The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for cyber

By

DHS building a contract to manage all its cybersecurity operations centers

The single contract will likely have multiple awardees, each capable of managing the entirety of operations at each of the department’s 17 security centers.

The Homeland Security Department is building a contract vehicle of vendors able to manage its 17 unclassified security operations centers—the cybersecurity hubs for the government’s central cybersecurity agency.

The agency issued a request for information Aug. 7th outlining its tentative acquisition strategy and asking for feedback from industry on capabilities and approach to spinning up additional resources in times of crisis, such as during a large-scale cyberattack.

“The Department of Homeland Security has a complex and demanding mission,” the notice on FedBizOpps reads. “To assist in meeting that mission, DHS needs robust and effective information systems. It also needs to protect those systems from cyber threats posed by nation-states and criminal enterprises.”

Keep reading this article at: https://www.nextgov.com/cybersecurity/2019/08/dhs-building-contract-manage-all-its-cybersecurity-operations-centers/159032/

By

Another initiative to enhance cyber workforce launched

A White House order on strengthening cybersecurity nationwide in general includes a provision to create a rotational program to boost those skills in the federal workforce, the latest of many such initiatives.

The order instructs OPM and OMB to establish within three months a “rotational assignment program, which will serve as a mechanism for knowledge transfer and a development program for cybersecurity practitioners,” with provisions for training and mentoring.

Also, within six months OPM and other agencies are to “identify a list of cybersecurity aptitude assessments for agencies to use in identifying current employees with the potential to acquire cybersecurity skills for placement in reskilling programs to perform cybersecurity work.” Agencies are to incorporate those assessments into their personnel development programs.

The Senate recently passed a bill to create a similar rotational program and efforts have been under way for years to better define which federal positions involve cybersecurity skills and where there are shortages. The government meanwhile has increased its use of shortcut hiring procedures and incentive pay and has started a program of retraining employees to take on such roles.

Keep reading article at: https://www.fedweek.com/fedweek/another-initiative-to-enhance-cyber-workforce-launched/

By

Why the Navy is giving agencies, industry a much-needed wake-up call on supply chain risks

On page 6 of the Navy’s recent report about its cyber readiness, there is a jaw-dropping confession: “The systems the U.S. relies upon to mobilize, deploy and sustain forces have been extensively targeted by potential adversaries, and compromised to such extent that their reliability is questionable.”

Bill Evanina, director of the National Counterintelligence and Security Center in the Office of the Director of National Intelligence, wants that single sentence in the 80-page report to sink in for a second.

“The Navy’s report on their resilience and reliability is that watershed moment not only for the Department of Defense but for all agencies in the federal government, and I would even proffer in the private sector, to have an honest, internal look at their systems, their data, their capabilities and their protection mechanisms and where they have vulnerabilities and how the threats are manifested in their organizations,” Evanina said after speaking at the Intelligence and National Security Alliance (INSA) event on supply chain management in Arlington, Virginia, on April 1. “I think all agencies should take a hard look and say, ‘What can we do that is similar to this to look at our own processes and protection models?’”

The Navy report serves as a call to arms around the challenges every agency faces from systems under attack to attempts to steal information from its industrial base.

“The DON’s dependency upon the defense industrial base (DIB) presents another large and lucrative source of exploitation for those looking to diminish U.S. military advantage. Key DIB companies, primes, and their suppliers, have been breached and their IP stolen and exploited,” the report states. “These critical supply chains have been compromised in ways and to an extent yet to be fully understood.”

Keep reading article at: https://federalnewsnetwork.com/acquisition/2019/04/navy-giving-agencies-industry-much-needed-wake-up-call-on-supply-chain-risks/

By

Air Force Academy’s CyberWorx wants partners to help with outreach, tech transfer

The Air Force Academy’s cyber research and innovation arm is looking for a private-sector partner to help invigorate its outreach and technology transfer efforts.

The academy’s CyberWorx released a request for information Thursday seeking a partner that can boost the center’s efforts to engage industry—particularly small businesses—and academia in development of innovative cyber tools and improve the technology transfer process between the academy and private sector, in both directions.

CyberWorx was stood up in late 2016 to act as “a public-private design center focused on cyber capability that melds AF, academic and industry expertise with state of the art technology and innovative thinking to solve wicked operational problems,” according to the academy.

Keep reading this article at: https://www.nextgov.com/emerging-tech/2019/01/air-force-academys-cyberworx-wants-partners-help-outreach-tech-transfer/154257/

By

Contractors face new data breach disclosure and investigation requirements

The government’s lead contracting agency plans to formalize how and when contractors are required to disclose data breaches and to mandate better government visibility into how serious those breaches are.

The proposed rule will mandate that the General Services Administration (GSA) and the agency that’s being served by the contract have access to breached contractor systems, according to a regulatory roadmap set to be published in the Nov. 16th edition of the Federal Register.

Contractors will also be required to preserve images of the affected systems for the government to review, the roadmap states.

The proposed rule is scheduled to be published in February with a comment period that closes in April.

Contractors have frequently been a weak point for federal cybersecurity efforts.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/11/government-contractors-face-new-data-breach-disclosure-and-investigation-requirements/152864/

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter