Intercepts

Safety First

The new month means new requirements for defense agencies buying commercial software.

July 1 marked the start of the Defense Department's policy prohibiting the military services from buying any information assurance-enabled product that has not been certified by the National Information Assurance Partnership (NIAP), an effort of the National Security Agency and the National Institute of Standards and Technology.

The rule could be written into law in the near future. The House of Representatives included a provision in its Defense authorization bill that would codify the DOD policy. Although the bill still must go to a House/Senate conference committee, the provision could remain intact because it is not a contentious issue.

An issue raised by the DOD rule, however, is the cost associated with the testing process. Even some large companies have balked at the money it takes. Oracle Corp. spends as much as $1 million to get a product certified.

White House officials are examining how the government could help such vendors.

"We need to look seriously at a fund to help pay for NIAP approval," said Richard Clarke, White House special adviser for cyberspace security — for "some way [that] government shares the cost" of the NIAP approval.

DOD's Intell Czar

Amid criticism that intelligence organizations should be playing better together, the Bush administration has proposed creating the position of undersecretary of Defense for intelligence.

"This new office would have as its primary responsibilities assuring that the senior leadership of the department and combatant commanders receive the warning, actionable intelligence and counterintelligence support needed to pursue the objectives of our new defense strategy," said Stephen Cambone, principal deputy undersecretary of Defense for policy, speaking to the House Armed Services Committee June 26.

"This new office will enhance DOD's intelligence-related activities, provide a single point of contact for coordination of national and military intelligence activities...and strengthen the relationship between the secretary of Defense and the director of central intelligence," he said.

The new position is part of DOD's efforts to focus on homeland defense, which is the protection of U.S. territory, the domestic population and critical infrastructures against external threats and aggression, Cambone said.

For homeland security, other agencies take the lead and DOD will provide support, Cambone said. For homeland defense, DOD takes the lead with support from other federal agencies.

Hello, Governor?

As part of the federal government's efforts to improve communications with the states, the administration is in the process of establishing secure video teleconferencing (VTC) capabilities with the governors in each state. DOD has offered to help.

Speaking at last month's E-Gov Homeland Security 2002 conference in Washington, D.C., Army Lt. Gen. Joseph Kellogg Jr., director of command, control, communications and computers for the Joint Chiefs of Staff, said the VTC links would be secure, but not "military secure," and could be run off the National Guard's intranet, GuardNet.

Kellogg said that, if needed, the secure VTCs could "ride off of GuardNet," since it is established in every state and is capable of supporting the technology. He added that Steve Cooper, senior director of information integration and chief information officer at the Office of Homeland Security, and others are leading the effort.

E-Gov and Federal Computer Week are both owned by 101communications LLC.

Intercept something? Send it to antenna@fcw.com.