Saturday, January 23, 2021

Subscribers Only

Free

GAO Reports on DoD Software Acquisitions

GAO reported in June 2020 that, of the 15 major Department of Defense IT programs selected for review, 11 had decreased their December 2019 cost estimates by 0.03–33.8 percent. In contrast, the remaining four programs experienced increases in their cost estimates, two of them by more than 20 percent. Ten of the 15 programs had […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Ending Dual Hat NSA, Cyber Command Leadership Would Violate 2017 NDAA, Lawmakers Say

Pentagon leaders have issued a proposal to split the leadership of the National Security Agency and U.S. Cyber Command, both of which are currently headed by General Paul Nakasone, in a long-standing “dual hat” arrangement. The change must be approved by Acting Defense Secretary Chris Miller and Joint Chiefs Chairman General Mark Milley. Miller supports the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD Predicts “A Lot of Digging” Needed to Root Out Potential Cyber Intruders

The defense and intelligence communities are tracking down whether the hackers behind the SolarWinds Orion compromise infiltrated their systems and, if so, how deeply. Officials expect an extended search for intrusions and damage, in part because the Department of Homeland Security has warned that hackers have used multiple means to access government networks, either separately […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD Has Advantage of Mitigating SolarWinds Breach, Former Officials Say

Former Department of Defense officials say DoD is better positioned to identify and mitigate any damage done to its networks by the compromise of the SolarWinds Orion product. While public records list SolarWinds as a defense contractors and security researchers note that they have used Orion on DoD networks, the department has denied that its […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Zero Trust Guide Coming to DoD in 2021

The Defense Information Systems Agency plans to release a zero-trust reference guide next year, providing a transition blueprint for defense agencies and IT shops. A zero-trust model treats every user with the same heightened level of security, in contrast to the perimeter defenses still commonly used in less security conscious organizations. The reference guide is […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Reported Russian Hack of US Systems Has Implications for DoD Network Security Plans

The cyber breach through SolarWinds – software used by the military – highlights the risks the Department of Defense takes when it increasingly must rely on third-party vendors for digital services. DoD has declined to comment on whether its systems are among those across several government agencies compromised by hackers affiliated with Russia’s foreign intelligence […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Defense Acquisitions: DOD’s Cybersecurity Maturity Model Certification Framework

In a new report, the Congressional Research Service examines the Department of Defense’s Cybersecurity Maturity Model Certification framework, offering an overview and analysis of issues for Congress associated with the CMMC framework, and discussing congressional considerations related to DoD’s efforts to mitigate cybersecurity risks and vulnerabilities within the defense industrial base in the performance of its […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NSA Warns Defense Contractors of Potential SolarWinds Fallout

In a recent alert to the defense industrial base, the National Security Agency warned that he SolarWinds Orion compromise could exacerbate the threat of a separate and ongoing Russian state-sponsored hacking campaign targeting defense contractors. While not identifying Russian hackers as the source of the SolarWinds breach, NSA suggested that state-sponsored actors could leverage the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Pentagon Reveals First Contracts to Serve as Pathfinders for CMMC

The Defense Department has disclosed the first seven contracts that are likely candidates to be the initial test cases for the Cybersecurity Maturity Model Certification program. Each of the contracts is scheduled to be awarded in 2021. DoD has previously said to expect a total of 15 pathfinder contracts next year, and says now that […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Navy CISO Gets Another Key Cyber Role

Christopher Cleary, the Department of the Navy’s first CISO, is now the Navy’s first Principal Cyber Adviser; he will continue as CISO until a replacement is appointed. The new position – mandated by the 2020 NDAA – gives him more authority and responsibility over improving the Navy’s cyber posture and for working across the Department […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.