Steve Grewal, the Education Department's chief information security officer, joined Federal News Radio on March 6, 2014, for an online chat.
Grewal answered questions about his agency's new security operations center (SOC), the cyber workforce, and challenges with security at the agency. View an archived version of the chat.
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mobile Device Management
- The Modern Federal Threat Landscape
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- Satellite Communications: Acquiring SATCOM in Tight Times
- Transformative Technology: Desktop Virtualization in Government
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Ask the CIO
Cyber test gives Army Corps faith in system resilience
Tuesday - 12/13/2011, 9:07pm EST
Federal News Radio
The Army Corps of Engineers' Los Angeles district became one of the first Defense Department offices to go through a Command Cyber Readiness Inspection.
And Bob Kazimer, the director of corporate information and chief information of the Army Corps of Engineers, expects DoD's Cyber Command's report to show the network strength of the Corps L.A. office to be pretty stout.
"The U.S. Cyber Command as part of the DISA team select various circuits across the DoD and partners, and announce they will conduct an inspection," Kazimer said. "They give us some time to prepare and then come down for a full week of scanning, interviews, analyses and observations. In my view, it's a no-holds barred inspection."
Kazimer said he expects the LA district to perform well in the analysis.
"It's not just about Los Angeles," he said. "It's about making sure our national team and our leadership can take the lessons learned in preparation for the CCRI and apply them across the Corps."
In fact, Kazimer said he expects the Army Corps to do a "hot-wash" immediately following the CCRI results, and from that they will do an internal set of analysis for how to plan for the future.
"We are very concerned about cyber, how it affects our infrastructure that we are responsible for," he said. "We produce 24 percent of the nation's hydropower. We are responsible for navigation along 12,000 miles of inland channels. All of the structures have systems that are controlled electronically and we have to make sure they are hardened against possible issues or threats."
Along with the CCRI, Kazimer said his office is moving the Army Corps to Microsoft Windows 7 in the coming months and that should improve the information assurance of their systems.
Additionally, Kazimer said the Army Corps is using the DoD Common Access Card (CAC) to sign and encrypt emails and documents and log onto their computer networks.
"We are taking deliberate steps to make sure each one of our commands, wherever they are, have the capability to meet all the standards DoD and the Army require of us," he said.
Along with cybersecurity, Kazimer said the Army Corps of Engineers has been consolidating and virtualizing its servers.
The agency over the last three years has moved IT operations and oversight from 55 different locations to two main data centers.
"We are over 50 percent complete," Kazimer said. "We have been doing an enterprising of our email services. In most cases, we have been making those transitions seamless to our users."
This consolidation and centralization effort is a result of the Army Corps of Engineers A-76 competition won by a public-private team of agency employees and Lockheed Martin in 2006.
"We've been through a major transformation," he said. "We've had significant restructuring and cost avoidance through a much leaner organization coming out of that. In any given year, we are looking at approximately $49 million in cost avoidance."
Kazimer said the cost avoidance is based on the baseline year of costs in 2003.
"We are going about the process of doing an IT master plan for how we transition past the current period of performance. Right now, there are provisions that tell us not to recompete. We have to work within what the law and other regulations grant us the authority to do."
Panel: Cyber Command progress report