The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for cybersecurity

By

Defense Digital Service awards ‘Civilian Hiring as a Service’ contract

The Defense Digital Service Tuesday awarded a contract worth up to $7 million to five companies to participate in a pilot program designed to revamp the way the Pentagon recruits top technical talent.

The Civilian Hiring as a Service Pilot, or CHaaS, was borne out of a necessity for the Pentagon to attract cutting-edge talent in cybersecurity, user experience design, product management and computer science to compete with foreign adversaries.

Today’s federal hiring system—anchored by the USAJobs.gov portal—is too passive and “isn’t meeting the growing need for talented technical people,” according to a statement from DDS. Tech recruiting problems are exacerbated by lengthy hiring times—the Office of Personnel Management lists the average hiring time at 105 days—lower public sector pay rates for techies and an aging federal tech workforce.

“The government doesn’t utilize common private sector practices, and government hiring often creates hurdles, poor candidate experience, and lengthy timelines which can deter talented technical people,” DDS officials said in a statement. “Now we are working to help the DOD rethink how it approaches cyber hiring and pilot a new way to recruit tech talent and fill critical positions. If we are going to bring in the best talent, it must become far easier for these people to join.”

Keep reading article at: https://www.nextgov.com/cio-briefing/2019/05/defense-digital-service-awards-civilian-hiring-service-contract/157206/

By

Will alternative acquisition methods become the norm?

Recent research from the Center for Strategic and International Studies (CSIS) raises some important questions about the direction and focus of Defense Department research and development funding.

According to Andrew Hunter, head of CSIS’s Defense Industrial Initiatives Group, recent data documents a nearly 50 percent drop in spending on systems design and development (SDD) — a critical part of the R&D continuum — amounting to billions of dollars in reductions over the last four or five years. Over the same time, CSIS’s research shows an almost dollar-for-dollar increase in spending on alternative acquisition methods, especially Other Transactions Authority (OTA) contracts and, to a lesser extent, so-called “mid-tier” acquisitions. Hence, the question raised by CSIS: Are we short-circuiting long-term research and development in favor of more immediate opportunities for capability advancement?

The question is an important one and has real ramifications for the nation’s long-term battlefield dominance. And while the data itself certainly does not prove a correlation or the existence of a problem, it offers a good jumping off point for a more intensive examination. It also offers an important opportunity to assess traditional views of systems development against the intersection of commercial technology development as they relate to future war-fighting capabilities.

At its core, the question is really a contemporary version of that which drove many of the acquisition reforms of the 1990s. Those reforms were, in part, an effort to address the fact that while the research and development landscape had fundamentally shifted, the government’s approach to R&D and the marketplace had not. By the mid-1970s, private sector investments in research and development had, for the first time ever, surpassed the government’s; and the gap between the two had consistently widened. Studies also showed that just the 75 largest technology companies were spending more annually on R&D than the entire defense department; and about 75 percent of them would not do business with the government, especially in R&D.

Keep reading article at: https://www.federaltimes.com/opinions/2019/05/22/will-alternative-acquisition-methods-become-the-norm

By

People are key to securing the defense-industrial supply chain

Infiltrating the defense supply chain is one of the most insidious means by which attackers can compromise our nation’s communications and weapons systems. Successfully targeting a single component of the defense industrial base can cause a ripple effect that can significantly impact everything from data centers to war fighters in theater.

The Department of Defense’s new “Deliver Uncompromised” security initiative is designed to tackle this problem at its root cause: third-party suppliers. In essence, the DoD is requiring its suppliers to bake security into their applications from the beginning of the production process. A “good enough” approach that just clears the bar for minimal security criteria is no longer good enough. Security must be ingrained in the very fabric of the entire production process.

Security starts with people

The process starts with people. They are responsible for ensuring that the solutions that comprise the supply chain work as designed and are inherently secure. They work closely with highly sensitive and proprietary information that is attractive to enterprising hackers. They are the first line of defense.

Unfortunately, those same factors make people the most attractive attack vector. When a malicious actor wants to gain access to a component or system, it’s often easier to just steal someone’s credentials than it is to try and find their way around a firewall. Obtaining a simple password is often enough to gain access to a critical system that can then be compromised, or information that can be exploited.

Keep reading article at: https://www.fifthdomain.com/opinion/2019/05/13/people-are-key-to-securing-the-defense-industrial-supply-chain/

By

Another initiative to enhance cyber workforce launched

A White House order on strengthening cybersecurity nationwide in general includes a provision to create a rotational program to boost those skills in the federal workforce, the latest of many such initiatives.

The order instructs OPM and OMB to establish within three months a “rotational assignment program, which will serve as a mechanism for knowledge transfer and a development program for cybersecurity practitioners,” with provisions for training and mentoring.

Also, within six months OPM and other agencies are to “identify a list of cybersecurity aptitude assessments for agencies to use in identifying current employees with the potential to acquire cybersecurity skills for placement in reskilling programs to perform cybersecurity work.” Agencies are to incorporate those assessments into their personnel development programs.

The Senate recently passed a bill to create a similar rotational program and efforts have been under way for years to better define which federal positions involve cybersecurity skills and where there are shortages. The government meanwhile has increased its use of shortcut hiring procedures and incentive pay and has started a program of retraining employees to take on such roles.

Keep reading article at: https://www.fedweek.com/fedweek/another-initiative-to-enhance-cyber-workforce-launched/

By

What OMB’s new ‘shared services’ policy will mean for modernization

The Trump administration wants to make a concerted effort toward establishing a sustainable shared services ecosystem to lower costs and ensure best practices and modern infrastructure pervade government—something past administrations have tried before.

Later today, Office of Management and Budget acting Director Russell Vought will be issuing a memo, “Centralized Mission Support Capabilities for the Federal Government,” which replaces all previous shared services policies. The new policy creates a system for assessing which agency functions—such as payroll or cybersecurity—have consistent standards across government and which specific departments would be best positioned to act as leaders in those areas.

The memo also includes a mandate for the rest of government to follow those agencies and puts a hiatus on new projects once functional areas are identified.

“In the past, agencies took steps to consolidate common mission-support functions internally, and in some cases, to leverage common technology or services offered by other agencies,” Vought wrote in the memo obtained by Nextgov. “The government endeavors to utilize lessons from previous successes and failures to provide a new, enhanced strategic blueprint for sharing quality services within the federal enterprise.”

Keep reading article at: https://www.nextgov.com/policy/2019/04/exclusive-what-ombs-new-shared-services-policy-will-mean-modernization/156562/

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter