One of government’s leading cybersecurity experts weighs in on SolarWinds breach

To listen to the Federal Newscast on your phone or mobile device, subscribe in PodcastOne or Apple Podcasts. The best listening experience on desktop can be found using Chrome, Firefox or Safari.

  • One of the government’s leading cybersecurity authorities has advice for officials knocked off their feet by the recent governmentwide cyber attacks. National Institute of Standards and Technology Fellow Ron Ross said the government keeps using a tactical approach to defending its networks, constantly looking for threats and hoping to fend them off. Ross renews his call for an engineering approach, designing systems to be inherently secure. He chided two recent blue ribbon commissions on cyber, including the Cybersecurity Solarium chartered by Congress, for failing to even mention security engineering. Ross’ group at NIST even published a detailed guide to systems security engineering.
  • Congress passed a day-long continuing resolution last night to keep government open. The extra day gives lawmakers time to put the finishing details on a $1.4 trillion omnibus spending bill and a $900 billion COVID relief package. Both the House and Senate are expected to pass the omnibus and COVID relief package today. They’ll send it to the president for his signature before leaving Washington for the holidays. (Federal News Network)
  • Rep. Don Beyer (D-Va.) wants agency leaders to make their schedules known to the public. He’s introduced the Transparent Leadership Act. It would require executive branch leaders to publish their schedules and speeches. Beyer said he crafted the bill in response to calendar scandals involving former Interior Secretary Ryan Zinke, former Environmental Protection Agency Administrator Scott Pruitt and current Postmaster General Louis DeJoy.
  • House and Senate Democrats want help identifying examples of burrowing. Agencies convert political appointees to positions in the career civil service every year. The practice is known as “burrowing in.” But a group of House and Senate Democrats said they’re especially concerned this year. And they’re asking the Government Accountability Office to help them identify all political appointee conversions over the past four years. Senate Homeland Security and Governmental Affairs Ranking Member Gary Peters (D-Mich.) and House Oversight and Reform Chairman Carolyn Maloney (D-N.Y.) are leading the effort. (Federal News Network)
  • House and Senate lawmakers are putting the Defense Department on notice not to break up joint leadership structure of the the National Security Agency and U.S. Cyber Command. Congressman Adam Smith (D-Calif.), the chairman of the Armed Services Committee, and members of the Cyberspace Solarium Commission warn Pentagon officials that ending the “dual-hat” arrangement that makes the commander of Cyber Command also the director of the NSA is a bad idea. Smith said Congress took a clear position to keep the dual-hatted relationship in the 2017 National Defense Authorization Act.
  • The Defense Department and Microsoft are asking a judge to dismiss a key portion of Amazon’s lawsuit over the multibillion dollar JEDI Cloud contract. The defendants are challenging Amazon’s claims that President Donald Trump exerted improper political influence over the contract. They say those allegations are barred by prior court precedents, which generally require bid protestors to raise problems with a procurement as soon as they know about them, rather than waiting until after they’ve lost the contract. Amazon contends it didn’t learn the extent to which bias affected the process until after DoD debriefed the company on its award decision. (Federal News Network)
  • A Defense Department board focused on race and diversity comes up with 15 recommendations to improve inclusion in the military. The panel suggests updating recruiting content to represent all service members, increase ROTC enrollment from minority-serving institutions and establishing a diversity center of excellence. The panel also wants DoD to better its human resources data systems and analysis and increase transparency on promotions.
  • It seems like everyone has a podcast these days. Now the Air Force has one too. The organization in charge of training airmen is trying a new tactic in education. The Air Education and Training Command is launching a professional development podcast to help airmen gain a better understanding of their skills. The podcast, called “The Air Force Starts Here,” focuses on developing self, developing others, developing ideas and developing organizations. It can be accessed on mobile podcast applications and helps airmen get a clear understanding of what is expected of them as a service member.
  • After a six-month hiatus in operations, the Washington Monument is going to have to close again due to rising coronavirus numbers. The National Park Service said there’s been a severe reduction in the amount of staff due to exposure to COVID-19. It did not give any timetable on when the site will reopen. (WTOP)
  • New numbers are out showing how much progress agencies are making against a 10-year-old goal. Agencies closed more than 2,300 data centers in fiscal 2020, almost 300 more than in 2019. New data on the IT Dashboard shows despite the increase, agencies still missed the governmentwide goal by about 41 total closures. Five agencies, including SSA, GSA, USAID, Education and HUD, have closed all their data centers. Additionally, every agency but DHS met their savings goals for last year. Despite these successes, the IT Dashboard shows agencies still are running more than 6,200 data centers with more than 528,000 servers, while only 41,000 cloud instances.
  • The Justice Department reaches an agreement with a government contractor, in which the company admitted to inflating costs for federal projects. Schneider Electric Buildings America will pay $11 million to resolve investigations into kickbacks and overcharges on eight federally-funded energy savings performance contracts.
  • A former defense employee got five years in prison for an assault that happened overseas. The Justice Department reports that Brendan Figuly received the sentence after he plead guilty to assaulting two neighbors with a knife while working in Okinawa, Japan, as an engineer at Kadena Air Force Base.

Related Stories

Comments

Sign up for breaking news alerts