The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for cyber

By

GSA wants to modernize how the government buys cybersecurity services

The government’s main contracting agency wants to make it easier for federal and state agencies to quickly acquire a broader array of cybersecurity services, according to contracting documents released this week.

The General Services Administration is interested in updating the list of “highly adaptive cybersecurity services” it offers on its IT Schedule 70, according to the request for information.

GSA schedules are essentially lists of pre-vetted contractors that agencies can buy particular goods and services from without going through their own lengthy vetting processes.

Currently, the highly adaptive cybersecurity services, or HACS, list includes penetration testing, incident response, cyber hunt (essentially hunting for adversaries you fear may already be inside your systems), and risk and vulnerability assessments.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/05/gsa-wants-modernize-how-government-buys-cybersecurity-services/148491/

By

Agency that vets Pentagon contractors’ security isn’t keeping up with the threat, audit finds

The Pentagon agency responsible for vetting contractors that handle classified information isn’t keeping up with the threat, according to an auditor’s report released Monday.

The Defense Security Service, or DSS, is responsible for vetting the security of over 12,000 contractor facilities, but could only accomplish about 60 percent of its workload during the 2016 fiscal year, according to the Government Accountability Office report.

That’s despite DSS’ own statement “that the United States is facing the most significant foreign intelligence threat it has ever encountered,” the report states.

DSS security reviews are broadly similar to the personal security clearances that government employees and contractors undergo and include issues such as a company’s foreign ties and risky past behavior.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/05/agency-vets-pentagon-contractors-security-isnt-keeping-threat-audit-finds/148201/

By

Military seeks faster cyber acquisition turnaround

The U.S. military is employing a mixture of procurement contracts and innovative practices to speed up the acquisition of defensive and offensive cyber technology as the volume and intensity of cyber attacks and threats against government agencies — both civilian and Defense — continues to rise.

Cyberspace is a warfighting domain that is critical to ensuring the military’s capability to operate going forward. The concept of operations for defensive cyber is complex because capabilities are dispersed across the battlespace and must continually adapt to evolving threats. The capabilities must protect data, networks and net-centric operations as well as be interoperable with other IT and software-dependent systems, according to Lt. Col. Scott Helmore, director of the Army Defensive Cyber Operations office (DCO).

Traditional requirements, funding, development, production and fielding of capabilities usually span years. However, technology is advancing so rapidly, and cyber threats are becoming so much more sophisticated, that cyber weapons and tools can become obsolete within months after deployment. As a result, Army DCO is looking to reduce the acquisition process to 30 days.

Keep reading this article at: https://federalnewsradio.com/cyber-exposure/2018/04/military-seeks-faster-cyber-acquisition-turnaround/

 

By

Here’s how the Marines’ cyber warriors are buying new equipment

The service cyber components that feed up to Cyber Command are responsible to man, train and equip their cyber warriors, meaning each service ends up using their own acquisition and service-specific models to do so.

While Cyber Command possesses limited acquisition authority, this capability is nascent meaning the individual services still are charged with equipping their cyber forces based upon minimum operating capabilities operating capabilities Cyber Command’s Capabilities Development Group outlines.

Marine Corps Forces Cyberspace Command does not possess direct acquisition authority and so they have to work through a variety of vectors including other commands within the service to procure both offensive and defensive capabilities.

Keep reading this article at: https://www.fifthdomain.com/dod/marine-corps/2018/02/21/heres-how-the-marines-cyber-warriors-are-procuring-equipment/

By

Pentagon warns CEOs: Protect your data or lose our contracts

The Pentagon is warning defense-industry CEOs to better protect their computer networks or risk losing business.

“The culture we need to get to is that we’re going to defend ourselves and that … we want the bar to be so high that it becomes a condition of doing business,” Deputy Defense Secretary Patrick Shanahan said last week at an industry conference here sponsored by the AFCEA and the U.S.Naval Institute.

Shanahan noted that CEOs would likely be hesitant to “sign a cyber disclosure statement that says everybody you do business with is secure.”

“In areas of safety, protecting your workers, in terms of protecting our data or protecting their information, there should be this standard,” he said after the speech.

Keep reading this article at: http://www.defenseone.com/business/2018/02/pentagon-warns-ceos-protect-your-data-or-lose-our-contracts/145779

A partner organization at Georgia Tech has resources and solutions to help contractors comply with DoD’s cybersecurity requirements.  Find them here: http://gtpac.org/cybersecurity-training-video/ 

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter