for assessment organizations
Former Pentagon acquisition chief: CMMC needs to continue under new Defense Dept. leadership
Industry seeks greater voice in development of FASC procedures on security of government purchases