Cybersecurity

New rule covers purchasing authority for cyber emergencies

By BeeBright shutterstock ID: 789734968 

The federal government is moving to expand emergency procurement authority for purchases used to respond to or recover from a cyberattack, according to a new proposed rule in the Federal Register.

The change places cyberattacks against the United States in the same category as nuclear, biological, chemical or radiological attacks. It would allow federal procurement officials to spend up to $20,000 for domestic purchases and $30,000 for international purchases under micropurchasing rules, as well as $750,000 and $1.5 million for simplified acquisition purchases, provided the work has "a clear and direct relationship to the support of a contingency operation."

The notice -- put out by the Department of Defense, General Services Administration and NASA -- implements several provisions from the 2017 National Defense Authorization Act that increase the dollar threshold for agency purchases that are in support of federal efforts to respond to an emergency or a disaster.

The 2017 NDAA added cyberattacks to the list of circumstances that warrant invoking the authority. Military and civilian federal acquisition councils declined to provide a definition for cyberattack, citing a lack of a clear statutory definition and a desire to provide policymakers with maximum flexibility.

The government expects that the change in rules will affect less than 100 smaller federal contractors and save them a combined $1.3 million per year in reduced compliance costs.

The new rule must still be finalized before going into effect. Comments on the proposal are due by Aug. 27, 2018.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.