Wanted: Metrics for Measuring Cyber Performance and Effectiveness

Intense worries about cybersecurity mean system owners are stacking up cyber tools to help protect their organizations, often duplicating features and capabilities in the process. The problem: There’s no sure way to measure the effectiveness of one tool over another.

What’s New

New Framework Defines Cyber Security Workforce Needs

Today’s shortage of skilled cybersecurity professionals won’t end overnight, but the answer to solving the shortage may be here. It’s the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. By defining a common language to describe the skills, knowledge and requirements needed to fill each type of cyber job, the framework provides a baseline for understanding which can be shared by employers, educators and workers alike.

What We’re Reading

DoD’s Acting Acquisition Chief Looks To Purge ‘The Stupid’ From IT Procurement

The new administration’s extended transition process has led to an unusual circumstance in which there are literally zero politically-appointed acquisition officials anywhere in the Defense Department. Such a scenario might seem like an unlikely time for DoD to make major changes to the way it buys information technology, but that’s exactly what the career civil servant who’s currently leading the department’s vast acquisition apparatus hopes to do over the next year.

The Defense Department Will Soon Use More Secure Email

The U.S. Department of Defense will soon start sending more secure emails.
The Defense Information Systems Agency (DISA), the body in charge of the Pentagon’s email, said it plans to enable stronger encryption on all emails by July 2018.

In Quest to Replace Common Access Card, DoD Starts Testing Behavior-Based Authentication

A year after then-chief information officer Terry Halvorsen first publicly floated the idea of killing DoD’s Common Access Card in favor of a collection of more flexible authentication technologies, the Pentagon is beginning to test drive at least one of the potential replacements for the CAC.

Last week, the Defense Innovation Unit-Experimental reached an agreement with Plurilock Technologies, a Victoria, British Columbia-based firm that holds several patents on behavior-based authentication (or, “behaviour-based,” to our friends to the north).

DISA Director Discusses Priorities and Challenges for Agency

Lt. Gen. Alan Lynn took over as director of the Defense Information Systems Agency in July 2015, assuming leadership of the agency after previously serving as vice director and as chief of staff. He’s also spent time leading Army Network Enterprise Technology Command and Army Signal Center of Excellence, priming him to lead the Defense Department’s mission-critical IT agency.

One of Air Force’s Most Important Unclassified Systems is Now in the Oracle Cloud

One of the U.S. Air Force’s most important online portals is now running in the cloud.

MyPers, the Air Force’s personnel portal for 1.7 million active duty and retired airmen, civilian and reservists, began operating in July out of an Oracle-managed off-premise cloud specifically designed and secured to handle some of the Defense Department’s most sensitive unclassified workloads.