[ISN] ‘Hidden’ Law Could Hamper Gov’t Infosec

http://www.bankinfosecurity.com/blogs/hidden-law-could-hamper-govt-infosec-p-1446 By Eric Chabrow Bank Info Security April 5, 2013 A mysterious lawmaker shielded by congressional rules covertly added language into a new law that could make the purchase of IT security wares very difficult for the departments of Commerce and Justice, NASA and the National Science Foundation. The law – the Consolidated and Further Continuing Appropriations Act of 2013, commonly known as the continuing resolution – funds federal government operations through September and was enacted by Congress and signed by President Obama last month. The law contains a number of amendments that go beyond funding the government, including one that could complicate the process to acquire IT security wares for the four federal agencies. Simply, the added provision requires that the agencies’ heads in consultation with the FBI or another appropriate federal entity (which weren’t identified in the legislation but presumably could include the Department of Homeland Security and National Security Agency) to conduct for the remainder of the fiscal year risk assessments on acquired technology to see if they pose a threat for cyber-espionage or sabotage. The rider specifically mentions systems from Chinese manufacturers, which some lawmakers suspect produce computer and telecommunications equipment that can spy on IT systems at the request of the Chinese government, an allegation the manufacturers and China deny. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org