Future Topics

This is the my scratchpad of posts that I might write in the future. Feel free to comment on what you’d like to hear me rant about.

2 thoughts on “Future Topics

  1. Spence Calder

    How about talking about getting the services to actually make good defensive cyber policy that doesn’t let CIOs drive?

    Cases in point:
    Only DoD is running VRP – Thanks DASD-C (CS) =D
    USCC delegated defense to “JFHQ-D” because it was the hard part
    No one wants to touch config management with a 10 foot pole even though understanding our network is a prereq.
    No one wants to entertain deception despite a strong imperative

    Reply
  2. Richard Ferguson

    I would love to see/read your updated thoughts on how a vendor can approach the CoN process when they have a fully developed product that needs testing. For instance, imagine if there was a individual vendor that had a complete grasp of an DoD organization’s requirements and developed something they feel could solve problems and/or gain significant efficiency. I know DIUx and app.gov are options, but what if the vendor needed assistance working through the CoN process. Thank you!

    Reply

Leave a Reply

Your email address will not be published.