This week's Weekly Debrief falls on the last Friday of FY2019, as FY2020 begins next Tuesday, October 1, 2019. In this edition, we cover a several interesting tech-related topics such as HUD's new IT modernization efforts, NIST's zero trust architecture, and CISA's release of a new emergency communications plan.
"The Senate on Thursday afternoon sent a seven-week continuing resolution to the president’s desk, delaying the possibility of another government shutdown until Nov. 21. The measure passed the Senate with a 82-15 vote.The CR would fund agencies at 2019 levels through Nov. 21, buying lawmakers more time to negotiate over several full-year appropriations bills. The House overwhelmingly cleared the bill last week."
"All eyes are on the congressional defense committees as they begin reconciling their differences in the 2020 National Defense Authorization Act. Spending isn't a big issue – lawmakers settled on $738 billion for 2020 – as part of a two-year budget deal approved Aug. 1. 'The good news is they don't have to address the top-line spending,' said Alan Chvotkin, the Professional Services Council's executive vice president and counsel, 'but they have to figure out all the thousands of applications that go into the top line.'"
"The Department of Housing and Urban Development kicked off phase two of its IT modernization Centers of Excellence initiative with the release of three solicitations. HUD and the General Services Administration, which is providing technical support through its Technology Transformation Service, posted the details of the request for quotes Tuesday on GitHub. HUD and GSA expect to release three more request for quotes in the coming months."
"As part of its electronic health records modernization plan, the Department of Veterans Affairs is going to adopt Cerner's scheduling system but it's going to take longer than they thought, it was revealed a House hearing Sept. 26.The decision to go with Cerner isn't much of a surprise: VA adopted the Cerner Millennium system on a sole-source basis in 2017 to support interoperability with the Department of Defense health system that is using the same commercial software."
"The National Institute of Standards and Technology wants feedback on its definition of zero trust security architecture and potential deployments — outlined in a draft special publication released Monday. Zero trust refers to the narrowing of cyberdefenses from wide network perimeters to micro-perimeters around individual or small groups of resources, NIST says in the new guidance."
"The Cybersecurity and Infrastructure Security Agency's latest version of the National Emergency Communications Plan comes after a two-year process to improve the cybersecurity and flexibility of the nation's emergency communications. When things go wrong, you need a plan. That's why the Cybersecurity and Infrastructure Security Agency (CISA) today released the latest version of the National Emergency Communications Plan (NECP). The NECP sets out the strategic plan for establishing and maintaining communications operability, interoperability, and continuity in case of disaster."
"The Department of Homeland Security is not “well-positioned” to carry out its cybersecurity role, according to the agency inspector general. The agency watchdog wrote in a Sept. 23 report that the Cabinet agency’s lack of a cybersecurity workforce strategy and insufficient workforce assessments prevent the agency from being prepared for its duty in federal cybersecurity.“ Lacking an assessment, DHS cannot provide assurance that it has the appropriate skills, competencies and expertise positioned across its components to address the multifaceted nature of DHS’ cybersecurity work,” the IG wrote."