Inside the Reporter’s Notebook is a biweekly dispatch of news and information
you may have missed or that slipped through the cracks at conferences, hearings and other events. This is not a column or commentary — it’s news tidbits, strongly-sourced buzz, and other items of interest that have happened or are happening in the federal IT and acquisition communities.
As always, we encourage you to submit ideas, suggestions and, of course, news to Jason via email.
Be the first to know when a new Inside the Reporter’s Notebook is posted. Sign up today for our new Reporter’s Notebook email alert.
Insight by Okta: This exclusive e-book highlights how identity and access management will continue to evolve as agencies face more aggressive cyber threats while keeping data and systems accessible.
Just in time for cybersecurity awareness month in October, the White House will launch the initial operating capability of the cyber threat intelligence integration center (CTIIC).
Michael Daniel, the White House cybersecurity coordinator, said Sept. 10 at the NIST cybersecurity event in Washington that some of the initial capabilities are moving in place.
“We are hopeful we can get all of that together and have it start producing some of its products in the first part of the fiscal year,” Daniel said.
As a quick refresher, the White House announced the creation of the CTIIC in February, modeling it after the approach used after the Sept. 11, 2001 attacks to better bring together terrorism-related information. The broader goal of the CTIIC is to look beyond the ones and zeros, and combine what the intelligence community knows about malware with what it also knows about the rest of the world, including the state and non-state actors who are using it.
The Energy Department’s cybersecurity is awful — well, at least that’s what many people believe based on the recent USA Today story.
The news organization found hackers were successful 159 times in penetrating Energy’s network between 2010 and 2014, including 53 instances in which the attackers took control of the “root” servers.
USA Today found that the National Nuclear Security Administration (NNSA) experienced 19 successful attacks during the four-year period, according to the Freedom of Information Act records it obtained.
On the surface, it seems the Energy Department is just another federal agency that is, in the words of former White House cybersecurity official Melissa Hathaway, complacent, apathetic and/or negligent when it comes to securing its networks and data.
But when you take a closer look at the statistics, the picture isn’t all bad.
The government gets a bad rap for failing to meet deadlines and messing up major system overhauls.
The history of federal IT is littered with these examples.
But it’s rare we get insight into how one agency pulls a potential major blunder from the jaws of failure. But that’s what happened to the Federal Communications Commission earlier this week during a major systems upgrade.
The FCC kicked-off its modernization effort Sept. 2, shifting more than 200 servers and transferring more 400 applications associated with those servers to a commercial cloud.
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
But nearly a week later, the systems were not back online, causing delays for FCC customers in filing reports and other documents.
The State Department’s idea of creating a series of cyber playbooks got “86’ed” rather quickly.
A State spokesperson confirmed the department cancelled the request for information about a week after releasing the notice on FedBizOpps.gov, and are not accepting any responses.
“We are continuously looking for ways to improve our cybersecurity. We do not have further information to share at this time,” the spokesperson said.
State didn’t just withdraw the RFI, it took the link down from FedBizOpps and removed any evidence it existed.
A government source familiar with the State Department’s cyber efforts said there were several reasons why the agency pulled the RFI.