Weekly Wrap-Up
Week of August 9, 2021
Federal Government Updates
MeriTalk Insight: FITARA, TMF, Telework, and Trust
(MeriTalk) Rather than focus on a single topic or recent news event in this column, let’s talk about a number of important Federal government management matters. Think of it as the good government version of Chris Berman’s complete NFL highlights coverage in 60 seconds…
FedRAMP Releases the FY2021 Annual Survey
(MeriTalk) FedRAMP released its annual survey for FY2021 today.

In a blog post, FedRAMP officials said they are “constantly looking for ways to improve stakeholder engagement and provide the tools and services [users] need to be successful.” FedRAMP will use the information gathered to gauge how it is doing and identify changes to the program that can help better meet the needs of FedRAMP customers.
FedRAMP Just Automated Checking Security Authorization Packages for Completeness
(FedScoop) The General Services Administration plans to release XML-automated validations next week allowing vendors to check their security authorization packages for completeness before submitting them to the Federal Risk and Authorization Management Program.

FedRAMP used Schematron’s rule-based validation for making assertions against XML to automate the process and wants vendors to self-test their packages to ensure all the required data is there, before the program reviews them and decides whether to issue a cloud product an authority to operate (ATO).
Small Companies to be Included in DOD's New Enterprise Cloud Contract
(Potomac Officers Club) The Department of Defense intends to extend procurements made under the Joint Warfighter Cloud Capability contract to small cloud providers.

Speaking at a Potomac Officers Club event, Danielle Metz, DOD deputy CIO for information enterprise, confirmed that JWCC awards will not be exclusive to hyperscale cloud service providers and will eventually be open to any company capable of meeting the department’s common and unique mission sets.
Senate Passes Infrastructure Bill
How the $1 Trillion Infrastructure Bill Will Direct Billions Toward Tech Spending
(CNBC) During the pandemic, the internet kept Americans going as much as highways and rails.

Now, a $1 trillion infrastructure bill passed by the Senate on Tuesday is set to inject money into expanding broadband access and bring funding to other parts of the tech sector, including electric vehicles. At the same time, the bill includes new tax reporting requirements for cryptocurrency transactions, meant to help fund the bill’s enormous price tag.

The bill still needs to be passed by the House of Representatives and signed into law by President Joe Biden.
House Expected to Cut Recess Short, Return Aug. 23 to Take Up Infrastructure Package
(NBC News) House Democratic leader Steny Hoyer said Tuesday that the House could cut its recess short and return in about two weeks to take up the sweeping $550 billion infrastructure bill that passed the Senate.

"For your scheduling purposes, assuming that the Senate does, in fact, complete work on a budget resolution, the House will return to session on the evening of August 23 to consider that budget resolution and will remain in session until our business for the week is concluded," Hoyer, of Maryland, the House majority leader, said in a statement to colleagues.

House members had been scheduled to return Sept. 20.
Senate Includes Over $1.9 Billion for Cybersecurity in Infrastructure Bill
(The Hill) The Senate included more than $1.9 billion in cybersecurity funds as part of the roughly $1 trillion bipartisan infrastructure package approved Tuesday.

The funds will go toward securing critical infrastructure against attacks, helping vulnerable organizations defend themselves and providing funding for a key federal cyber office, among other initiatives.

The infrastructure bill, which now goes to the House after it was approved by the Senate following weeks of negotiations, includes $1 billion in funds for state and local governments to strengthen their cybersecurity. Cyber criminals have launched more attacks since many services moved online during the pandemic.
Senate Passes $1.2 Trillion Bipartisan Infrastructure Package
(Axios) The Senate voted 69-30 on Tuesday to pass the $1.2 trillion bipartisan infrastructure package, handing a major victory to President Biden and a group of senators that spent months negotiating on the agreement.

Why it matters: The monster bill would deliver hundreds of billions of dollars for roads, bridges, waterways and other "hard infrastructure" items. It is widely seen as a victory for both parties and the reputation of the Senate, especially given the current level of polarization in Congress.
Cybersecurity & Compliance
Palo Alto Networks: Ransomware Demands Rocket 518%
(SDxCentral) The average ransomware payment demanded by cybercriminals now tops $5.3 million, a 518% increase from last year, according to a new report from Palo Alto Networks’ Unit 42 consultants that investigated ransomware attacks in the first half of 2021.

Meanwhile, the average ransom paid reached $570,000, an 82% increase over 2020’s average paid of $312,000.
Accenture Breached in Highly-Targeted Ransomware Attack
(Seeking Alpha) Accenture (NYSE:ACN) is the latest target of ransomware hackers who threatened to release stolen data within several hours of the breach.

CNBC reporter Eamon Javers says the hacking group is also offering to sell insider information to interested buyers. A Dark Web post attributed to the hackers says Accenture "is beyond privacy and security" and offers to sell databases.

Accenture (ACN) confirmed the breach to CNBC but says it quickly identified irregular activity in one of its environments and immediately contained and isolated the affected servers.
Member News
NCCoE Announces Technology Collaborators to Demonstrate Zero Trust Architectures
(NCCoE) “Zero trust is a team sport and the NIST NCCoE is taking the initiative to bring together best-of-breed zero trust leaders. We are all committed to collaborating and demonstrating different, practical approaches to implement a zero trust architecture. As we know, no one solution fits every situation. Zscaler is honored to be a part of this coalition working side by side to realize the opportunity for zero trust to strengthen every agency’s cyber defenses.”
Amazon Wins NSA's $10B Secret Cloud Contract
(Potomac Officer's Club) Amazon Web Services recently won the National Security Agency’s $10 billion secret cloud computing contract, an award that is already being legally contested. After learning that the contract was awarded to AWS, tech giant Microsoft filed a protest with the Government Accountability Office on July 21, NextGov reported Tuesday.

The NSA contract, codenamed WindStormy, represents the second multibillion-dollar cloud contract awarded by the U.S. intelligence community in the past year. In November 2020, the CIA awarded its C2E contract to five companies — AWS, Microsoft, Google, Oracle and IBM — that are now competing for task orders under the deal.
If you would like to have your story featured in ADI's Member News, please contact ADI's Policy & Communications Manager, Jaishri Atri.
Questions? Inquiries? Please e-mail: info@hq.alliance4digitalinnovation.org