“On February 12th, 2013, the President issued Executive Order 13636, entitled Improving Critical Infrastructure Cybersecurity (EO 13636). In accordance with Section 8(e), GSA and the Department of Defense submitted recommendations to the President addressing the feasibility, benefits, and merits of incorporating cybersecurity standards into acquisition planning and contract administration, and harmonizing procurement requirements. The jointly authored report containing the recommendations it titles, Improving Cybersecurity and Resilience through Acquisition. The report provides a path forward to aligning Federal cybersecurity risk management and acquisition processes. It provides strategic recommendations for addressing relevant issues, suggests how challenges might be resolved, and identifies important considerations for the implementation of the recommendations. The ultimate goal of the recommendations is strengthening the cyber resilience of the Federal government by improving management of the people, processes, and technology affected by the Federal Acquisition System. The recommendations focus on the need for baseline cybersecurity for Federal contractors, comprehensive workforce training, consistent cybersecurity terminology for contracts, incorporation of cyber risk management into Federal enterprise risk management, development of more specific and standardized security controls for particular types of acquisitions, limiting purchases to certain sources for higher risk acquisitions, and increasing government accountability for cybersecurity throughout the development, acquisition, sustainment, and disposal lifecycles.”
Pay for a day's hosting for this site... same as buying the blogger a cup of coffee.