noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Flex Ltd.

Automatic Shelf Registration Statement Form S 3ASR
Ministry of Trade and Industry of[...]

Singapore and the Philippines sign Memorandum of Understanding to[...]
Ministry of Health of the Republic[...]

Public Consultation On Draft Provisions of Food Safety and Security[...]

Technology

James Lankford

15/08/2024 | Press release | Distributed by Public on 16/08/2024 03:00

Lankford Works to Strengthen Federal Cybersecurity Measures, Implement Mandatory Vulnerability Disclosure Policies

OKLAHOMA CITY, OK - Senators James Lankford (R-OK) and Mark Warner (D-VA), members of the Senate Select Committee on Intelligence, introduced the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024 to strengthen federal cybersecurity by ensuring that federal contractors adhere to guidelines set forth by the National Institute of Standards and Technology (NIST).

"Federal agencies and contractors must be quickly made aware of cyber vulnerabilities, so they can resolve them. By strengthening cybersecurity efforts, contractors and agencies can keep their focus on serving the American people and keep data and systems safe from cybercrimes and hacking," said Lankford.

"VDPs are a crucial tool used to proactively identify and address software vulnerabilities," said Warner. "This legislation will ensure that federal contractors, along with federal agencies, are adhering to national guidelines that will better protect our critical infrastructure, and sensitive data from potential attacks."

Vulnerability Disclosure Policies (VDP) provide a way for organizations to receive unsolicited reports of vulnerabilities within their software so that they can be patched before an attack takes place. Receiving reports on suspected security vulnerabilities in information systems is one of the best ways for developers and services to become aware of issues. Currently, civilian federal agencies are required to have VDPs, however there is no requirement for federal contractors-civilian or defense-to have VDPs for the information systems used in the fulfillment of their contracts. This legislation would require the implementation of VDPs among federal contractors and formalize actions to accept, assess, and manage vulnerability disclosure reports in order to help reduce known security vulnerabilities among federal contractors.

Specifically the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024would:

Require the Office of Management and Budget (OMB) to oversee updates to the Federal Acquisition Regulation (FAR) to ensure federal contractors implement a vulnerability disclosure policy consistent with what is already required by federal agencies;
Require the Secretary of Defense to oversee updates to the Defense Federal Acquisition Regulation Supplement (DFARS) contract requirements to ensure defense contractors implement the same.

###

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format