NDAA Heads to Floor and Kaspersky Heads to Washington

Congress got cracking this week, with the House passing eight of the 12 appropriations bills needed to fund the government and the Senate’s final vote on the defense authorization bill expected Monday.

The National Defense Authorization Act, which funds the Defense Department and military services, has more than 100 amendments attached—including plenty of federal tech and cyber changes. Here are some of the big ones:

• A ban on Kaspersky Lab products on Defense Department systems, codifying parts of the recent Homeland Security order from this week.
• The Modernizing Government Technology Act, aka MGT Act, with its working capital funds and the $250 million Technology Modernization Fund
• The OPEN Government Data Act, which would make government data machine-readable by default.
• Language that splits the Defense Department’s chief information officer’s duties into two jobs: a chief management officer and a new the chief information warfare officer.

One that didn’t make it: an effort to roll back sequestration.

“While I had hoped to debate and vote on a number of other amendments from Senators of both parties, especially the proposal to end sequestration, I am proud that we continued the strong tradition of moving the NDAA through the Senate in a bipartisan fashion and look forward to its final passage on Monday,” Senate Armed Services Chairman John McCain, R-Ariz., said in statement.

He also said he hopes to have other amendments packaged added before Monday’s final vote.

The Equifax Scramble

Lawmakers raced this week to respond to the Equifax breach, which compromised personal information including social security numbers of more than 40 percent of the U.S. population. Sen. Ron Wyden, D-Ore., introduced legislation Thursday that would allow Americans to freeze and unfreeze their credit information for free after a credit agency suffers a data breach. Rep. Jim Himes, D-Conn., introduced a similar bill in the House.

Sens. Edward Markey, D-Mass, Richard Blumenthal, D-Conn., Sheldon Whitehouse, D-R.I., and Al Franken, D-Minn., introduced a bill that would require Equifax and other data brokers to develop comprehensive data security programs.

Meanwhile, the chairs of the House Science and Oversight committees wrote to Equifax CEO Richard Smith seeking information about the breach and about cyber safeguards the organization had in place including whether it was following the Commerce Department’s cybersecurity framework.

Mr. Kaspersky Goes to Washington

In the wake of a Homeland Security Department directive ordering federal agencies to remove Kaspersky anti-virus from all of their systems, the embattled Russian company’s founder Eugene Kaspersky promised to come testify before the House Science Committee later this month—if he can get an expedited visa, Reuters reported.

The Science Committee announced a probe of Kaspersky’s alleged ties to the Kremlin in July. The company has steadfastly maintained it does not have improper relations with any government. The Homeland Security directive relies on a misinterpretation of a Russian law, the company said.

What House Oversight Cleared

The House Oversight committee advanced three bills of note Wednesday: The Promoting Value Based Procurement Act, a bill limiting civilian agencies’ use of lowest price, technically acceptable contracts to buy IT; the Social Media Use in Clearance Investigations Act, which directs the Office of Management and Budget to test how to evaluate applicants’ social media use during background checks; and the Connected Government Act, which would mandate mobile-friendly federal websites.

CX Bill Gets Senate Date

A bill aimed at the government’s poor customer service record was placed on the Senate calendar. The Federal Agency Customer Experience Act, introduced by Sens. James Lankford, R-Okla., and Claire McCaskill, D-Mo., aims to simplify the process agencies go through to gather public feedback about their customer service.

House Bill Pushes Paper Trail for Votes

Reps. Mark Meadows, R-N.C., and Jim Langevin, D-R.I., introduced a bill Tuesday that would require a paper record for all votes cast on machines purchased with federal funds. The bill would also direct the Election Assistance Commission to develop standard cybersecurity and auditing best practices for state and local election officials. The bill’s a companion to a Senate effort led by Sens. Amy Klobuchar, D-Minn., and Lindsey Graham, R-S.C.

Senate Bill Asks for Pentagon Report on Grid Security

Also Tuesday, Sens. Elizabeth Warren, D-Mass., and Thom Tillis, R-N.C., introduced a bill that directs the Pentagon to study cyber threats to the U.S. electric grid and whether the military should be further isolated from the public grid.  

Joseph Marks and Heather Kuldell contributed to this report.