vulnerability | Georgia Tech Procurement Assistance Center

Tech group calls on President-elect to assess IT vulnerabilities, lower acquisition barriers

December 28, 2016 By Nancy Cleveland

itic The federal government needs to assess its IT infrastructure and address cybersecurity, modernization and assessment reform as equal, intertwined priorities, suggests the IT Alliance for Public Sector, a division of advocacy and policy organization for the Information Technology Industry Council.

In a letter sent to President-elect Donald Trump, ITAPS declares that its membership — which includes hardware, software, services and solutions companies — is dedicated to working with the new administration to improve government operations and efficiency and reduce wasteful spending on aging inventory. ITAPS hopes that a review of procurement regulations and workaround programs (Digital Services, 18F, DIUx, etc.) will ease barriers to acquiring commercial technologies.

“The federal government spent $80 billion on IT systems last year. Shockingly, 80 percent was spent maintaining costly, vulnerable IT systems that many American taxpayers would expect to see in a Smithsonian collection,” said ITAPS Senior Vice President for Public Sector Trey Hodgkins, who signed the letter to Trump.

Keep reading this article at: http://www.federaltimes.com/articles/tech-group-calls-on-trump-to-assess-it-vulnerabilities-lower-acquisition-barriers

See the full set of ITIC’s recommendations here: http://www.itic.org/dotAsset/b/b/bb2f1b1e-2a9a-4a8a-ad9a-7aa41a046e3d.pdf

Final federal rule issued on safeguarding contractor information systems

June 17, 2016 By Nancy Cleveland

Federal Contract Information After years of gestation, a final rule was promulgated May 16, 2016 to mandate minimum cyber defenses for companies that do government business. This Federal Acquisition Regulations rule – “Basic Safeguarding of Contractor Information Systems” 81 Fed. Reg. 30439 – seeks to protect the confidentiality and integrity of federal contract information (FCI) that resides in or transits through any contractor information system.

Why this rule?

Agencies are required by the Federal Information Security Modernization Act (FISMA) to protect federal information. The obligation extends to nonpublic information provided by the federal government to its contractors. Unauthorized cyber extraction of federal information has caused genuine injury to national interests. Using this new FAR provision, every federal agency now will require minimum cyber protection for FCI.

What is federal contract information?

FCI is defined as nonpublic information that is “provided for or generated for the government” under a contract to “develop or deliver a product or service to the government, but not including information provided to the public or simple transactional information. The new rule protects “information systems” rather than carefully defined information types, however. If a contractor processes stores or transmits any FCI, its information system becomes subject to minimum enumerated safeguards. Where a contractor information system hosts FCI and other, non-federal information, the rule applies to the whole system.

Keep reading this article at: http://www.federaltimes.com/story/government/solutions-ideas/2016/06/13/far-rule-federal-contractor-information/85825436/

Why small businesses should care about cybersecurity

January 8, 2016 By Nancy Cleveland

When hacking stories hit the headlines, they’re usually about large companies — organizations that have millions of users. These companies invest huge amounts of money in keeping data secure, so any breach is a serious issue.

A real-time hack attack map can be seen at http://map.norsecorp.com

Small businesses and entrepreneurs often neglect cybersecurity, because they assume it’s someone else’s problem, or their data is not worth stealing. But there are lots of reasons why cybersecurity should be priority number one for entrepreneurs.

It’s not good enough to pretend it doesn’t affect you, or claim your operations are too small. And just because you aren’t aware of a hack, doesn’t mean it isn’t happening.

Keep reading this article at: http://www.entrepreneur.com/article/252138

Tech group calls on President-elect to assess IT vulnerabilities, lower acquisition barriers

Why small businesses should care about cybersecurity

Contracting News

SBA scorecard shows federal government continues to prioritize small business contracting

OMB releases guidance related to small business goals

OMB issues guidance on impact of injunction on government contractor vaccine mandate

Changes coming to DOD’s Cybersecurity Maturity Model Certification under CMMC 2.0

Judge issues nationwide injunction halting enforcement of COVID-19 vaccine mandate

Contracting Tips

Contractors must update EEO poster

The risk of organizational conflicts of interest

The gap widens between COFC and GAO on late is late rule

Are verbal agreements good enough for government contractors?

CMMC 2.0 simplifies requirements but raises risks for government contractors

GTPAC News

VA direct access program events in 2022

Sandia National Laboratories seeks small business suppliers

Navy OSBP hosting DCAA overview (part 2) event Jan. 12, 2022

Navy OSBP hosting cybersecurity “ask me anything” event Dec. 16th

State of Georgia hosting supplier systems training on January 26, 2022

Georgia Tech News

Undergraduate enrollment growth reflects inclusive excellence

Georgia Tech delivers $4 billion in economic impact to the State of Georgia

Georgia Tech awards first round of seed grants to support team-based research

Georgia Tech announces inaugural Associate Vice President of Corporate Engagement

DoD funds Georgia Tech to enhance U.S. hypersonics capabilities