Sen. Ron Wyden (D-Ore.) has called on Dana Deasy, chief information officer at the Defense Department, to direct the implementation of cyber best practices on all of DoD’s public-facing web services.
Wyden wrote a letter on Tuesday to Deasy calling him to require all agencies and offices at the Pentagon to enable the use of the Hypertext Transfer Protocol Secure encryption with HTTP Strict Transport Security on all public web services.
DoD agencies should submit a list of all public domains to DHS to advance HSTS adoption and comply with a memo issued by the Office of Management and Budget and a binding operational directive from the Department of Homeland Security.
Wyden said agencies at the Pentagon need to secure and field certificates trusted by major web browsers for all publicly accessible web services and assess the use of “shorter-lived, machine-generated certificates.”
The senator also asked Deasy to come up with an action plan regarding the adoption of the cyber measures by July 20.