Friday, 2 August 2019

US Department of Defense's "JEDI" Cloud Cyber Security

I told them to stop this contract a couple of years ago. I wasn't concerned with fairness, I was concerned about cyber security.


I've just looked briefly through this DoD "Cyber Security Plan" from https://www.fbo.gov/index.php?id=3860a4f4fe9d9ffc31e722ece82a143c and it was clearly written by people with no idea about computer and communications security at all! Really, it is a joke! The specification simply assumes security, it doesn't actually explicitly require it! For example:


The United States government has access to US citizens who are computer security professionals, so why don't they consult them? See Amy Zegart on Cyberwar.

No comments:

Post a Comment