Procurement is key to security, IT execs say

Procurement officers have the power to significantly improve the security of government IT systems by including software reliability and security requirements in the contracts they award to vendors—and strengthen the country’s cyberinfrastructure in the process.

That key message was hammered home repeatedly at a two-day forum earlier this month hosted jointly by the Defense and Homeland Security departments.

“We have to shift the paradigm from patch management to software assurance,” said Andy Purdy, acting director of DHS’ National Cyber Security Division.

Vendors will not invest in improving the quality of their software of their own volition, said Priscilla Guthrie, deputy CIO and deputy assistant secretary of Defense for networks and information integration. “We’ve got to use acquisition organizations to put together a software assurance policy,” Guthrie said. “We have to get acquisition organizations to work with us to make sure [it’s] part of the way we buy.”

Dan Wolf, information assurance director of the National Security Agency, said improving the quality of software is a matter of national security.

“Our adversaries have made a big point of how information operations are a preferred weapon,” Wolf said, warning that the country’s enemies are focusing on finding ways to infiltrate and take over critical systems.

Alan Paller, director of research at the SANS Institute of Bethesda, Md., added that procurement officers need to include different language regarding software performance, security and reliability in contracts, as the best way to get vendors to take action.

Integrators, Paller said, are of the opinion that, “If it’s in the [Federal Acquisition Regulations] we can ignore it, but if it’s in the contract we do it.”

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected