FCW Insider: Feb. 4

Cyber red teams are finding DOD systems tougher to crack, according to an internal watchdog. However, that's not all good news -- the report from the Pentagon's Department of Testing and Evaluation said that penetration testers need to up their game, and noted that real adversaries are improving their attacks faster than defenders are shoring up their systems. Lauren C. Williams has the story.

A new report finds that the federal government is far and away the leading adopter of tools designed to snuff out email and website spoofing compared to other sectors and industries. Derek B. Johnson reports.

In an increasingly crowded field of international frameworks for cyber norms, a non-governmental organization is seeking to shape the terms of the debate about when a hack constitutes an act of war. Derek has more.

The Census Bureau is including a controversial question about respondent citizenship on its final end-to-end test, while courts decide its ultimate fate. Chase Gunter explains.

The General Services Administration has tapped an acting official to head the Office of Systems Management at the Federal Acquisition Service. Get the details from Mark Rockwell.

Quick Hits

*** Sen. Mark Warner (D-Va.) has reintroduced a bill to put the intelligence community in charge of reforming the security clearance process and require the White House to develop a plan for reducing a backlog of background investigations that have left many feds and contractors waiting years to obtain a clearance or switch jobs.

The current vetting process, Warner wrote in a letter to acting White House Chief of Staff Mick Mulvaney and other stakeholders, is "too complicated, takes too long, costs too much, and fails to capitalize on modern technology and processes." Warner's bill would mandate strict benchmarks for completing different levels of background checks.

There are some indications that the backlog issues are beginning to improve, if only slightly, as the Department of Defense begins taking over the clearance process from the National Background Investigations Bureau. DOD officials have said increased reliance on technology, such as continuous evaluation and monitoring of employees, will make the background investigations process more efficient.

Last year, ODNI implemented some policy changes to the background investigations process and claimed to shave the current backlog down by more than 100,000 cases, from 700,000 in the beginning of 2018 to 600,000 in October. Susan Gordon, ODNI’s principle deputy director, predicted that number would be cut in half by spring 2019.

*** Sens. Maggie Hassan (D-N.H.) and Rob Portman (R-Ohio) also reintroduced a bill from the previous Congress -- theirs would codify the Department of Homeland Security’s use of cyber hunt and incident response teams.

The bill would authorize the teams, which function as technical first responders in the immediate wake of a cyberattack, to provide assistance to both federal agencies and non-federal organizations, such as critical infrastructure entities and other industrial sectors. It would also give the Secretary of Homeland Security authority to add cybersecurity specialists, from the private sector or affected entities, to the teams.

A nearly identical bill introduced last year by Rep. Michael McCaul (R-Texas) passed the House. Hassan and Portman's version never got a floor vote in the Senate, but in December, shortly before the partial government shutdown, the Senate Homeland Security and Governmental Affairs Committee reported favorably on an amended version of the legislation, setting it up for passage in 2019.

*** Senate staffer Dan Lips is joining the Internet Security Alliance as assistant vice president. Lips was the policy director for homeland security for the Homeland Security and Government Affairs Committee. Before working at HSGAC, Lips worked as an intelligence analyst with the FBI Cyber Division.