Weekly Debrief (3/8–12)
This week's Weekly Debrief covers IT modernization, managing supply chain risk, CISA's plan to spend $650 million on cybersecurity, the President's defense budget, and U.S. cyber responses to SolarWinds and Microsoft hacks.
"With the House passage of the American Rescue Act on Wednesday, the Technology Modernization Fund is one step away from finally getting the $1 billion injection lawmakers and tech advocates have been lobbying for nearly a year."
"The Defense Health Agency has a lot of medical personnel that needs to be equipped to serve the nation, but personnel alone is not enough. DHA announced recently that is is looking to modernize the Defense Healthcare Management Systems Program Executive Office and is welcoming interested companies onto online for feedback on the draft RFP to develop evaluation criteria."
"Without question, 2020 was a very difficult year for all of us. It was also a highly challenging time for government supply chains, which we depend upon for goods and services. In December 2020 alone, the supply chain received two significant pieces of bad news. First, the SolarWinds hack was made public, sending any agencies with the Solarwinds Orion Software Platform in its environment scrambling to contain the damage."
"The ink is barely dry on the American Rescue Plan becoming law, but the Cybersecurity and Infrastructure Security Agency already knows where it’s spending its funding windfall. CISA leaders told House Appropriations Subcommittee members yesterday that the $650 million it’s receiving to strengthen federal networks will have a huge impact."
"The Biden administration’s fiscal 2022 budget proposal is expected to request between $704 billion and $708 billion for defense, according to Bloomberg. That’s less, in real terms, than the 2021 budget of about $705 billion, but it’s no deep cut. "
"Less than two months into office, the Biden administration is grappling with how to respond to two large-scale, widespread cyberespionage campaigns conducted by nation-states against the U.S. public and private sectors. The Cybersecurity and Infrastructure Security Agency has said that critical infrastructure operators have also been affected by the SolarWinds and Microsoft Exchange server hacking campaigns."
. . .