Acquisition

GSA, DOD team up to bolster cyber protections

Placeholder Image for Article Template

Even though President Barack Obama did not mention wholesale federal acquisition reform in his State of the Union address as some had hoped, the day after yielded a joint six-point plan from the Defense Department and the General Services Administration to update the system's cybersecurity protections.

In the days before Obama's Jan. 28 speech, White House advisers met with officials from associations that represent the acquisition community to talk about possible reform efforts in the wake of HealthCare.gov's high-profile technical and management problems. The website's flawed launch in October has shone a light on acquisition management problems and fueled hopes for wider reform of federal policy.

In his address, however, the closest Obama came to federal contracting rules was the mention of an executive order that would stipulate that new contractors pay their federally funded employees $10.10 an hour.

The day after the speech, GSA Administrator Dan Tangherlini and Defense Secretary Chuck Hagel unveiled details of a plan put in motion a year ago that would require contractors to incorporate baseline cybersecurity protections. The plan is not directly related to HealthCare.gov's complications, but it is one of the efforts specified in the earlier presidential executive order on critical infrastructure cybersecurity.

In the GSA/DOD report, publicly released on Jan. 29, officials outlined six recommendations for aligning the federal processes for managing cybersecurity risk and acquisition:

  • Instituting baseline cybersecurity requirements as a condition of contract awards.
  • Including cybersecurity in acquisition training.
  • Developing common cybersecurity definitions for federal acquisitions.
  • Instituting a federal strategy for cybersecurity risk management in acquisition.
  • Including a requirement to buy from original equipment manufacturers, their authorized resellers or other trusted sources.
  • Increasing government accountability for cybersecurity risk management.

In a joint statement, GSA and DOD officials said the report was created by a group of subject-matter experts from across the federal government and with a "high level of engagement from public and private stakeholders."

They added that the report provides realistic recommendations that could be integrated with ongoing supply-chain cybersecurity projects such as threat assessment and anti-counterfeiting efforts.

"The ultimate goal of the recommendations is to strengthen the federal government's cybersecurity by improving management of the people, processes and technology affected by the federal acquisition system," Tangherlini said. "GSA and the Department of Defense will continue to engage stakeholders to develop a repeatable process to address cyber risks in the development, acquisition, sustainment and disposal life cycles for all federal procurements."

Officials said a request for public comment on the draft implementation plan will be published in the Federal Register in February.

Although Larry Allen, president of Allen Federal Business Partners, called the recommendations "a step in the right direction," he said they could run afoul of one of GSA's other objectives. "This may mean GSA might not be able to buy rock-bottom-priced items anymore," he said.

Left speechless

The absence of any mention of acquisition reform in the State of the Union address did not faze the contracting community, despite hopes that the president might address the topic in that high-profile venue.

"We heard some rumblings early on about a week before the speech [that] there might be a mention of reform," said Mike Hettinger, TechAmerica's senior vice president for the public sector. But he added that U.S. CIO Steven VanRoekel said during an industry meeting on Jan. 24 that acquisition reform would not make it into the speech.

That doesn't mean nothing will happen, however.

"We're still more likely to see some kind of IT acquisition reform now than any other time since the 1990s," Allen said. "For sure in a year to 18 months, there will be new rules for the IT market."

But Hettinger said one aspect of the speech was something of a disappointment.

"What did surprise me about the speech was not to hear about how technology has become an enabler for government," Hettinger said, adding that Obama missed an opportunity to showcase how the federal government's growing IT capabilities have a direct effect on larger policy issues such as immigration, trade and the budget.

About the Author

Mark Rockwell is a staff writer at FCW.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group