Showing posts with label REFORM RECOMMENDATIONS. Show all posts
Showing posts with label REFORM RECOMMENDATIONS. Show all posts

Thursday, January 30, 2014

GSA, DOD REPORT ON ACQUISITION AND CYBERSECURITY ALIGNMENT

FROM:  GENERAL SERVICES ADMINISTRATION 
GSA and DoD Announce Acquisition Cybersecurity and Resilience Recommendations

Washington, DC --- The U.S. General Services Administration (GSA) Administrator Dan Tangherlini, and the Secretary of Defense, Chuck Hagel, today announced six planned reforms to improve the cybersecurity and resilience of the Federal Acquisition System.

The jointly issued Department of Defense (DoD) and GSA report,  Improving Cybersecurity and Resilience through Acquisition, was submitted to the President in accordance with Section 8(e) of Executive Order (EO) 13636.

Recommended Reforms

The report provides a path forward to aligning Federal cybersecurity risk management and acquisition processes.  It provides strategic recommendations for addressing relevant issues, suggests how challenges might be resolved, and identifies important considerations for the implementation of the recommendations.
The six recommended reforms are the following:

Institute baseline cybersecurity requirements as a condition of contract award for appropriate acquisitions
Include cybersecurity in acquisition trainings
Develop common cybersecurity definitions for federal acquisitions
Institute a federal acquisition cyber risk management strategy
Include a requirement to purchase from original equipment manufacturers, their authorized resellers, or other trusted sources
Increase government accountability for cyber risk management
The report is one component of the government-wide implementation of EO 13636 and Presidential Policy Directive (PPD) 21, and was prepared by a working group comprised of subject matter experts selected from across the Federal government.

The working group benefitted from a high level of engagement from public and private sector stakeholders, and the report provides realistic recommendations that will improve the cybersecurity and resilience of the nation when implemented.

DoD and GSA are committed to implementing the recommendations through integration with the numerous ongoing related activities like supply chain threat assessments and anti-counterfeiting.

The agencies will use a structured approach, with continued dedication to stakeholder engagement, and develop a repeatable process to address cyber risks in the development, acquisition, sustainment, and disposal lifecycles for all Federal procurements.  The implementation will also harmonize the recommendations with existing risk management processes under Federal Information Security Management Act and OMB guidance.


GSA Administrator Dan Tangherlini weighs in:
“The ultimate goal of the recommendations is to strengthen the federal government’s cybersecurity by improving management of the people, processes, and technology affected by the Federal Acquisition System. GSA and the Department of Defense will use continue to engage stakeholders to develop a repeatable process to address cyber risks in the development, acquisition, sustainment, and disposal lifecycles for all Federal procurements.”

A request for public comment on the draft implementation plan will be published in the Federal Register next month.


Search This Blog

Translate

White House.gov Press Office Feed