GovConJudicata Weekly Debrief (11/25–29)
Happy Thanksgiving to our Weekly Debrief readers!
This edition covers a variety of issues, including Amazon's JEDI protest, the Army's $1B cyber contract, NASA's next lunar mission, cyber trouble at Energy, and "Amtower's rules of speaker engagement."
"The Homeland Security Department on Wednesday released a draft of a binding operational directive that would require every federal agency to create a vulnerability disclosure policy. Under the measure, each civilian agency would need to create a formal process for security researchers to share vulnerabilities they uncover within the organization’s public-facing websites and other IT infrastructure. Agencies must also develop a system for reporting and closing the security gaps that are uncovered through the program."
"Amazon Web Services officially launched its protest of the Pentagon’s award of the Joint Enterprise Defense Infrastructure (JEDI) cloud contract to Microsoft, filing its complaint with the U.S. Court of Federal Claims under seal late Friday. An AWS spokesperson confirmed the filing of the complaint and in a statement cited political influence and bias as the company’s reasoning for protesting JEDI. 'Numerous aspects of the JEDI evaluation process contained clear deficiencies, errors, and unmistakable bias — and it’s important that these matters be examined and rectified,' he said."
"The Army provided new details about its nearly $1 billion cyber training contract that will serve as the cornerstone of the Department of Defense’s much needed cyber training platform. The Army released Nov. 25 updated information regarding the scope of work for the Persistent Cyber Training Environment (PCTE), which is the main component for the nearly $957 billion Cyber Training, Readiness, Integration, Delivery and Enterprise Technology (TRIDENT) contract."
"When NASA sent the first humans to the moon 50 years ago this year, the development of computers was in a nascent stage. The Apollo 11 spacecraft touted one of its own on board: just over 70 pounds and 24 by 12.5 by 6 inches. Fifty years later, NASA is planning again to launch people to the moon, targeting a 2024 moon landing and later looking toward Mars through its Artemis program. Technology has advanced greatly in the last 50 years, which also transforms the risk."
"The Education Department is investigating two American universities—the Massachusetts Institute of Technology and the University of Maryland—regarding whether they’ve properly reported contracts with and gifts from several foreign governments and tech-related entities, according to letters sent to the institutions in late September and recently released to the general public. Officials are specifically interested in records of anything they’ve received from the Russian, Chinese, Saudi Arabian and Qatar governments, as well as Huawei, ZTE and other foreign companies that have recently been exposed to more severe federal scrutiny."
"The U.S. Department of Energy is routinely failing to secure unclassified IT systems in the nation's critical infrastructure, including nuclear facilities, leaving them open to outside attacks and hacking, an annual audit from the agency's Inspector General finds. And while the Energy Department is capable of fixing these cybersecurity deficiencies, the federal agency continues to make the same mistakes and security errors year-after-year, the report shows."
"We’ve all been part of the audience when the speaker (a) Thinks way too much of himself and wants to tell you that you should too; (b) Is so boring you long for the professor who put you to sleep; (c) Has a monotone that causes a downturn in the economy. If you want to get on the podium, don’t be one of those people. Speaking engagements in our market seem to be available frequently, but only a very small percentage of those in GovCon will get the opportunity to present at industry events."
. . .