Federal Manager's Daily Report

Image: MyCreative/Shutterstock.com

President Trump has signed into law (P.L. 116-207) a bill to tighten security controls on the Internet of Things including a requirement that the National Institute of Standards and Technology work with cybersecurity researchers and industry experts to publish guidance on disclosure to ensure that vulnerabilities related to devices of federal agencies are addressed.

The NIST further would have to issue recommendations addressing, at a minimum, secure development, identity management, patching, and configuration management for IoT devices; any Internet-connected devices purchased by the federal government would have to comply with those recommendations.

Also, contractors and vendors providing IoT devices to the government would have to adopt coordinated vulnerability disclosure policies, so that if a vulnerability is uncovered, that information is disseminated.

Also signed into law (P.L. 116-194) was a bill to require the GSA’s technology transformation services to establish a modernization centers of excellence program to facilitate the adoption of modern technology by federal agencies. The GSA is to coordinate with DHS to ensure that the technology provides sufficient cybersecurity and maintains the integrity of information held by agencies.

Payroll Agency Addresses Upcoming Social Security Repayment Requirement

Defense Bill Addresses Paid Parental Leave Loophole, Use or Lose Leave Limits

In Change of Position, White House Now Supports Federal Pay Freeze

2022 Federal Employees Handbook