News in Brief

VA IT problems, successes, a Senate surveillance bill and more

Shutterstock image: open lock.

GAO: VA must do more on IT security weaknesses

The Department of Veterans Affairs has not done enough to resolve information security vulnerabilities on its systems, according to a the Government Accountability Office report released a day ahead of the House Veterans Affairs Committee hearing that will feature testimony from Stephen Warren, head of VA's Office of Information and Technology.

The report concludes that "shortcomings" in security programs, including untimely security patching, means that VA systems are prone to exploitation.

The agency's efforts to remediate security problems, identified in past GAO report and by the agency's inspector general, are lagging. The report also notes that VA does not have a finalized policy for subjecting its widely used web applications to source code scanning to detect vulnerabilities.

The VA agreed with the eight remedial actions proposed by the GAO. opens for enrollment with few problems

The second open enrollment season under the 2010 health care law kicked off Nov. 15, and the website appears to be functioning well under the strain of the flood of visitors.

About 500,000 visitors logged into the site on the first day of open enrollment, with about 100,000 sending in applications for health insurance, according to Health and Human Services Secretary Sylvia Mathews Burwell.

It's going to be a busy season for the site – more than 7 million people are covered by private insurers under the law, and all of these plans will need to be renewed or changed during the open enrollment season.

There is an "auto-renew" feature for users who don't update or renew coverage during the open enrollment period. Officials, however, are encouraging users to try the site’s improved comparison-shopping feature rather than auto-renew, to avoid being taken by surprise by possible premium increases.

Scattered problems with the site were reported, including issues from users who forgot their usernames or passwords, and users receiving unexpected error messages. But the experience was a far cry from the launch in October 2013, when only six users were able to enroll on the first day because of massive problems with the design and infrastructure.

Senate could take up surveillance bill

The Senate is expected to vote Nov. 18 on a procedural motion that would set the stage for debate on a bill that would place new limits on the bulk collection of telephone metadata and other business records for use by intelligence and law enforcement agencies.

The legislation, sponsored by Sen. Patrick Leahy (D-Vt.), would require the FBI to specify targets using identifiers such as a name, phone number or email address. The bill also would change rules on the use of national security letters, requiring more clarity about investigative targets and providing some flexibility for disclosing the receipt of government requests.

A similar measure, by Rep. Jim Sensenbrenner (R-Wis.) has already passed the House.

A letter from the CEOs of leading tech firms -- including Google, Apple and Microsoft -- urged the Senate to pass the bill. Members of the President's Review Group on Intelligence and Communications Technology, which examined surveillance policy in the wake of the Edward Snowden leaks, noted in a letter that the Senate bill is "broadly consistent with the recommendations we made last year in our report on how to safeguard both liberty and security in a rapidly changing world."

A 60-vote threshold must be cleared to open debate. There is a bipartisan coalition for limiting the authority of the government to collect and scan bulk records on Americans, but it's not clear whether this particular bill has 60 votes. It's also unknown if the House would back the Senate measure in time to get a finished bill to President Barack Obama before the end of the current Congress.

There is at least some deadline pressure for Congress, however. The current authorities on records collection as spelled out in the 2001 anti-terrorism law known as the Patriot Act expire June 1, 2015.

Naval Air Systems Command computer contract goes to Northrop Grumman

Defense giant Northrop Grumman will provide the Naval Air Systems Command with computers as part of a program to upgrade the Marine Corps’ H-1 helicopter, the firm announced Nov. 17.

The FlightPro Gen III computer integrates advanced mission, weapons and video processing capabilities into an airborne computer, the firm said. The computers will be part of an avionics system in the helicopters’ cockpits. Northrop Grumman said it provides the flight program software that controls that avionic system.

Deliveries under the contract will be finished by October 2017, the firm said.

About the Author

Connect with the FCW staff on Twitter @FCWnow.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.