FCW Insider: July 25

With a two-year budget deal tentatively in place, legislators are turning their attention to the National Defense Authorization Act. Lauren C. Williams has more on what could be a contentious final negotiation process. 

The House quietly passed legislation on July 23 that would expand cybersecurity research and development partnerships between several federal agencies and the government of Israel. Derek B. Johnson has the story. 

With the Department of Health and Human Services shuttering its Program Support Center services, other  agencies are scrambling to find new assisted acquisition services.  Mark Rockwell reports on the General Services Administration's efforts to step up and streamline its own offerings. 

Culture eats strategy for breakfast.  And as Red Hat CEO Jim Whitehurst writes in an FCW op-ed, it's essential for agencies to shift their cultures if they want to successfully navigate today's digital disruptions. 

Quick Hits

*** The new defense secretary plans to scrutinize the Joint Enterprise Defense Infrastructure cloud contract. On his first day, Defense Secretary Mark Esper told reporters he intended to look closely at the JEDI cloud acquisition that's ongoing.

"I've heard from everybody about the -- the JEDI contract and that's one of the things I want to take a hard look at," Esper said during a July 24 Pentagon press gaggle. The comments come shortly after President Donald Trump said he wanted to look into the deal, which has undergone protests and litigation. An award is expected in August.

*** Much of former Special Counsel Robert Mueller's time spent in two different July 24 House hearings was dedicated to avoiding saying anything that wasn't already contained in his report submitted earlier this year on Russian interference efforts during the 2016 election. However, when asked by Rep. Will Hurd (R-Texas) whether he found any evidence indicating the Russians planned to repeat their efforts in 2020, Mueller was direct.

"It wasn't a single attempt, they're doing it as we sit here," he said. "And they expect to do it during the next campaign."

Mueller later echoed U.S. intelligence officials, saying he feared Russia's 2016 cyber campaign will become "the new normal," with other nations relying on the same basic blueprint to wreak havoc on American democracy.

During the same questioning period with Hurd, Mueller declined to offer his opinion on who should be in charge of coordinating the federal government's response to foreign disinformation and influence campaigns, saying only that he didn't "want to wade into those waters" and didn't have an overarching strategy for dealing with the problem.

*** David Norquist appeared in front of the Senate Armed Services Committee July 24 for his nomination to be permanent deputy secretary, and submittedtestimony saying he will closely watch the process used to restructure and validate civilian leadership positions in the DOD's Fourth Estate agencies.

Norquist, the Defense Department's comptroller who has been acting deputy defense secretary role since Jan. 1, wrote there was more work to do to streamline the hiring process for validating open senior executive service (SES) positions in the military departments and Fourth Estate defense agencies.

"The initial process to evaluate and execute took way too long," Norquist wrote in his testimony, adding that the chief management officer's revisions to the process have made things more efficient. "We must ensure we have the ability to promptly fill the vacancies we actually need. If confirmed, I will closely monitor this process."

*** Rep. Gerry Connolly (D-Va.) introduced legislation on July 24 that would make the approval under the Federal Risk and Authorization Management Program quicker and more efficient.

Connolly's bill, which he previewed earlier this month, would codify and define the roles and responsibilities of federal agencies and third-party assessment organizations; address how to further reduce long approval times for vendor applicants, particularly small businesses; tackle the uneven application of vendors' ATOs across federal agencies; set metrics on time, costs and assessment quality; and set the Office of Management and Budget as the agency officially responsible for FedRAMP policy. The General Services Administration in charge of day-to-day implementation, Connolly said.

*** GSA's FedRAMP Program Management Office formally launched its Ideation Challenge on July 24. The PMO is looking to cybersecurity stakeholders, including cloud service providers, agencies, third party assessors and others for ideas in new approaches to do risk assessments and security authorizations for cloud products and services under the program.

The GSA posted, then withdrew, the Ideation Challenge in late June, saying it would repost it in the coming weeks. It said the effort is designed to get crowdsourced input on how to speed up and reduce costs for cloud security authorizations.

*** The deadline for Government Innovation Award nominations is Aug. 2 Submit your picks for individual Rising Stars, Public Sector Innovations and Industry Innovators today!