Terry Halvorsen, chief information officer at the Defense Department, has said DoD will work to update its networks, improve its cybersecurity posture and attract and retain information technology professionals in 2017, DoD News reported Wednesday.

Cheryl Pellerin writes Halvorsen gave the remarks Tuesday during his testimony before the House Armed Services Committee’s emerging threats and capabilities subpanel on DoD’s fiscal 2017 budget request of $38.2 billion for IT and cyber programs.

Halvorsen, an inductee into Executive Mosaic’s Wash100 for 2016, said that his office plans to leverage mobile data access and cloud platforms, consolidate data centers and improve collaboration with the commercial sector in order to attract IT professionals and promote innovation.

He also mentioned that the Pentagon will also prioritize the deployment of the Joint Regional Security Stacks for the Joint Information Environment.

“JRSS provides the baseline for a more-coherent, singular security architecture for DoD’s cyber defenders,” he said at the hearing.

The department will also work to field the Mission Partner Environment–Information System in an effort to facilitate data sharing between combatant commanders and mission partners as well as improve human accountability through the implementation of provisions in the Cybersecurity Discipline Implementation Plan, Halvorsen added.

The Government Accountability Office has identified several vulnerabilities in the Centers for Medicare and Medicaid Services’ technical controls for systems that support the federal health insurance marketplace.

GAO said Wednesday it found insufficient administrator privilege restriction, inconsistent security patch implementation and insecure administrative network configuration for Healthcare.gov supporting systems and the Federal Data Services Hub.

GAO reports that CMS did not develop a schedule for security oversight procedures and follow-up corrective actions.

The government watchdog recommends that CMS establish procedures for the oversight of state-based marketplaces and enforce continuous security monitoring for those marketplaces.

Oversight and continuous monitoring work to ensure the security and privacy of data processed through Healthcare.gov, GAO noted.

Lt. Gen. Robert Ferrell, chief information officer of the U.S. Army, estimates it will take more than one year for the military service to update its legacy computers to Microsoft‘s Windows 10 operating system, Federal News Radio reported Thursday.

Scott Maucione writes that Terry Halvorsen, the Defense Department‘s CIO and a 2016 Wash100 recipient, issued a directive in November instructing all DoD component organizations to complete their Windows 10 transition efforts by January next year.

Ferrell noted his office collaborates with Microsoft engineers to assess the branch’s current information technology platforms and to create a roadmap to implement the new OS, Maucione reports.

The report said he is also working with DoD and the Army’s industry partners to develop a mobility strategy for the military service.

The Department of Homeland Security has proposed to restructure its National Protection and Programs Directorate into a new organization that will focus on addressing threats to U.S. cyber and physical systems, according to a Lawfare blog article published March 21.

Paul Rosenzweig, founder of Red Branch Consulting, reports the department has offered Congress a plan to realign NPPD functions and programs and rebrand the agency as “Cyber and Infrastructure Protection.”

The reorganization effort seeks to distribute NPPD’s acquisition, business, strategic and analytical operations into three subcomponents.

Those subcomponents will be known as the National Cybersecurity and Communications Integration Center, Infrastructure Security and Federal Protective Service.

A federal grand jury has indicted seven Iranian people whom government  investigators believe have orchestrated extensive denial-of-service attacks on U.S. financial services institutions between December 2012 and September 2013.

The Justice Department said Thursday computer hacking charges have been filed against Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar and Nader Saedi.

These individuals worked for Iranian security firms ITSecTeam and Mersad and are accused of working on behalf of Iran’s Islamic Revolutionary Guard Corps to conduct a massive DDoS campaign against U.S.-based banks that lasted for approximately 176 days.

“In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” Attorney General Loretta Lynch told a press conference Thursday.

Prosecutors also charged Firoozi with unauthorized access to the Supervisory Control and Data Acquisition server at the Rye, New York-based Bowman Dam during 2013.

DOJ noted all of the seven cyber attack suspects face up to 10 years in prison and Firoozi could face an additional five-year imprisonment for the dam breach.