Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk.
GAO Overturns $950M DoD Cloud Deal
The Government Accountability Office (GAO) ruled Thursday that the Defense Department (DoD) overstepped its authorities by awarding an “other transaction agreement” (OTA) for cloud services valued at $950 million to REAN Cloud in February. GAO recommended that DoD terminate the agreement or use standard competitive procurement procedures as legally required. OTAs are not technically contracts and are not subject to the same regulations as other federal procurements, but GAO sustained a protest filed by Oracle that argued DoD did not follow proper procurement policies. DoD has sixty days to accept or decline GAO’s recommendations. Refusal would require GAO to notify Congress.
White House Looks Back on Cyber EO
The White House Friday published a blog post commemorating President Trump’s Cyber Executive Order (EO) issued a little over a year ago. The post, authored by Grant Schneider and Josh Steinman, senior directors for the National Security Council’s Cyber Directorate, discusses progress made on Federal cybersecurity and securing critical infrastructure since the EO’s release. The post discusses reports to the President from various Federal agencies, commissioned by the EO, on topics such as deterring cyberattacks and ensuring an open Internet, Federal agency cybersecurity risk, the cybersecurity workforce shortage, and the impact of botnets and distributed attacks. “The EO and the reports it directed will continue to influence U.S. government policy for years to come,” the authors of the post said.
Navy Official Hints at Action to Clear Security Application Backlog
A Navy cybersecurity official hinted Thursday that the Federal government may be close to taking action to reduce its logjam of security clearance requests, although he emphasized that he was not speaking on behalf of DoD. Mark Livingston, senior director of security in the Office of the Deputy Under Secretary of the Navy (Policy), acknowledged during a presentation at a cybersecurity conference organized by Digital Government Institute that the Federal government currently has a backlog of more than 700,000 security clearance applications. Earlier this month, Sen. Mark Warner, D-Va., vice chairman of the Senate Intelligence Committee, complained at a hearing that the security clearance application backlog–which he said stands at 740,000–is acting as an impediment to private sector cybersecurity officials who want clearances to access classified cyber threat data held by the government. The application logjam, he said, “is insane.” At Thursday’s conference, Livingston said, “You’re going to see some announcements in the near future about how that gets fixed,” referring to the clearance application logjam. He hastened to add that he was voicing his own opinion on the matter and was not speaking for DoD.
GITEC and ATARC Merge
The Government IT Executive Council (GITEC) and the Advanced Technology Academic Research Center (ATARC) announced their merger Thursday, effective immediately. The two Federal IT nonprofits provide a platform for professional development and collaborative forums for government, academia, and the private sector. “The new organization will be guided by GITEC’s Government and Industry Advisory Councils and run by ATARC’s dedicated staff,” the ATARC announcement states.
Powner: Lagging Agencies Might Look to Data Center Outsourcing
Dave Powner, director of IT management issues at GAO, mused that Federal agencies having trouble meeting data center optimization goals for 2020 might want to look for outside help. A data center report from NextGov released Wednesday quotes Powner, “If we don’t have optimized centers after a decade of trying, should agencies be running their own data centers? Or should they be outsourcing it–going to the cloud or go to some other provider that can maintain data centers more cost-efficiently, more securely?” He said agencies need to think about how they will address five main metrics: server utilization and automated monitoring, energy metering, power usage effectiveness, facility utilization and virtualization. Powner said that only about a third of agencies will reach “somewhat optimized” by meeting their goals on three out of the five metrics.
