• Matross Edwards

GovCon & Cyber Weekly Debrief (4/6–10)

GovConJudicata


This week's Weekly Debrief covers a variety of issues related to the COVID-19 pandemic, including cybersecurity issues, DoD's guidance on repayments and prototyping, and GM's $490M Defense Production Act contract to build ventilators.


ODNI


NextGov – ODNI Directs Agencies to Be Flexible with National Security Contractors

  • ​"The Office of the Director of National Intelligence issued guidance this week directing the intelligence community to allow some contractor personnel to remain home in a “ready state” during the novel coronavirus outbreak. The guidance calls for “immediate implementation” of Section 3610 of the Coronavirus Aid, Relief, and Economic Security Act, the $2 trillion stimulus package President Trump signedin late March."


DHS


CISA.gov – UK AND US SECURITY AGENCIES ISSUE COVID-19 CYBER THREAT UPDATE

  • ​"A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed. A joint advisory published today (April 8, 2020) by the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware."

FifthDomain – DHS releases new network security guidance for telework

  • ​"The Cybersecurity and Infrastructure Security Agency released temporary guidance April 8 for federal network cybersecurity as a way to increase protections during the spike in telework from the coronavirus pandemic. CISA, an organization within the Department of Homeland Security tasked with securing federal networks, released its interim Trusted Internet Connection 3.0 telework guidance to address scenarios in which federal employees need to connect remotely to agency cloud environments."


Defense


FedScoop – Teleworking boom prompts another cloud rollout from DOD

  • ​"The Defense Department has launched a new cloud environment from Microsoft to support the surge of teleworkers that initially strained access to DOD networks a few weeks ago. The Commercial Virtual Remove (CVR) environment can handle “For Official Use Only” documents and is designed to support the military’s entire 4-million-strong workforce both at home and in military installations around the world. The platform is being rolled out across the services, with the Air Force saying it is onboarding 250,000 users daily through April."

Defense News – Newest DoD industry guidance clarifies repayments, makes prototyping easier

  • ​"As part of its ongoing effort to bolster the defense industrial base, the Pentagon has issued two new pieces of guidance — one focused on workers, and one focused on prototype contracts. Overall, the department has now issued 17 different actions, ranging from basic guidance for industry to memos changing how the department pays contractors, since March 5. In an April 6 memo, acquisition head Ellen Lord changed the rules for issuing prototype contracts through other transaction authorities."

USA Today – GM signs $490M contract under Defense Production Act to build ventilators to fight coronavirus pandemic

  • ​"General Motors has signed a federal contract worth nearly $490 million to build ventilators amid the coronavirus crisis, the Department of Health and Human Services confirmed early Wednesday. The U.S. government said the deal was awarded under the Defense Production Act, which the president activated to press GM into manufacturing devices to help alleviate the shortage of personal protective equipment at hospitals treating COVID-19 patients."



CyberJudicata


This week's Weekly Debrief covers several interesting topics, including CISA/NCSC's joint cyber threat update, Zoom's cybersecurity practices, cyberattacks increasing amid COVID-19, law firm data security, and State's looking to CCPA for how to handle data privacy legislation. 


Cyber


CISA.gov – UK AND US SECURITY AGENCIES ISSUE COVID-19 CYBER THREAT UPDATE

  • ​"A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed. A joint advisory published today (April 8, 2020) by the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware."

TheHackerNews – Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

  • "Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations."

ThreatPost – Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?

  • ​"As the coronavirus pandemic continues to worsen, remote-collaboration platforms – now fixtures in many workers’ “new normal” – are facing more scrutiny. Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx and Microsoft Teams, are certainly not immune from cybercriminal attention."

Forbes – Cyber Attacks Against Hospitals Have ‘Significantly Increased’ As Hackers Seek To Maximize Profits

  • ​"An inter-governmental law enforcement organization, INTERPOL, the International Criminal Police Organization, has cautioned that it has detected a significant increase in cyber-attacks against hospitals around the world that are engaged in the COVID-19 response. Attacks that could 'directly lead to deaths.'"

Sedona Conference – The Sedona Conference Commentary on Law Firm Data Security, Public Comment Version

  • ​Link to PDF.



Privacy


Law.com – Look to CCPA for How States Will Handle Data Privacy Legislation After COVID-19

  • ​"The new coronavirus has forced many state legislatures to suspend their sessions or shift focus away from anticipated data privacy legislation. 'There was a significant tide of activity in many states,' Glenn Brown, of counsel at Squire Patton Boggs in Atlanta, said. New Jersey, for example, has the New Jersey Disclosure and Accountability Transparency Act floating through the Legislature, which would require a business to get consent from consumers before selling their personal data."

CPO Mag – A New Firewall – Multifamily Data Privacy and Security in the Age of Smart

  • ​"In the wake of increased and intensified data breaches, legislators are moving to protect their constituents. On June 28, 2018, California passed the most comprehensive consumer privacy law in the United States today, the California Consumer Privacy Act of 2018 (CCPA)."



. . .


#govconjudicata #cyberjudicata #weeklydebrief #matross


MATROSS EDWARDS

Trusted Relationship.

Trusted Resource.

Washington, DC

Florida

© 2020 Matross Edwards LLC. All rights reserved. Attorney Advertising.

  • LinkedIn
  • Twitter
  • Podcast
  • gcj_box
  • cj_box
Matross Edwards - Logo.png