Cybersecurity

New rule covers purchasing authority for cyber emergencies

By BeeBright shutterstock ID: 789734968 

The federal government is moving to expand emergency procurement authority for purchases used to respond to or recover from a cyberattack, according to a new proposed rule in the Federal Register.

The change places cyberattacks against the United States in the same category as nuclear, biological, chemical or radiological attacks. It would allow federal procurement officials to spend up to $20,000 for domestic purchases and $30,000 for international purchases under micropurchasing rules, as well as $750,000 and $1.5 million for simplified acquisition purchases, provided the work has "a clear and direct relationship to the support of a contingency operation."

The notice -- put out by the Department of Defense, General Services Administration and NASA -- implements several provisions from the 2017 National Defense Authorization Act that increase the dollar threshold for agency purchases that are in support of federal efforts to respond to an emergency or a disaster.

The 2017 NDAA added cyberattacks to the list of circumstances that warrant invoking the authority. Military and civilian federal acquisition councils declined to provide a definition for cyberattack, citing a lack of a clear statutory definition and a desire to provide policymakers with maximum flexibility.

The government expects that the change in rules will affect less than 100 smaller federal contractors and save them a combined $1.3 million per year in reduced compliance costs.

The new rule must still be finalized before going into effect. Comments on the proposal are due by Aug. 27, 2018.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected