At the current Safety Innovation Network (SINET) occasion held in Washington D.C recently a sober assessment of our nation’s capacity to sustain an adequate cyber defense emerged.
The state of our cyber defense was summarized by Michael Chertoff, former Secretary of the Department of Homeland Safety when he concluded that it may perhaps take “a digital 9-11” to get small business, consumers and governments to fortify their cyber security defenses. In effect we are fighting an asymmetrical war and, at present, we appear to be losing.
Echoing this theme, Mr. Vivek Wadhwa, a respected cyber security analyst, argues, “Government merely can not innovate quickly enough to retain pace with the threats and dynamics of the World-wide-web or Silicon Valley’s quickly changing technologies.”
Wadhwa goes on to point out that innovative entrepreneurial technology advancements are needed but the government, due to the fact of it overwhelming dependencies on massive contractors, is not equipped to take benefit of new and potent cyber defense technologies.
Wadhwa concludes that true innovation developed via smaller entrepreneurial firms is becoming stifled by Federal Government procurement practices.
The Federal Government Acquisition Tactic is Inadequate:
Though Wadhwa’s argument is focused on technologies improvement only it also applies equally to service providers who adapt new technologies to new and enhancing defensive techniques such as vulnerability assessment, evaluation of threats and remedial action.
Considering that efficient defense against cyber attacks is an on going course of action of monitoring and taking coercive action, the part of solutions and the cyber warrior is also important and outdated Federal obtaining patterns are equally dangerous.
A great deal of the dilemma stems from the present buying and acquisition patterns of the government. For years now the government has preferred to bundle needs in to big “omnibus” or IDIQ contracts (with negotiated job orders) that favor the largest contractors but stifle innovation and flexibility. Cyber security requirements are treated on a like basis with Data technology needs and this is a mistake.
In addition, current Congressional contracting “reforms” have encouraged protest actions on new contracts and activity orders for both new and current contracts, resulting in a considerable delay of the procurement process. In the speedy evolving globe of cyber safety, delayed deployment of often obsolete technologies solutions increases the threat of a productive attack.
Simply because these contracts are exceptionally big, they require numerous levels of approval-ordinarily by Congress or senior administration officials. It typically takes 3-four years for government to award these and prosperous bidders frequently have to go by way of a grueling “certification” procedure to get authorized to bid. IT management services Charlotte for big bundled contracts expense millions of dollars to prepare and to lobby government officials and political leaders in order to win.
Mainly because of obtaining patterns that are slanted toward huge, slower moving contractors new technologies required to meet the multitude of cyber threats will be ignored in the coming years. This puts the nation at danger.
Small contractors are often overlooked in favor of massive contractors who often use contract vehicles to present services and options that are often out of date in the rapidly altering cyber globe.
Startups can’t wait this extended or afford the price of bidding. But it is not adequate to demonize huge contractors when the root result in lies is how the government procures technologies.
In order to remedy this trouble an overhaul of the acquisition and procurement method is needed to level the playing field for little cyber security businesses: it will have to be created much easier for startups and modest service providers to bid for government contracts.
1 productive way to do this is to unbundle the cyber specifications for IT acquisitions and use a lot more smaller small business set asides for contract awards. In addition protests at the Common Accounting Office have to be discouraged and reserved only for clear abuses of the contracting approach.
Procurement times really should be lowered to months rather than years some projects need to be accomplished in smaller sized methods so that the key contractors, whose purpose is frequently income maximization and placing unqualified bench staff, aren’t the only ones certified to complete them.
Cyber attacks on our sensitive infrastructure and government agencies have elevated significantly. We need to have the most recent technologies and very best tools in order to win the cyber war.