The General Services Administration is drafting a Federal Acquisition Regulation addition to integrate security into IT buys. Joan Hash, director of security management assistance in the National Institute of Standards and Technology’s Computer Security Division, made the announcement today during a discussion of government cybersecurity requirements at the GOVSEC security conference in Washington. In addition to GSA’s work on a new acquisition regulation, NIST is developing governmentwide categories for sensitive but unclassified information, plus a set of minimum security requirements to protect each category. Among other things, the draft FAR addition will require contracting officers to work with agency CIOs to ensure that security requirements are built into purchases. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.