'Hidden' Law Could Hamper Gov't Infosec

[InfoSec News <alerts () infosecnews org>]

http://www.bankinfosecurity.com/blogs/hidden-law-could-hamper-govt-infosec-p-1446

By Eric Chabrow
Bank Info Security
April 5, 2013

A mysterious lawmaker shielded by congressional rules covertly added language 
into a new law that could make the purchase of IT security wares very difficult 
for the departments of Commerce and Justice, NASA and the National Science 
Foundation.

The law - the Consolidated and Further Continuing Appropriations Act of 2013, 
commonly known as the continuing resolution - funds federal government 
operations through September and was enacted by Congress and signed by 
President Obama last month. The law contains a number of amendments that go 
beyond funding the government, including one that could complicate the process 
to acquire IT security wares for the four federal agencies.

Simply, the added provision requires that the agencies' heads in consultation 
with the FBI or another appropriate federal entity (which weren't identified in 
the legislation but presumably could include the Department of Homeland 
Security and National Security Agency) to conduct for the remainder of the 
fiscal year risk assessments on acquired technology to see if they pose a 
threat for cyber-espionage or sabotage.

The rider specifically mentions systems from Chinese manufacturers, which some 
lawmakers suspect produce computer and telecommunications equipment that can 
spy on IT systems at the request of the Chinese government, an allegation the 
manufacturers and China deny.

[...]


______________________________________________
Attend #HITB2013AMS April 8th - 11th in Amsterdam.
Featuring over 42 international speakers and keynotes
by Bob Lord and Edward Schwartz http://conference.hitb.org