$700 billion National Defense Authorization Act (NDAA) Includes Cybersecurity Funding…Rejects Kaspersky

While there is no evidence that Eugene Kasperky’s antivirus products have backdoors or covert eavesdropping technology, in the final version for the defense bill is a provision that bars the Department of Defense from using security software products from Russian-based Kaspersky Labs.

Kaspersky responded in a statement that the company “is disappointed with the decision” and “doesn’t have inappropriate ties with any government.”  Kaspersky has vehemently denied all allegations of collusion with the Kremlin saying that such collusion would put the company out of business.

Under the directive, agencies would have 30 days to identify all instances of Kaspersky on their systems and 60 days to create plans to remove Kaspersky from those systems. After 90 days, agencies would be required to start implementing those plans unless directed otherwise by the US Department of Homeland Security.

The good news for future college students and cyber warriors is that the House Armed Services Committee wants to allocate more money for cyber scholarships and the NATO Cooperative Cyber Center of Excellence in the NDAA 2018.

Also related to acquisition, the proposed legislation would give the DOD CIO responsibility for “policy, oversight, guidance, and coordination for supply chain risk management activities,” related to DOD IT.

The committee states that it has serious concerns about DOD’s ability to manage an increasingly globalized IT supply chain and it therefore calls for greater use of automated intelligence feeds, including from commercial intelligence providers, as a means of analyzing supply chain risk.

The bill also establishes a five-year ”Cyber Workforce Development Pilot Program” that will assess the effectiveness of implementing a full-scale cyber talent management program. The pilot will be administered by the DOD CIO in coordination with the principal cyber advisor, and will assess cyber talent shortfalls, changes to skills needed in the workforce and incentives to recruit and retain cyber personnel.

The full text of the bill can be found here: https://www.congress.gov/bill/115th-congress/house-bill/2810/text

Gary S. Miliefsky
Executive Producer
Cyber Defense Magazine

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase