Emile Monette: GSA Begins Work on Cyber Risk Framework for IT Systems Acquisitions

cyberThe General Services Administration has started to develop a cybersecurity risk profile for federal agencies to use when they purchase information technology products and services, Federal News Radio reported Friday.

Emile Monette, senior adviser for resilience and cybersecurity at GSA’s Office of Governmentwide Policy, told the station agencies will work to prioritize risk assessment in acquisitions, Jason Miller writes.

“When you think about having baseline cybersecurity requirements as a condition for contract award for appropriate acquisitions, well, we don’t really know what appropriate acquisitions are until we fully understand the risk posture of those acquisitions,” Monette said in an interview with the station.

Miller reports that GSA held a public meeting on June 5 to hear feedback from IT vendors, big data stakeholders, consultants and other experts on how to form the risk management framework in acquisitions of IT platforms and services.

Monette told the station he expects GSA to have the initial list of risk indicators for IT acquisition processes ready for implementation by fall of this year.

Check Also


NSA Reports on New Cyber Vulnerability in Computers

The National Security Agency (NSA) has issued a report on a new cyber vulnerability that threatens certain systems present within the Department of Defense and other organizations. The BootHole vulnerability allows cyber actors to get through the Secure Boot security standard that makes devices boot only with software trusted by original manufacturers. 

Leave a Reply

Your email address will not be published. Required fields are marked *