Focusing on six words: Helping government do its job better

Archive for July 2010

DorobekINSIDER: NASA cyber-security chief Jerry Davis to join VA

leave a comment »

Jerry Davis, the widely respected chief information security officer at NASA, is leaving that agency to join the Department of Veterans Affairs, the DorobekINSIDER has confirmed.

The move had been widely rumored for months, but was just made official when Davis accepted the offer from the VA on Friday.

While NASA has has its own share of cyber-security issues, the challenges at VA are daunting. Not only is VA the second largest agency in government, but it is the poster child for cyber-security problems dating back to that now infamous stolen laptop that was loaded with millions of names and personal information on vets.

Back in 2006, the data on  26.5 million active duty troops and veterans were on the laptop and external drive, which disappeared while in the custody of a Veterans Affairs data analyst in 2006.

While none of those data became public — and it wasn’t a result of a cyber-attack but rather a common house burglary, it has become the most discussed cyber-security event, even more than four years later. And the event cost the agency $20 million in a settlement.

Read more and hear GAO’s assessment of VA’s IT situation here… or read the GAO report here. [PDF]

Davis talking about that on Federal News Radio’s Federal Security Spotlight [July 1, 2010]… and on Federal News Radio’s Federal Drive about changing ways of measuring cyber-security [May 28, 2010]

From NextGov:

[Davis told] his staff on Tuesday to shift their focus from certifying that networks are compliant with a nearly decade-old law to monitoring systems for holes and real-time reporting of threats.
The change is a watershed moment for federal information technology managers, who since 2002 have been required to follow a law that critics say forces IT staffs to spend days filling out reports that confirm technology managers have followed certain security procedures. The law did not require specific actions to secure systems, said opponents of the Federal Information Security Management Act.

Jerry Davis, NASA’s deputy chief information officer for IT security, issued a memo to information system managers informing them they no longer need to certify every three years that their networks are compliant with FISMA, as called for by the law. Instead, they should rely on automated continuous monitoring to find holes that hackers could exploit. The process will remain in effect as long as agencies are required to submit annual status reports for networks and vulnerabilities detected during the monitoring don’t pose unacceptable risk.
Here is Davis’s most recent bio:

Jerry L. Davis is the Deputy Chief Information Officer (DCIO), IT Security for the National Aeronautics and Space Administration (NASA). Jerry’s role is to provide thought leadership and oversee all aspects of Information Security and privacy for the Agency to include the development and implementation of enterprise-wide IT security engineering and architecture, IT security governance and IT security operations capabilities. Jerry’s division also generates IT and data security solutions and services to the Agency’s Space Operations, Science, Exploration Systems and Aeronautics Research Mission Directorates programs and projects, while defending $1.8 billion in annual IT investments.

Previously, Jerry served as the DCIO for the Department of Education overseeing the day-to-day operations of the Department’s enterprise-wide IT infrastructure. During his tenure at the Department, Jerry also served as the Department’s first Chief Information Security Officer (CISO) and Director, Information Assurance (IA). In this role, Jerry’s teams proactively defended over $500 million dollars in annual IT investments, which supported the $400 billion dollar grants and loans portfolio.

Jerry was one of the principal thought leaders in the design, implementation and management of the District of Columbia’s first city-wide IT Security program and served as the Manager of Wide Area Network (WAN) Security Architecture. Jerry also held positions as a senior security consultant with several Fortune 500 consulting firms, serving clients in the Intelligence Community (IC), Department of Defense (DoD) and federal civilian agencies. Jerry held a staff position with the Central Intelligence Agency’s (CIA) Directorate of Operations (DO) for several years. Jerry is a combat veteran of the United States Marine Corps and trained as a Counterintelligence Specialist with focus on Human Intelligence (HUMINT) operations. He holds a masters degree in network security from a National Security Agency (NSA) Center of Excellence in Information Assurance and a bachelors of science in business with a concentration in IT security. Jerry has done doctoral work in the field of information systems and holds the Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP) certifications. Mr Davis won the People’s Choice Award at the 2009 Mid-Atlantic Region Information Security Executive of the Year and was selected as one of the 50 Most Important African Americans in Technology in 2009.

Written by cdorobek

July 26, 2010 at 8:04 AM

DorobekINSIDER: OFPP recertifies NIH governmentwide contract

leave a comment »

The DorobekINSIDER has confirmed that the Office of Federal Procurement Policy has recertified the National Institute of Health Information Technology Acquisition & Assessment Center’sChief Information Officer – Solutions and Partners 3 (CIO-SP3), one of three governmentwide acquisition contracts.

There was widespread speculation that OFPP might not recertify the NIH contract — and Federal News Radio’s Jason Miller has been reporting that there has been a real focus whether there was a proliferation of multiple-award contracts. (See Federal News Radio 1500 AM’s special report — Contract Overload, which focused on the multiples of multiple-award contracts out there.)

Here is the OFPP decision:

On July 20, 2010, the OMB Director designated NIH as an executive agent for the Chief Information Officer Solutions and Partners 3 (CIOSP3) GWAC and the CIOSP3-Small Business GWAC.  Each GWAC will offer a wide range of IT services, with a particular focus on health-related IT services.

In deciding whether to grant the designation, OMB carefully evaluated a business case NIH developed to justify the need and value of its proposed GWACs.  To supplement this information, OMB conducted a significant amount of outreach with different stakeholders in the acquisition community, including agency users of NIH’s existing GWACs, agency managers of GWACs and other interagency contract vehicles, Chief Acquisition Officers and Senior Procurement Executives, trade associations, and Congressional staffers.

OMB approved the request based on several factors that promise enhanced value for the Government and our taxpayers.  NIH’s proposed GWACs will fill an important need by agencies with health-related responsibilities, including those in the Patient Protection and Affordable Care Act.  The programmatic expertise of its in-house scientists and medical experts will provide strong support for the award and management of its contracts.  The new GWAC vehicles will also provide increased opportunities for small businesses in Federal contracting, allowing agencies to tap into the talents of this community as they work to achieve best value for their missions and our citizens.

Written by cdorobek

July 22, 2010 at 3:46 PM

DorobekINSIDER: Chart of the day: DHS oversight

leave a comment »

Buried at the Homeland Security Department’s so-called “bottom up review” — a review of all DHS operations — is a very telling chart: The amount of oversight that Homeland Security undergoes

How is that for shocking!

Read the full report here. [PDF – note, the report is 72 pages] This is on the last page.

Read and hear Federal News Radio 1500 AM’s report on the bottom up review.

NextGov: DHS will establish consolidated intelligence portal

Written by cdorobek

July 19, 2010 at 9:30 AM

DorobekINSIDER media notes: WTOP/Federal News Radio hires 1105’s Chris Bridgham

leave a comment »

I actually got scooped for news within my own organization. I just learned that WTOP/Federal News Radio 1500 AM has added Chris Bridgham to it’s sales team. Bridgham has been working at the 1105 Government Information Group.

The announcement from Ralph Renzi, WTOP/Federal News Radio’s director of federal sales:

Please join me in welcoming Chris Bridgham to the Bonneville DC Team!

Chris has more than 18 years of successful selling experience in advertising sales with…

–  IT business-to-government
–  IT business-to-business
–  Consumer publications
–  Trade show organizers
–  Professional advertising agencies and consulting firms

He has held positions as Media Consultant, National Accounts Manager, District Sales Manager, Regional Sales Manager, Territory Manager, Regional Advertising Director and Account  Representative.

The last 12 years he has been with 1105 Government Information Group and Post Newsweek Tech Media Group.

Chris has a very strong understanding of government marketing and overall market opportunities… He has been recognized for various sales achievements over the years and most recently was a part of the “2010 Sales Team of the Year” presented by the min’s B2B.

Chris is originally from New England, but grew up locally in Bowie, Md.  He will also be cheering on the Terps as he is a graduate of the University of Maryland…

We look forward to having Chris’s solid knowledge and experience on our team.

Written by cdorobek

July 14, 2010 at 6:36 PM

DorobekINSIDER: Kempf named to head GSA’s Federal Acquisition Service

leave a comment »

Steve Kempf has been named to lead GSA’s Federal Acquisition Service.

Kempf has been serving the acting commissioner of GSA’s Federal Acquisition Service since the departure of Jim Williams in April.

GSA's Kempf

The Federal Acquisition Service is the big buyer for government. It oversees contracts such as the GSA schedule contracts, the multi-billion dollar Alliant contract, and the Networx telecommunications contract.

There were four finalists for the FAS job. Kempf was seen as the front-runner. That surprised that GSA Administrator Martha Johnson would select Kempf, selecting somebody from inside the organization.

That being said, Kempf is well respected both within the procurement community, in industry, and within GSA. And he won high praise for his performance at a recent hearing before the Senate Homeland Security and Governmental Affairs Ad Hoc Subcommittee on Contracting Oversight, which focused on the number of government multiple-award contracts.

In addition to naming Kempf as FAS commissioner, Johnson also announced that Jon Jordan will become the permanent deputy commissioner.

“Jon has worked in GSA and FAS’ budget programs for over 36 years and his deep operational knowledge, commitment to excellence and good stewardship of taxpayer dollars will be invaluable to FAS’ future,” Johnson said in a note to staff.

Here is the note Johnson sent to GSA staff:

To:  GSA Employees
From: Administrator Martha Johnson
Subject: FAS Commissioner Announcement

Many of you have heard me speak of this as GSA’s moment. We have set aggressive goals and been challenged to play a leading role in key Administration priorities by the White House. We are on the frontline for championing sustainability, open government, acquisition performance, flexible workplace and more. Leadership and enterprise positioning will be key to our success.

Therefore, I am delighted to announce today that Steve Kempf has accepted my offer to be the next Commissioner of GSA’s Federal Acquisition Service, one of our most critical leadership positions.

As GSA steps forward, so, too, will FAS be facing a challenge. FAS has expertise, operational know-how, and extensive customer knowledge. Used well, these will position FAS to gain further market credibility by offering customer agencies real value as they strive to meet their missions under constrained resources.  This opportunity is real, and it is now.

At this critical juncture in FAS’ history and as an 18 year veteran of FAS, Steve brings significant expertise to the Commissioner role having served as a contracting officer, lawyer, and business professional. Equally as impressive is Steve’s leadership style. He is collaborative, inclusive and
eager for change. I am confident that Steve will combine his deep roots, loyalty, and enthusiasm for FAS and transform it into our customers’ hands down, preferred, acquisition partner.

For starters, Steve has already made strides in:

•     Revitalizing FAS’ relationships with its customers;
•     Appointing an executive to champion innovation and transformation across FAS;
•     Driving forward on the Zero Environmental Footprint goal and other key enterprise objectives;
•     Building leadership prowess and a workforce positioned for success;
•     Completing and executing the FAS strategic reviews and implementation plans for key programs;
•     Deepening change management capacity; and
•     Communicating constantly with employees, customers, industry, and stakeholders to bolster FAS’ ability to perform with excellence.

In addition, I am delighted to announce that Jon Jordan will become the permanent Deputy Commissioner. Jon has worked in GSA and FAS’ budget programs for over 36 years and his deep operational knowledge, commitment to excellence and good stewardship of taxpayer dollars will be invaluable to FAS’ future.

Please join me in congratulating both Steve and Jon on their permanent appointments and pledge to give them the support they and FAS will need to turbo-charge its future.

Written by cdorobek

July 13, 2010 at 11:22 AM

DorobekINSIDER: Throwing elbows over cyber-security legislation

leave a comment »

It appears that the effort to pass a cyber-security bill is going to get a bit more tough then expected.

Late last month, officials from Cisco, IBM and Oracle sent a letter to the main sponsors of the Protecting Cyberspace as a National Asset Act, S. 3480 — Senators Joe Lieberman (DI-Conn.) Susan Collins (R-Maine) and Tom Carper (D-Del.). The letter raised concerns about some provisions of the bill:

While well intentioned, it ultimately puts U.S. critical infrastructure at increased risk by threatening the intellectual property of American companies that create the IT that operates the vast majority of U.S. government and private-sector critical networks and systems.  The unintended result may be a weakening of the domestic software and hardware industry to an extent that could, ironically, leave the U.S. more dependent upon foreign suppliers for their critical IT systems.

The letter goes on to raise specific concerns about detailed provisions of the bill. You can read the full copy of the letter here.

The Senators issued a forceful response — a letter addressed specifically to the heads of those companies — and it was posted right on the Senate Homeland Security and Governmental Affairs Web site. In the response, they refer to the concerns as “mischaracterizations” of the bill:

This legislation is informed by years of oversight by this Committee and is the result of more than a year of drafting. Our staff spent considerable time working with industry representatives – including representatives from your companies – and the bill, as reported, addresses many of the concerns your companies raised during that time…

Your input on this important legislation is important to our Committee, and both our staff and yours have invested considerable time in this process. While we find the mischaracterizations of our bill in your letter inaccurate and disappointing, we welcome further discussion and hope that we can engage in a constructive dialogue going forward.

Again, you can read the full response here.

Meanwhile, Politico’s Morning Tech is reporting that the House version of the bill is having some trouble.

Staff representing the Senate’s top players in the cybersecurity debate – Rockefeller, Snowe, Collins, Lieberman, Carper – will begin huddling this week over ways to merge the chamber’s top two proposals. But the path forward in the House is still unclear.

The lower chamber’s version of the Lieberman-Collins-Carper plan, spearheaded by Reps. Jane Harman and Pete King, is still pending consideration by a slew of committees that all share jurisdiction. And the committee closest to the action – the House Homeland Security panel – plans to introduce its own bill soon, pitched by Chairman Thompson. Meanwhile, a Senate Dem aide tells Morning Tech that it is unclear whether Rep. Jim Langevin, another cybersecurity leader, is writing his own comprehensive legislation. Stay tuned.

IT WILL BE THE HOUSE SCI/TECH COMMITTEE that will take the first stab at cybersecurity once both chambers return from recess next week. The Technology and Innovation Subcommittee announced late Tuesday it had invited industry leaders from EPIC, the Institute for Defense Analyses, the Council on Foreign Relations and Ponte Technologies to its scheduled July 15 hearing – and it promises additional witness announcements to come soon.

Read Politico’s Morning Tech here.

Written by cdorobek

July 7, 2010 at 9:32 AM

DorobekINSIDER: Federal news month in review

leave a comment »

What stories made news for the month of June?

Here are the most read stories across Federal News Radio 1500 AM … on the … for Mike Causey’s Federal Report… on the Federal Drive with Tom Temin and Amy Morris… and for

…from the

  1. Obama orders cuts in federal building costs
  2. Why there’s been a backlash against feds lately
  3. How to make that performance review work for you
  4. Most TSP funds suffer losses in May
  5. Why continuous monitoring is gaining popularity
  6. Government still faces numerous teleworking challenges
  7. Elective deferrals for your TSP explained
  8. Dorobek Must Reads – June 2
  9. How to get more minorities, women to participate in TSP
  10. Causey: How agency budget cuts will affect you
  11. How to get your TSP questions answered
  12. Comments needed for TSP beneficiary designation
  13. Federal contracts: How many is too many?
  14. Dorobek Must Reads – June 11
  15. DorobekINSIDER: An open letter to OMB: Stop the public sector bashing
  16. Federal pay raises safe … for now
  17. Is DoD ignoring lessons learned from insourcing?
  18. Fed invents most accurate clock in the world
  19. How to create the best federal cybersecurity workforce
  20. Why there’s still worry about the Conficker worm
  21. Dorobek Must Reads – June 3
  22. Mobile devices can leave you open to cyber attacks
  23. In budget crisis, states take aim at pension costs
  24. FISMA one step closer to overhaul
  25. Influence others and change your office culture
  26. Off Topic: What your email address says about you
  27. Military Health System works out e-record kinks
  28. DorobekINSIDER: Treasury’s Gross to be deputy CIO at Interior
  29. Web inventor discusses importance of open data
  30. DOJ sues Oracle for alleged overcharging
  31. Agencies to crack down on waste, fraud, abuse
  32. Census reports it has reached almost all households
  33. Health 2.0 Conference, HHS hope to change the practice of medicine
  34. SSA makes rural America accessible to all
  35. How government will eliminate user names & passwords
  36. Google Apps could help agencies move to the cloud
  37. Chances good for passage of TSP/annual leave bill
  38. TSA’s Secure Flight program faces some challenges
  39. Agencies to compile ‘do not pay list’
  40. The impact of the Federal Workforce Reduction Act
  41. Senate unanimously confirms TSA head
  42. Dorobek Must Reads – June 7
  43. Are Katrina/Deepwater comparisons appropriate?
  44. DorobekINSIDER: Helping out a Postal employee in a time of need
  45. U.S. Navy Considering Wii Fit and DDR For Boot Camp
  46. Report endorses pay for performance for Intel community
  47. Many issues surround federal ID management
  48. Software remembers passwords for you
  49. Preview: Your monthly TSP Snapshot

… for Mike Causey’s Federal Report

  1. Federal Pay Freeze: A November Surprise?
  2. Retirement: You Can Go Home Again!
  3. The Smartest Fed Investors Work For…
  4. TSP Warning: Cover Your Assets
  5. Pay Freeze? We Need To Talk
  6. Pay Freeze: Everybody in the Pool!
  7. Pay Freeze as Union Recruiting Tool
  8. Six Ways to Beat the Bear Market with Your TSP
  9. The $3 Million G-Man
  10. Travel, Training, Hiring Hit List
  11. Feds in Heat: The Misery Index
  12. About Those Buyout Rumors
  13. Hot Enough For You?
  14. TSP: Investing in Where You’ve Been
  15. Payoff the Boss’s Credit Cards?
  16. Time is Running Out for FEHBP Dependents
  17. Show Me The Buyout!
  18. Federal Unions: Dynamos or Dinosaurs?
  19. Feds: Global warming is real!!!
  20. Sick Leave Phase In

… on the Federal Drive with Tom Temin and Amy Morris

  1. Bill would give DHS emergency cyber powers
  2. Monday Morning Federal Newscast – June 1st
  3. Cyberthreat of Joe Biden leads to arrest
  4. Wednesday Morning Federal Newscast – June 8th
  5. Postal Service finds $75B dollar overpayment
  6. Federal retirees should consider the Roth IRA
  7. Defense furlough fears heat up
  8. How to avoid a June swoon with the TSP
  9. Monday Morning Federal Newscast – June 14th
  10. Tuesday Morning Federal Newscast – June 29th
  11. Friday Morning Federal Newscast – June 4th
  12. Friday Morning Federal Newscast – June 18th
  13. Thursday Morning Federal Newscast – June 10th
  14. Monday Morning Federal Newscast – June 28th
  15. Private concerns about Booz Allen going public
  16. Monday Morning Federal Newscast – June 21st
  17. Friday Morning Federal Newscast – June 25th
  18. NSPS move cuts raises of the ‘best and brightest’
  19. Thursday Morning Federal Newscast – June 3rd
  20. Wednesday Morning Federal Newscast – June 2nd
  21. Wednesday Morning Federal Newscast – June 23rd
  22. Tuesday Morning Federal Newscast – June 8th
  23. Thursday Morning Federal Newscast – June 24th
  24. Google goes ABW: Anything But Windows
  25. How to succeed in the SES
  26. Tuesday Morning Federal Newscast – June 22nd
  27. Tuesday Morning Federal Newscast – June 15th
  28. ‘Shady’ porn site practices pose cyber risks
  29. Monday Morning Federal Newscast – June 7th
  30. How, and why, to modernize the legacy of COBOL
  31. OMB redefines performance expectations
  32. NIST offers Continuous Monitoring FAQ
  33. Wednesday Morning Federal Newscast – June 30th
  34. Incumbent rage leaves budgets in limbo
  35. Voinovich: hiring reforms will take an act of law
  36. Cybersecurity box claims to block threats
  37. GAO: Agency rules allow conferences at resort locations
  38. Thursday Morning Federal Newscast – June 17th
  39. Analysis: Should DoD cut benefits or guns?
  40. War zone corruption allegations rise
  41. Friday Morning Federal Newscast – June 11th
  42. Cyber chief Schmidt set to name senior director
  43. The ten biggest errors federal employees make, pt. 3
  44. The ten biggest errors federal employees make, pt. 2
  45. The ten biggest errors federal employees make
  46. Beware the mobile cyberattack
  47. GPO reassures your passport is secure
  48. MSPB to survey feds about personnel practices
  49. Who is spying on your cellphone?

… and from

  1. Federal pay freeze proposal defeated
  2. OPM wants to settle the fed salary debate
  3. Postal unions offer alternative to five-day schedule
  4. GOP lawmakers pitch fed workforce reduction bill
  5. Bill would put DHS in charge of all civilian networks
  6. OMB bakes new cookie policy for federal websites
  7. Exclusive: OMB to propose major changes to financial management systems
  8. White House asks agencies to cut spending by 5 percent
  9. DoD vows to become a leaner organization
  10. TSP Snapshot: What goes up does go down
  11. GSA plans to take e-mail, collaboration to the cloud
  12. OMB must sell Congress on budget cuts
  13. Senate’s newest cyber bill on fast track to passage
  14. OPM freezes transfer of employee files, for now
  15. GSA, DHS approve first governmentwide cyber provider
  16. OMB to transform performance reviews
  17. Navy CIO Carey leaving
  18. OMB pressing agencies to get IT projects on track
  19. White House tells agencies to use data analysis to reduce improper payments
  20. House bill would require manager training at all agencies
  21. Telework success depends on clear expectations
  22. DoT’s Patillo moving to VA
  23. No federal pay freeze for now
  24. Cybersecurity bill clears Senate hurdle
  25. Air Force saves cash by changing cell phone rate plans
  26. OPM clears up category rankings process
  27. OMB vows to end out of control IT projects
  28. DoD shows off health IT progress
  29. OMB preparing performance management dashboard
  30. White House to give identity management a push
  31. Agencies get ready for FISMA changes
  32. OPM shaping future leaders in a new way
  33. DISA launches BRAC relocation FAQ page
  34. Census troubleshoots broken software
  35. Information sharing challenges ahead for Paul
  36. GAO finds limited burrowing during Bush years
  37. Support snowballs early for Senate cyber bill
  38. HHS creates process to certify health IT systems
  39. VA tries to speed claims processing for vets
  40. Navy declares war on sexual harassment & assault
  41. SBA CIO Naylor resigns
  42. Cybersecurity bill gets first Senate hearing
  43. OMB Watch says Orszag ‘made budget cool’
  44. OMB’s Werfel plugs financial modernization
  45. DoD has limited cyber situational awareness
  46. DoD sees change in cyber culture
  47. Federal News Radio Reports
  48. DHS women convene inaugural diversity forum
  49. National Archives CIO Martha Morphy retires
  50. DHS promotes tech from workbench to market

Written by cdorobek

July 1, 2010 at 7:33 AM