Defense

Pentagon automating its Cybersecurity Scorecard

The department is looking to release the Cybersecurity Scorecard 2.0 in the near future to replace the "static," self-reported version, said acting DOD CIO John Zangardi.

By Billy Mitchell

May 5, 2017

(Getty Images)

The Pentagon is updating its Cybersecurity Scorecard to deliver more-automated results to Defense Department leaders.

The department is looking to release Scorecard 2.0 in the near future to replace the current “static” version, which is compiled via self-reported information from agencies, said acting DOD CIO John Zangardi.

“It’s [not very] dynamic,” Zangardi said of the original scorecard at the Adobe Digital Government Symposium this week. “The idea with Cyber Scorecard 2.0 is to be dynamic, to get automated reporting. It’s to look at things in sort of a heat map so we understand the threat better.”

DOD CISO Essye Miller has been focused on automating the reporting of the scorecard since she took her position in December, Zangardi said. “There’s a lot of work for us to mature this, to move it forward.”

“We want to be dynamic,” he said. “We want to be able to get to the latest information quickly.”

The Cybersecurity Scorecard is a step in the right direction for the Pentagon, Zangardi said. By measuring 11 items related to basic cyber-hygiene — like strong authentication, removal of outdated software, implementing Host Based Security Systems, and properly patching and configuring systems — DOD leadership can better ensure compliance throughout the chain of command.

“It was a move from not knowing what you have to beginning to know what you have. And when you can measure something, you can do something about it,” he said, adding that “because we measured things, we could cajole people, we can encourage people to do the right thing, to make the investment — to move dollars.”

“Those 11 items are critical to moving us forward.”

The Pentagon CIO’s office feels so strongly about the scorecard, Zangardi said, that it will brief NATO allies on its success at the Consultation, Command and Control Board meeting in June. “encouraging them to move in a similar direction.”

Pentagon automating its Cybersecurity Scorecard

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

Google gets authorization to work with top-secret intelligence, defense data

Top Stories

State Department encouraging workers to use ChatGPT

Federal CIO calls on Congress to fund Technology Modernization Fund

GSA administrator: Generative AI tools will be ‘a giant help’ for government services

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

More Scoops

FITARA scorecard adds cloud metric, prompts expected grade declines

New rule could impose CMMC-like cyber requirements for civilian agency contractors

Cyber AB launches voluntary CMMC assessment program for defense contractors

OMB guidance presents chance to standardize software bill of materials

Military services, Pentagon CDAO meeting weekly to coordinate AI efforts

DOD exploring requirements for managed service providers under CMMC

Pentagon updates timeline for CMMC cybersecurity initiative

Latest Podcasts

Pentagon automating its Cybersecurity Scorecard

AI Week 2024 has Come and Gone

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

Tech

Defense

Cyber

Acquisition