The BDO GovCon Week Ahead - January 2022

January 31, 2022

The Scope of Last Year’s Cyber EO is Expanding: Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” was established in May of 2021, which called for the government to improve its efforts to identify, deter, protect against, detect and respond to cyberattacks. EO key points included: encouraging information sharing between the government and the private sector; establishing a cyber safety review board; creating a standardized playbook for responding to cyber incidents; and improving the software supply chain by establishing baseline security standards for software sold to the government. The EO language largely applied to civilian agencies with the Department of Homeland Security, the Office of Management and Budget (OMB) and the National Institute of Standards and Technology being asked to take the lead in implementing these changes and delivering various reports. However, the EO stopped short of requiring other government agencies adhere to the cyber requirements.
 
On Jan. 19, the EO requirements and applicability expanded with the execution of a new national security memorandum. This memorandum requires that all National Security Systems (NSS) as well as all other Department of Defense and Intelligence Community Systems be compliant with the original EO and comply with new requirements established within the memorandum itself. Some of the latest requirements include asking all agencies that own or operate an NSS to update their plans to develop and adopt a zero trust architecture within 60 days, to implement multifactor authentication and encryption for NSS data access or transfer within 180 days, and to require identification of any instances of encryption not in compliance with the latest cyber requirements within 180 days. It also establishes a new level of power for the National Security Agency (NSA) in the cybersecurity arena, solidifying the agency as an authority over other government agencies. It not only gives the NSA a number of actions to complete within specific time frames from the memorandum’s release date but also requires that government agencies comply with NSA-approved cryptographic protocols, quantum resistant algorithms and other mission unique protocols as written by the NSA.
 
We have consistently seen the applicability of cybersecurity requirements creep at the government agency level, but we have yet to see very many of these bleed into the private sector, despite avid support from various members of Congress. It will remain important to stay up to date on these developments for the day they inevitably start applying to critical infrastructure owners within private industry.

For more information, please visit the link.

Will the Recent Supreme Court Ruling Impact Federal Employee Challenges to Biden’s Vaccine Mandate? A recent Supreme Court decision held that issues of public health fell outside the domain of the Occupational Safety and Health Administration (OSHA) and that COVID-19 was not considered an occupational hazard. In the 6-3 decision, the court struck down the private sector vaccine mandate that would have mandated businesses employing over 100 people to require employees be vaccinated for COVID-19 or have regular tests. However, this court decision does not directly impact the vaccine mandate for federal employees, federal contractors, and healthcare workers at facilities receiving federal funding.
 
That being said, Mr. James Hodge, law professor and director of the Center for Public Health Law and Policy at Arizona State University, believes the OSHA case ruling will have a significant impact on the federal contractor vaccine mandate. Federal agencies tend to set the conditions to which contractors can receive funds, but the court may find that Congress has not authorized these agencies to utilize vaccination requirement clauses within its contracts.
 
Currently, several groups have pending court cases against the vaccine and testing mandates of federal and healthcare workers, and their arguments will likely focus on applying the OSHA-specific Supreme Court finding that the risk of COVID-19 was now part of daily life, and prior precedent showing that neither OSHA nor the president have issued similar mandates in the past. Stay tuned to GovCon Week Ahead for further developments on vaccine mandates and how they may impact you and your employees.

For more information, please visit this link.

DOE Launches “Building a Better Grid Initiative”: On Jan. 12, the Department of Energy (DOE) launched a new program focused on U.S. electrical grid investments in support of a more sustainable energy economy. The Building a Better Grid initiative stems from the Biden Administration’s plans to transition to clean electricity by 2035. “The foundation of our climate and clean energy goals is a safe, reliable, and resilient electric grid that is planned hand in hand with community partners and industry stakeholders,” said Energy Secretary Jennifer Granholm. “DOE’s new Building a Better Grid initiative is a job booster spurred by the Bipartisan Infrastructure Law and collaboration with communities to upgrade the nation’s grid, connect more Americans to clean electricity and broadband, and reliably move clean energy to where it’s needed most.”
 
The nation’s current electrical grid systems are outdated and have not been updated to combat the changing weather patterns experienced in recent years, which makes the systems highly susceptible to emerging cyber threats and extreme weather phenomenon, such as the 2021 Texas freeze and Dixie wildfire. To mitigate these threats, the DOE invest over $20 billion in federal funding to expand the nation’s electrical grid and modernize its transmission capabilities through public and private partnerships as well as strategic research and development.
 
DOE released a notice of intent summarizing the program and providing details of the cost-benefit analysis of investing in a more sustainable electrical grid. “The most cost-effective renewable resources are often located in remote geographic areas far from the areas with the biggest demand,” the notice reads. “Therefore, accelerating the shift toward a clean power sector requires investment in critical enabling infrastructure such as transmission to increase access to these renewable energy sources.”
 
Contractors should keep an eye out for opportunities related to the program and can follow updates to the initiative in future GovCon Week Ahead articles.

For more information, please visit this link and this link.