Photo: GSA.gov

The General Services Administration released its step-by-step instruction guide on following FedRAMP procedures Tuesday.

The 47-page concept of operations outlines how agencies and contractors should proceed in certifying services so a service from one contractor could be used in multiple agencies.

GSA says products including infrastructure-as-a-service tools will be the first to go through the FedRAMP process.

Independent auditors that undergo an application process to be government-approved will evaluate products’ compliance.

Cloud providers that successfully go through the authorization process will be listed on the FedRAMP website.

After passing the audit phase, officials from the Department of Homeland Security and FedRAMP will evaluate and continue to re-evaluate services deployed in agencies.

Service providers may re-submit a product or service to the auditors for reconsideration and a panel of security experts will reassess whether the product will be used or not.

GSA’s guide designates the DHS as the lead body in coordinating recovery efforts in the event of a breach on the agency side.

DHS will also “assist government-wide and agency-specific efforts to provide adequate, risk-based and cost-effective cybersecurity” and develop guidance to implement trusted services and cybersecurity.

George Little

Pentagon Press Secretary George Little took questions Monday; not from journalists, but from Twitter users.

According to AFPS, Little answered questions from hundreds of users on topics ranging from Syria, Iran cybersecurity and Pentagon energy savings initiatives.

Little said fielding the questions was a challenge and needed help to manage the questions, but added that he chose the questions.

Sharon Burke, assistant defense secretary for operational energy plans and programs, joined the conversation after several users asked questions on the Pentagon’s energy conservation efforts.

“There were several good questions,” Little said to AFPS. “They varied widely, but I certainly after this experience see the power of this format.

“On certain issues you can connect people to other organizations. You can address very briefly a national security issue, and you can dialogue directly with people without filters.”

Little told AFPS he may participate in more Twitter town halls.

Photo: DHS.gov

A House subcommittee cleared a bill last week that would create nonprofit organization to promote information sharing across the public and private sectors, Federal News Radio reports.

Bill sponsor Rep. Dan Lungren (R-Calif.) said the bill makes the Department of Homeland Security the focal point for protecting federal networks and private sector-owned critical infrastructure.

Lungren is chairman of the House Homeland Security subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies.

Under the proposed legislation, the National Information Sharing Organization would facilitate the sharing of cybersecurity and infrastructure protection between the federal government and the private sector.

Lungren told Federal News Radio NISO would establish trust between the private sector and the government.

Lungren also said the government would provide funds for NISO’s first three years, then participants would contribute to the center’s funding.

Photo: Attila Toro

A House subcommittee will review cyber threats in the U.S. during a Wednesday hearing, according to the The Hill newspaper.

Rep. Greg Walden, (R-Ore.) chairman for the House Energy and Commerce subcommittee on communications and technology, said the subcommittee will consider botnets, hacking and supply-chain vulnerability.

Industry representatives and security experts are scheduled to testify, addressing cybersecurity practices and the government’s role in protecting cyberspace.

According to The Hill, several House committees have moved forward with cybersecurity bills and want bring them to the full House floor for debate before the election.

A compromise proposal from the Senate Commerce and Homeland Security committees would impose regulations on companies that operate critical infrastructure.

Walden said in a news briefing the subpanel’s agenda for the year includes authorizing spectrum auctions and progressing two bills that overhaul the Federal Communications Commission‘s way of doing business, The Hill reported.

Photo: GSA.gov

The General Services Administration‘s online library has saved the government tens of thousands of dollars in postage and printing costs, according to AOL Government.

The agency launched publications.usa.gov late last year to give users access to government publications via mobile devices.

According to AOL, 1.4 million publications were viewed in fiscal year 2011 using either Google Books, Scribd or publications.usa.gov.

GSA still operates and manages print requests from its site in Pueblo, Colo, but is aiming to increase online usage in fiscal 2012 by 10 to 20 percent from 2011 levels.

The site has 700 publications available online, which can be accessed with electronic devices capable of connecting to the Internet or opening and downloading a PDF for free.

Photo: FBI.gov

The federal government will not have authority to mitigate electric grid disruptions until at least 2013, a cybersecurity expert said according to NextGov

James Lewis, senior fellow at the Center for Strategic and International Studies, said a former U.S. senior official told him the country will experience a major disruption and Congress will be held accountable for the disruption.

Lewis advises Congress and the White House on cyber issues.

The Senate is expected to take up critical infrastructure legislation within the next three weeks, NextGov reports.

Technology companies believe the federal government should not implement a uniform approach to cybersecurity because the approach would not evolve to adapting threats, according to NextGov.

Lewis said Congress is considering legislation to exempt companies that do not operate systems capable of inflicting mass casualties.

Photo: FAA.gov

Lawmakers reached an agreement Tuesday to fund the Federal Aviation Administration for the next four fiscal years, Bloomberg reports.

The bill agreed upon by House and Senate negotiators ends short-term funding trend by providing the agency $63.6 billion, or $15.9 billion a year.

The bill also allocates funds for the FAA’s next generation air traffic modernization program. NextGen will track aircraft with satellites and will also include an upgraded communication system.

The system carries projected costs of $42 billion by 2025, Bloomberg reports. The bill also creates a position for an official to oversee development.

“One of the things that a long-term FAA bill will do is help us continue our transition to the next generation of technology, an aviation that is built for the future, an aviation system that is built to last,” Transportation Secretary Ray LaHood said, according to USA Today.

Aneesh Chopra

Federal Chief Technology Officer Aneesh Chopra is stepping down from his post, the White House announced Friday.

A White House official told Federal News Radio that Chopra’s last day will be Feb. 8, but the official did not indicate Chopra’s future plans.

FedScoop first reported Chopra’s departure and reports that some have speculated he will run for political office or that he will join a technology company, where he would lead the company’s Washington offices.

Chopra has served as federal CTO since May 22, 2009. During his tenure, he has been a proponent of open government. Prior to joining the White House, Chopra served as Virginia’s secretary of technology beginning in January 2006.

FedScoop reports potential replacements include:

• Peter Levin, CTO for the Department of Veterans Affairs
• Todd Park, CTO for the Department of Health and Human Services
• Richard Spires, chief information officer for the Department of Homeland Security

Photo: NIST

The National Institute of Standards and Technologies is calling on agencies to take the lead in addressing security and privacy challenges relating to public cloud computing.

NIST’s Guidelines on Security and Privacy in Public Cloud Computing do not suggest any specific service or deployment method for cloud computing, but lists several guidelines agencies should follow when considering their cloud services.

NIST asked agencies to plan and consider the security aspects of utilizing the cloud and said agencies should ensure cloud solutions fulfill the agency’s requirements.

The document also suggests agencies establish strong contractual obligations and stay on top of agency need and whether the provider is meeting those needs. NIST told agencies they are responsible for securing data and applications implemented and deployed in public cloud computing environments.

“The organization should collect and analyze available data about the state of the system regularly and as often as needed to manage security and privacy risks, as appropriate for each level of the organization,” NIST said.

dc.gov

Google Plus users can now add the White House to their circles as of Friday.

In a Friday blog post, the White House announced that it has joined Google’s social networking service in addition to its active Twitter, Facebook and LinkedIn accounts.

The White House said joining Google Plus is part the administration’s efforts to increase public engagement and participation.

The White House’s Google Plus page features news from the White House blog, photos and videos and features opportunities for the public to participate such as in Google Plus hangouts.

Google Plus Hangouts allow up to 10 people to participate in live multi-person video chat. The White House will regularly host hangouts that allow users to interact with with policy experts.

Those who who do not join the Hangout can watch the entire conversation on WhiteHouse.gov, the White House’s Google Plus page or on its YouTube channel.