Another cyber bill, a FedRAMP report card, cyber-ed partnerships and more

News and notes from around the federal IT community.

Cybersecurity

Hatch-Carper bill proposes more oversight of agency cybersecurity efforts

A new Senate bill would require inspectors general to report on practices and tools used by federal agencies to safeguard their networks and data, while also evaluating any roadblocks to agencies adopting protective measures.

The Federal Computer Security Act, from Sens. Orrin Hatch (R-Utah) and Tom Carper (D-Del.), is fairly modest in its aims, and seems tailor-made to serve as an amendment to the Cybersecurity Information Sharing Act, which the Senate intends to take up in September.

The bill simply gives OIGs a 240-day deadline to report to Congress and the Government Accountability Office on agency use of multi-factor authentication, a census of security applications, an accounting of licenses to use security software and a description of data security practices. The bill also tasks GAO with producing an economic analysis of agency use of security software, perhaps including overlapping, excessive or redundant tools and licenses, as well as telling Congress what hurdles agencies face when selecting security tools.

NSA, South Dakota State partner on cyber education

The National Security Agency's National Cryptologic School and Dakota State University have formed a partnership that allows agency employees to apply their experience toward a bachelor's degree in the university's online cyber operations program, the pair announced Aug. 5.

Agency employees can start registering with the university for the coming fall semester. This is the first such agreement between the NSA's cryptologic school and a public academic institution, the agency said.

"Our military employees already go through extensive training to qualify for their roles here," Steve LaFountain, dean of NSA's College of Cyber, said in a statement. "This partnership provides them with a huge head start toward obtaining a degree in a valuable field of study."

DHS awards $1.2 million for mobile security research

The Department of Homeland Security's Science and Technology Directorate has given Rockville, Md.-based Intelligent Automation a $1.2 million award for mobile security research and development.

The firm will implement a software security tool "in an effort to severely impact an attacker's ability to operate in existing and future mobile devices," the directorate said.

The award is part of a broader project at DHS to accelerate adoption of mobile security products in government and the private sector.

Two new FedRAMP ATOs

Another Microsoft cloud service has been granted a Federal Risk and Authorization Management Program authority to operate, GCN reports.

The Department of Housing and Urban Development issued the ATO and will be using the Microsoft Dynamics CRM Online Government cloud. That service, Microsoft says, ensures agencies can work from an array of devices, including smartphones, tablets and laptops through a single sign-on.

MaaS360 -- a mobile device management service from the IBM-owned Fiberlink -- has also been given the FedRAMP seal of approval, via the Joint Authorization Board.

GSA said Aug. 6 that as of the end of June, 82 percent of the 1,400 government cloud implementations are FedRAMP compliant. There has been a 41 percent increase in the number of cloud service providers added to the program, with a total of 18 JAB approvals, 17 agency approvals and three cloud service provider-supplied approvals.