Cybersecurity

New rule covers purchasing authority for cyber emergencies

By BeeBright shutterstock ID: 789734968 

The federal government is moving to expand emergency procurement authority for purchases used to respond to or recover from a cyberattack, according to a new proposed rule in the Federal Register.

The change places cyberattacks against the United States in the same category as nuclear, biological, chemical or radiological attacks. It would allow federal procurement officials to spend up to $20,000 for domestic purchases and $30,000 for international purchases under micropurchasing rules, as well as $750,000 and $1.5 million for simplified acquisition purchases, provided the work has "a clear and direct relationship to the support of a contingency operation."

The notice -- put out by the Department of Defense, General Services Administration and NASA -- implements several provisions from the 2017 National Defense Authorization Act that increase the dollar threshold for agency purchases that are in support of federal efforts to respond to an emergency or a disaster.

The 2017 NDAA added cyberattacks to the list of circumstances that warrant invoking the authority. Military and civilian federal acquisition councils declined to provide a definition for cyberattack, citing a lack of a clear statutory definition and a desire to provide policymakers with maximum flexibility.

The government expects that the change in rules will affect less than 100 smaller federal contractors and save them a combined $1.3 million per year in reduced compliance costs.

The new rule must still be finalized before going into effect. Comments on the proposal are due by Aug. 27, 2018.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

  • Defense
    laptop cloud concept (Andrey Suslov/Shutterstock.com)

    Telework, BYOD and DEOS

    Telework made the idea of bringing your own device a top priority as the Defense Information Systems Agency begins transitioning to a permanent version of the commercial virtual remote environment.

Stay Connected