SYDNEY J. FREEDBERG JR.
In recent days both Pentagon CIO John Sherman and the House Armed Services Committee have pushed new policies to speed the adoption of commercial software by the Department of Defense.
That’s great as far as it goes, DoD and industry officials said at a recent conference. But, they argued that beyond cutting red tape, the chronically overworked officials certifying commercial software as cybersecure and safe for government networks also need the technical tools and computing environments to test the software properly.
The critical choke-point is a process known as ATO, or Authorization To Operate. When the Pentagon wants to use some commercial software, a government Authorizing Official (AO) must formally approve it as sufficiently safe and secure against cyberattack to be used on government networks. That process can be fraught with bureaucratic hurdles.
No comments:
Post a Comment