At cyber it security (SINET) occasion held in Washington D.C lately a sober assessment of our nation’s capacity to maintain an adequate cyber defense emerged.

The state of our cyber defense was summarized by Michael Chertoff, former Secretary of the Department of Homeland Safety when he concluded that it may possibly take “a digital 9-11” to get organization, consumers and governments to fortify their cyber safety defenses. In effect we are fighting an asymmetrical war and, at present, we seem to be losing.

Echoing this theme, Mr. Vivek Wadhwa, a respected cyber safety analyst, argues, “Government basically can’t innovate rapidly sufficient to keep pace with the threats and dynamics of the World-wide-web or Silicon Valley’s swiftly changing technologies.”

Wadhwa goes on to point out that innovative entrepreneurial technologies advancements are required but the government, for the reason that of it overwhelming dependencies on big contractors, is not equipped to take advantage of new and effective cyber defense technologies.

Wadhwa concludes that correct innovation developed by way of smaller entrepreneurial firms is becoming stifled by Federal Government procurement practices.

The Federal Government Acquisition Method is Inadequate:

Although Wadhwa’s argument is focused on technology improvement only it also applies equally to service providers who adapt new technology to new and enhancing defensive techniques such as vulnerability assessment, evaluation of threats and remedial action.

Considering that powerful defense against cyber attacks is an on going course of action of monitoring and taking coercive action, the role of solutions and the cyber warrior is also crucial and outdated Federal shopping for patterns are equally harmful.

A lot of the trouble stems from the present acquiring and acquisition patterns of the government. For years now the government has preferred to bundle specifications in to massive “omnibus” or IDIQ contracts (with negotiated task orders) that favor the biggest contractors but stifle innovation and flexibility. Cyber safety specifications are treated on a like basis with Facts technologies requirements and this is a error.

In addition, current Congressional contracting “reforms” have encouraged protest actions on new contracts and process orders for both new and current contracts, resulting in a important delay of the procurement method. In the fast evolving world of cyber security, delayed deployment of typically obsolete technology solutions increases the threat of a effective attack.

Since these contracts are exceptionally large, they demand quite a few levels of approval-usually by Congress or senior administration officials. It ordinarily requires three-4 years for government to award these and successful bidders frequently have to go by means of a grueling “certification” method to get approved to bid. Proposal efforts for huge bundled contracts expense millions of dollars to prepare and to lobby government officials and political leaders in order to win.

Mainly because of acquiring patterns that are slanted toward big, slower moving contractors new technologies expected to meet the multitude of cyber threats will be ignored in the coming years. This puts the nation at danger.

Modest contractors are often overlooked in favor of large contractors who regularly use contract autos to provide solutions and options that are usually out of date in the rapidly changing cyber planet.

Startups cannot wait this lengthy or afford the cost of bidding. But it is not sufficient to demonize big contractors when the root bring about lies is how the government procures technology.

In order to remedy this challenge an overhaul of the acquisition and procurement approach is required to level the playing field for modest cyber security firms: it should be created simpler for startups and modest service providers to bid for government contracts.

A single productive way to do this is to unbundle the cyber needs for IT acquisitions and use more smaller business set asides for contract awards. In addition protests at the Common Accounting Office must be discouraged and reserved only for apparent abuses of the contracting approach.

Procurement occasions need to be reduced to months rather than years some projects should be accomplished in smaller methods so that the important contractors, whose aim is generally income maximization and putting unqualified bench staff, are not the only ones certified to full them.

Cyber attacks on our sensitive infrastructure and government agencies have improved considerably. We want the latest technology and very best tools in order to win the cyber war.