ENFORCEMENT
eop_ipec_jointstrategicplan_hi-res
eop_ipec_jointstrategicplan_hi-res
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Joint Strategic Plan on Intellectual Property Enforcement<br />
57<br />
An example of a related policy is the OMB memorandum of<br />
November 18, 2013, on “Enhancing the Security of Federal<br />
Information and Information Systems” (OMB Memorandum<br />
M-14-03), accessed from https://www.whitehouse.gov/<br />
sites/default/files/omb/memoranda/2014/m-14-03.pdf. This<br />
initiative included the establishment by the General Services<br />
Administration and the Department of Homeland Security<br />
of “a government-wide Blanket Purchase Agreement (BPA)<br />
under Multiple Award Schedule 70, which Federal, State, local<br />
and tribal governments can leverage to deploy a basic set of<br />
capabilities to support continuous monitoring of security controls<br />
in Federal information systems and environments of operation”<br />
(p. 2). In addition to enhancing the Federal Government’s ability<br />
to identify and respond to the risk of emerging cyber threats,<br />
continuous monitoring also enables agencies to collect better<br />
and more timely information about what types of software are<br />
being used by agency staff (and by how many agency staff). Such<br />
information is critical to informing the agency about its software<br />
needs and to identifying any uses by agency staff of software that<br />
is in excess of the applicable license or for which the agency has<br />
not obtained the necessary license.<br />
58<br />
An example of a related statute is Section 406 of the<br />
Cybersecurity Security Act of 2015, which directs the Inspectors<br />
General to collect information and submit a report to Congress<br />
regarding the computer security of specified types of Federal<br />
computer systems. In the report, the Inspector General shall<br />
include a description of the “policies and procedures followed<br />
[by the agency] to conduct inventories of the software present<br />
on the covered systems of the covered agency and the licenses<br />
associated with such software” (subsection (b)(2)(D)(4)). The<br />
Computer Security Act of 2015 is found at Division N of Pub.<br />
L. No. 114-113 (2015), and Section 406 (“Federal Computer<br />
Security”) is at 129 Stat. 2984-2985.<br />
59<br />
Several of these research categories have been identified,<br />
and promoted, by the World Economic Forum. See World<br />
Economic Forum, “State of the Illicit Economy: Briefing Papers”<br />
(October 2015), accessed from http://www3.weforum.org/docs/<br />
WEF_State_of_the_Illicit_Economy_2015_2.pdf.<br />
SECTION 4<br />
152