• Matross Edwards

GovCon & Cyber Weekly Debrief (3/30–4/3)


This week's Weekly Debrief covers a number of issues, such as the CMMC (NIST will be helping with standards for third-party assessors), research shows the Pentagon is using other buying tools 10 times more often (OTAs and SBIRs), and GSA's e-commerce plans and OPM merger.


NextGov – Defense Contractor Cybersecurity Certifiers Launching ‘National Conversation’ Webinars

  • ​"About 3,500 people have registered for the first of a series of webinars organizers are planning to meet the high demand for knowledge of how the Pentagon’s Cybersecurity Maturity Model Certification program will work."

FedScoop – NIST will help create CMMC standards for third-party assessors

  • ​"The National Institute of Standards and Technology will play a “core” role in setting standards for third-party assessors to participate in the Defense Department‘s new Cybersecurity Maturity Model Certification (CMMC)."


NextGov – If Space Startups Fail, the Pentagon’s Going to Need Some New Plans

  • ​"Literally and figuratively, there’s no area of military activity that’s further away from the coronavirus than U.S. military assets in space. But the economic effects of the counter-virus lockdown are causing potentially fatal problems for some young space companies and that could threaten the Defense Department’s plans."

DefenseNews – Pentagon turns to new buying tools 10 times more often

  • "The amount of funding for defense research awarded through other transaction authorities have increased nearly tenfold in five years, according to a new analysis seen exclusively by Defense News. The report, by data and analytics firm Govini, shows the use of OTAs and small business innovation research contracts has expanded to the point that, in 2019, the two methods accounted for $9.6 billion, or 10 percent of the Defense Department’s research, development, test and evaluation spending."

FederalNewsNetwork – DoD plan to classify spending plans gets thumbs down from almost everyone

  • ​"The Defense Department is getting what seems like almost universal pushback on its legislative proposal to classify its spending plans for future years. The Pentagon floated the proposal for the 2021 defense authorization bill. It would hide the Future Years Defense Plan (FYDP) from the public, the Congressional Research Service and the Government Accountability Office. The FYDP calculates what DoD thinks it will spend on programs and services five years out from the present."


FCW – Pandemic delays GSA's e-commerce plans

  • ​"The General Services Administration's push to create an electronic purchasing portal for federal agencies has been shoved to the sidelines by the government's more urgent demands for IT hardware and service support for telework."

GovExec – House Lawmakers Accuse GSA of Breaching Ban on Implementing OPM Merger

  • ​"Democrats on the House Oversight and Reform Committee said that the Trump administration would violate provisions of the 2020 National Defense Authorization Act blocking the planned merger of the Office of Personnel Management and the General Services Administration if it moves forward with plans to rescind OPM’s authority to operate two federal buildings in the Washington, D.C., area."


This week's Weekly Debrief includes articles on cybercriminals targeting Zoom, Google, and Teams, Marriott's second data breach, best practices to manage third-party risk, privacy settings on Zoom, and coronavirus-era surveillance and biometric systems posing privacy problems.


SC Magazine – Cybercriminals targeting Zoom, Google and Teams domains

  • ​"The increased video conferencing activity due to COVID-19 has given cybercriminals the opportunity to use typosquatting and URL hijacking by imitating many of the top conferencing platforms."

The Hacker News – Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

  • ​"International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years." At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a statement."

DarkReading – Best Practices to Manage Third-Party Cyber-Risk Today

  • ​"Just five years ago, many companies focused their cyber defense efforts almost entirely on their own organizations. Today, they are increasingly concerned about third-party risks, with good reason.According to Ponemon Institute's "US Cost of a Data Breach Study," third-party organizations accounted for 42% of all breach cases, dropping only slightly from 44% of all cases in 2008."

Wired – Coronavirus Sets the Stage for Hacking Mayhem

  • ​"THE NOVEL CORONAVIRUS has impacted the global economy, daily life, and human health around the world, changing how people work and interact everyday. But in addition to the pressing threat the virus poses to human health, these rapid changes have also created an environment in which hackers, scammers, and spammers all thrive."


Popular Science – Check these privacy and security settings before your next Zoom video chat

  • ​"There’s a good chance you hadn’t heard of Zoom when 2020 started. Unless you regularly participate in business-focused video chats, the enterprise-oriented tool wasn’t part of your regular routine. Then came COVID-19 and social distancing, of course, making video chat the closest option many people have for responsible face-to-face interaction. Suddenly, Zoom’s typical uses—earnings reports, powerpoint slides—started living alongside online happy hours and remote board game sessions."

CSO Online – New coronavirus-era surveillance and biometric systems pose logistical, privacy problems

  • "As the COVID-19 pandemic grips the globe, new surveillance methods are already raising new privacy and security challenges despite the still-early days of this crisis. Chief among these potential problems is the sudden turn by the government toward using geolocation data to track millions of Americans' cell phones in monitoring the spread of the disease."

. . .

#govconjudicata #cyberjudicata #weeklydebrief

Recent Posts

See All

Weekly Debrief (6/21–25)

This week's Weekly Debrief covers the CMMC, defense contractor vulnerabilities and supply chain logistics, FAA legislation, possible IRS spending boost, and a GMU study regarding financial dynamics of

Weekly Debrief (6/14–18)

This week's Weekly Debrief covers the Juneteenth federal holiday, federal data strategy, GSA STARS III awards, Army modernization, and "BRAC for VA." White House GovExec – Most Federal Employees Will

Weekly Debrief (6/7–11)

This week's Weekly Debrief covers the Biden administration's spending plans, Defense software issues, CMMC costs, joint DoD/VA medical center, Space Force digital workforce, and DoD wants funding for