Project Announcement: Cybersecurity and Risk Management Framework – Phase II

There are few imminent and continuous threats today that present – to both the public and commercial sectors – such high risk as cyber-attacks in the form of data breaches, including attacks across the Software Development Life Cycle or against the development environment. Software Assurance (SwA) is becoming increasingly critical, especially as the Department of Defense leverages commercial industry advancements in cloud computing and developmental platforms like Platform as a Service to modernize aging portfolios.

These efforts will underwrite a new acquisition program aimed at identifying and acquiring the most promising cloud-oriented innovations supporting the Under Secretary of Defense for Acquisition, Technology, and Logistics. Of note, the strategic elements of the SwA initiative include:

  • Partner with industry to focus science and technology on research and development of technologies.
  • Improve assured software development tools and techniques.
  • Strengthen standards for software partitioning and modularity.
  • Enhance vulnerability discovery.
  • Employ repeatable Systems Engineering and test processes to identify, assess, and isolate critical components, and mitigate software vulnerabilities.
  • Leverage and coordinate with industry, academia, and national and international partners to address shared elements of the problem.

Those interested in participating in this initiative should contact Nicholas Brown  by December 18, 2017. We encourage participation by Disadvantaged Business Enterprises (DBEs), including Minority Business Enterprises (MBEs) and Women’s Business Enterprises (WBEs).