October 4, 2014
While both the House and Senate were in recess this week, the House Oversight and Government Reform Committee held a special hearing this week on the perimeter breach at the White House and new security concerns about the Secret Service.
Cybersecurity
The National Institute for Standards and Technology (NIST) published its NIST Framework and Roadmap for Smart Grid Interoperability Standards (v3.0) this week. The 3.0 framework updates the plan for transforming the nation’s aging electric power system into an interoperable smart grid—a network that will integrate information and communication technologies with the power-delivery infrastructure, enabling two-way flows of energy and communications. The Energy Independence and Security Act of 2007 established a goal to modernize the nation’s electricity system and assigned to NIST the primary responsibility to coordinate development of a framework to achieve interoperability of smart grid devices and systems.
This document first appeared in January 2010 and was last updated in February 2012 (v2.0). The new 3.0 version was needed because of recent progress in grid modernization, such as wide deployment of smart electric meters, NIST’s 74 new standards and protocols that support interoperability of the grid, updates to the reference architecture model of the smart grid, new developments and publications in smart grid cybersecurity, and the increased urgency of testing and certification. This final 3.0 version also incorporates public responses to the draft version that was released earlier this year.
A copy of the framework can be found at:
http://www.nist.gov/el/smartgrid-100114.cfm
NIST also published a revision to its Guidelines for Smart Grid Cybersecurity. The original version was released in 2010. The updated version includes new sections describing the relationship of smart grid cybersecurity to the NIST Cybersecurity Framework, cyber-physical attacks, cybersecurity testing and certification, and addresses regulatory changes involving privacy.
A copy of the guidelines can be found at:
http://nvlpubs.nist.gov/nistpubs/ir/2014/NIST.IR.7628r1.pdf
The White House this week announced more than $450 million in grants for nearly 270 community colleges partnered with over 400 employers nationwide to promote job training in high demand fields, including in cybersecurity and IT. There are 25 grants for developing new training programs for information technology and cybersecurity jobs, which are fields with a great need for trained employees. Employers partnering on the information security and technology programs include Lockheed Martin, Raytheon, Booz Allen, and SpaceX. The full list of grants can be found at:
Homeland Security
On Tuesday, the General Services Administration (GSA) awarded a $139 million contract to Grunley Construction Company and Shalom Baranes Associates to renovate the 270,000-square foot historic center building on the campus of the former St. Elizabeth’s hospital for use as the new DHS headquarters. This facility is expected to be completed by fall 2017, but the overall renovation of the campus isn’t expected to be completed until 2022 at the earliest. The Coast Guard headquarters was completed in 2013 and houses 4,000 employees. This facility will initially house the DHS Secretary and ~700 employees, and the whole campus will eventually house 14,000 employees from across the Washington DC area. While GSA is committed to completing the project, it has been plagued with numerous delays and cost increases resulting in budget cuts from Congressional appropriators.
Defense Acquisition Reform
Senate Armed Services Committee Chairman Carl Levin (D-MI), Sen. John McCain (R-AZ) and the staff of the Permanent Subcommittee on Investigations released a report on defense acquisition reform this week. The report solicited opinions from more than 30 experts from a broad range of backgrounds seeking their views on a number of subjects relating to the Department of Defense’s (DOD) acquisition process and how the DOD’s procurement of major weapon systems can be improved. Four common themes emerged from the input:
- Enhancing Incentives for the acquisition workforce
- Bolstering programs for attracting and training a qualified acquisition workforce
- Setting more realistic program requirements and budgets at the start of a program
- Increasing the role of the service chiefs in the acquisition process
While the Subcommittee offered no recommendations of its own and endorsed no particular expert prescription, they did make two observations. The first is that cultural change is one of the most important factors identified as contributing to dysfunction in the defense acquisition system, but it is a function of leadership and an incentive structure and is the least amenable to legislation and policy changes. Second, continued “sequestration” of the DOD’s budgets will undermine any savings that could be achieved through even the most successful acquisition reform.
The full report can be found here:
Political Updates
Secret Service Director Julia Pierson resigned under pressure this week after a series of White House security breaches. On Wednesday, DHS Secretary Jeh Johnson appointed Joseph Clancy to be the interim acting director of the agency. Clancy is taking a leave of absence from his position as director of corporate security for Comcast to fill this vacancy. He retired from the Secret Service in 2011 where he was a special agent in charge of the Presidential Protective Division. Sec. Johnson also announced that he would appoint a “distinguished panel of independent experts” to conduct an outside inquiry into the security breaches and report recommendations by December 15.
Vice President Biden named Dr. Colin Kahl as his new national security adviser, succeeding Jake Sullivan, who left to teach at Yale Law School. Kahl was most recently an associate professor in the Security Studies Program in the Edmund A. Walsh School of Foreign Service at Georgetown University. He also was until recently a senior fellow and director of the Middle East Security Program at the Center for a New American Security.
Anne Neuberger was appointed chief risk officer of the National Security Agency (NSA) on September 17, a newly created position at the agency. NSA/CSS Director ADM Michael Rogers selected Neuberger who assumed the position at the beginning of October. In her first year, Neuberger will focus on creating and maturing a methodology and processes to assess the various risks across different missions and work toward meeting specific objectives assigned by ADM Rogers.
The President appointed Michèle Flournoy and Kevin Nealer to the President’s Intelligence Advisory Board. Flournoy is CEO of the Center for a New American Security, the non-profit research organization she co-founded in 2007. She is also a Senior Advisor to the Boston Consulting Group, and served as Under Secretary of Defense for Policy at the Department of Defense (DOD. Nealer is a Principal and Partner at the Scowcroft Group, which he joined in 1993.
Next Week
The House and Senate are in recess until November 12.