OASD looks for cybersecurity SME support
On September 1, the Office of the Assistant Secretary of Defense (Energy, Installations and Environment) posted a request for information for cybersecurity SME support. Responses are due no later than 8:00am EST on September 16; Questions are due no later than 8:00am EST on September 8.
The Office of the Assistant Secretary of Defense (Energy, Installations and Environment) oversees the Department of Defense (DoD) Facility Energy Program and progress towards achieving facility energy goals. The OASD(EI&E) is responsible for issuing facility energy policy and guidance, coordinating the Defense Department’s facility energy strategy, engaging with DoD Components, and coordinating all congressional reports related to facility energy.
Provide subject matter and knowledge and assist in the review of Energy Security Technology Certification Program (ESTCP) proposals. Intent is to assist ESTCP management in determining if proposed technology has considered all of the needed and appropriate requirements for investment consideration.
The Energy Security Technology Certification Program (ESTCP) funded ten projects in FY16 that focus on demonstration of various aspects of microgrids. These projects interact with Control Systems (CS) on Military Networks and require obtaining authority to operate (ATO) in order to perform the demonstrations. Some of these projects also focus on demonstrating technology designed to enhance or improve cybersecurity posture of Military Industrial Control Systems.
The process for obtaining ATO for these technologies is not well understood by the project teams and the technologies used in these demonstration projects all have common elements. Each project has budgeted for consultants with subject matter expertise, at significant cost, to assist with navigating the Risk Management Framework in order to obtain an ATO. The simultaneous implementation of these demonstration projects at multiple sites across different services provides an opportunity to collect lessons learned and share best practices to improve project execution efficiency and reduce cost.
Additionally, the collective experience gained by these similar projects going through the RMF provides opportunity to identify specifications for this type of technology that could be used to expedite the process for like-technology in the future.
The ESTCP Program Office requires support from a Cybersecurity subject matter expert (SME) to act as an advisor to the Program Office to monitor the project teams’ efforts toward obtaining an ATO, and facilitate information sharing across project teams to improve project execution efficiency.
Full information is available here.