SBA Waives Loan Fees for Small Manufacturers in Fiscal Year 2026
September 21, 2025
Montgomery County Executive Marc Elrich to Hold the Next ‘Community Conversation’ to Seek Input on the Fiscal Year 2027 Operating Budget at The Beacon 50+ Expo in Silver Spring on Sunday, Sept. 28
September 21, 2025
WHAT HAPPENED
The Defense Department has tightened cybersecurity requirements for tech companies that sell cloud computing services to the Pentagon.
The updates, issued this month, ban IT vendors from using China-based personnel to work on department computer systems and require companies to maintain a digital paper trail of maintenance performed by their foreign engineers.
BACKGROUND
The changes follow a ProPublica investigation that exposed how Microsoft used China-based engineers to maintain government computer systems for nearly a decade — a practice that left some of the country’s most sensitive data vulnerable to hacking from its leading cyber adversary.
U.S.-based supervisors, known as “digital escorts,” were supposed to serve as a check on these foreign employees, but we found they often lacked the expertise needed to effectively supervise engineers with far more advanced technical skills.
WHAT THEY SAID
The Defense Department now says in its “Security Requirements Guide” that only “personnel from non-adversarial countries” may work on its cloud systems and that the escorts supervising those foreign workers “must be technically qualified in the code/system or technology they are providing access to.”
In addition, cloud providers must maintain detailed audit logs, a digital trail of actions in computer systems. The logs “must include identification of the escort and escorted,” including country of origin, as well as details of commands executed and settings changed.
Click here for full story from the Government Executive and ProPublica
