Pentagon automating its Cybersecurity Scorecard

The department is looking to release the Cybersecurity Scorecard 2.0 in the near future to replace the "static," self-reported version, said acting DOD CIO John Zangardi.
(Getty Images)

The Pentagon is updating its Cybersecurity Scorecard to deliver more-automated results to Defense Department leaders.

The department is looking to release Scorecard 2.0 in the near future to replace the current “static” version, which is compiled via self-reported information from agencies, said acting DOD CIO John Zangardi.

“It’s [not very] dynamic,” Zangardi said of the original scorecard at the Adobe Digital Government Symposium this week. “The idea with Cyber Scorecard 2.0 is to be dynamic, to get automated reporting. It’s to look at things in sort of a heat map so we understand the threat better.”

DOD CISO Essye Miller has been focused on automating the reporting of the scorecard since she took her position in December, Zangardi said. “There’s a lot of work for us to mature this, to move it forward.”


“We want to be dynamic,” he said. “We want to be able to get to the latest information quickly.”

The Cybersecurity Scorecard is a step in the right direction for the Pentagon, Zangardi said. By measuring 11 items related to basic cyber-hygiene — like strong authentication, removal of outdated software, implementing Host Based Security Systems, and properly patching and configuring systems — DOD leadership can better ensure compliance throughout the chain of command.

“It was a move from not knowing what you have to beginning to know what you have. And when you can measure something, you can do something about it,” he said, adding that “because we measured things, we could cajole people, we can encourage people to do the right thing, to make the investment — to move dollars.”

“Those 11 items are critical to moving us forward.”

The Pentagon CIO’s office feels so strongly about the scorecard, Zangardi said, that it will brief NATO allies on its success at the Consultation, Command and Control Board meeting in June. “encouraging them to move in a similar direction.”

Billy Mitchell

Written by Billy Mitchell

Billy Mitchell is Senior Vice President and Executive Editor of Scoop News Group's editorial brands. He oversees operations, strategy and growth of SNG's award-winning tech publications, FedScoop, StateScoop, CyberScoop, EdScoop and DefenseScoop. After earning his degree at Virginia Tech and winning the school's Excellence in Print Journalism award, Billy received his master's degree from New York University in magazine writing.

Latest Podcasts