FCW Insider

Blog archive

Quick Hits

*** Rep. Will Hurd (R-Texas), formerly chairman of the now-defunct IT Subcommittee of the House Oversight and Reform Committee, is moving over to the House Appropriations Committee. Hurd, now in the minority party, is joining the subcommittees on Military Construction and Veterans Affairs and on Transportation, Housing and Urban Development.

*** Former House legislative assistant Matt Pincus is joining the National Association of State Chief Information Officers. Pincus, most recently the deputy legislative director at the National Guard Association of the United States, will assume the role of NASCIO’s director of government affairs, working on both federal and state policy. NASCIO announced the hire Jan. 30.

*** The Pentagon may outsource supply chain cybersecurity measures by allowing companies to verify defense subcontractors' adherence to a standard framework.

During a Jan. 29 Senate Armed Services Cybersecurity Subcommittee hearing on Department of Defense policies and threats, DOD CIO Dana Deasy said contractors were "an extension of what we do" and must be treated as a part of the department’s own networks.

To help with that, DOD is considering a model in which a company certified by the organization would check a sub-contractors' security posture against the National Institute of Standards and Technology cybersecurity standards.

"A lot of the problems that have occurred," Deasy said, "it does come back many times to basic hygiene."

The goal is to better to enforce compliance and move away from a self-certification process to one where DOD's under secretary for defense acquisition and sustainment would evaluate and validate the self-assessments, then assign confidence scores.

One early-stage idea involves "identifying and possibly even certifying companies that can play the role, that can follow the NIST standard, and actually go in and look at a second- or third-tier supplier," Deasy said.

There's discussion on the right approach to combing through the entire defense industrial base's cybersecurity posture, Deasy said, adding that artificial intelligence will likely be able to play a future role in protecting the supply chain.

"Looking at how do you take your entire supply base, the NIST standards, the hygiene problems we see, can you apply AI to this problem to start to identify where you may most likely are going to experience problems in the supply chain?" he asked. "This is a good case where we can apply machine learning in looking at this problem."

Posted on Jan 31, 2019 at 1:06 AM


Featured

  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.