The Wrap: Cleanup on IL5; VA Supply Chain Tech; New CISA Faces

Welcome to The Wrap for Wednesday, July 5!

From the newsroom at MeriTalk, it’s the quickest read in Federal tech news. Here’s what you need to know today: ?

Cleanup on IL5…

First, thanks for indulging me on the headline pun … Second, in exchange for that, we’ve got you more than covered on the latest insights into potential risks associated with unprotected and unsecured cloud environments for Federal agencies and military services through our June 29 DoD ICAM and IL5: Mission-Critical Cloud Security webinar. Among the high points: U.S. Air Force Chief Technology Officer Jason Bonci talks about how the service branch needs in its cloud services “the survivability, the resilience, and the flexibility to rapidly iterate to progress and develop,” but that security remains paramount. “There is this rush to try to use multiple cloud providers and multiple platforms,” Bonci said. “What about security controls? What about thinking about the hardware and the trust that’s built there to make sure that someone doesn’t come in from the back end,” he asked. “I don’t see a lot of other agencies focusing on that.” Please hit the link for the full story.

VA Supply Chain Tech

The Department of Veterans Affairs (VA) wants to know how you can help the agency to modernize its supply chain management system. That’s according to the agency’s solicitation posted on SAM.gov on June 29, where VA says it’s looking for a cloud-based, integrated and intelligent enterprise supply chain modernization (SCM) and management solution. The supply chain runs the gamut from information technology to prosthetics, pharmacy, healthcare technology management, biomedical engineering, facilities management, medical or surgical distribution, and burial and benefit equipment and supplies – among others. Background: VA announced in December that it would be transitioning away from its previous supply chain management system – the Defense Medical Logistics Standard Support (DMLSS) – and was in the market for a new solution contract.

New Faces at CISA

Congrats to Andrew Scott and David Carroll, who are the newest leadership additions to the Cybersecurity Division at the Cybersecurity and Infrastructure Security Agency (CISA). Scott is serving as associate director for China Operations, which focuses on guarding against cyber threats from China. He has served two White House stints – as senior director for cyber policy and as director of international cyber policy – plus leading analytic and operational efforts on foreign cyber threats at the Central Intelligence Agency. Carroll is serving as associate director for Mission Engineering, with a focus on developing and executing foundational analytics and infrastructure powering cyber operators across the agency’s cybersecurity mission. He brings 25 years of public and private sector experience in security, privacy, and risk programs, most recently at Google.

CSAC Getting Extension

The Cybersecurity and Infrastructure Security Agency (CISA) is renewing the charter for its 35-member Cybersecurity Advisory Committee (CSAC) through May 2025. The committee – which was established in 2021 to provide input to CISA leadership on policy, programs, and workforce issues – has been highly praised for its role by CISA Director Jen Easterly. CSAC is currently developing new recommendations for CISA across a range of areas including national cyber alert systems, workforce and recruiting issues, and collaboration between critical infrastructure sectors. The committee is expected to go public with new recommendations in September.

Pentagon Wary on Foreign Influence

In advance of clamping down next year on funding for academic research that does not guard against possible adversarial foreign government influence, the Department of Defense (DoD) has published a list of foreign entities engaged in what the Pentagon views as “problematic activity” – including interfering or influencing DoD-funded research and development (R&D) efforts at higher education institutions. Governments singled out in the memo include China, Russia, North Korea, and Iran. “Protecting and maintaining the integrity of our research enterprise is integral to national security,” Heidi Shyu, Under Secretary of Defense for Research and Engineering (USD(R&E)), said in a press release. “The publication of these foreign entities underscores our commitment to ensuring the responsible use of Federal research funding and safeguarding our critical technologies from exploitation or compromise,” she said.

Once again, let’s “call IT a day,” but we'll bring you more tomorrow. Until then, please check the MeriTalk breaking news website throughout the day for the latest on government IT people, progress, and policy.

And finally, please hit the news tip jar (with leads, breaking news, or simply your two cents) at [email protected].