For Immediate Release
DHS Science & Technology Press Office
Contact: John Verrico, (202) 254-2385
Washington, DC – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) awarded $1.1 million to GovReady PBC, based in Silver Spring, Md., to provide tools that improve accessibility for small to mid-size companies interested in developing software and IT systems for the federal market. Before government can deploy any technology, a certification and accreditation (C&A) process is required to test, evaluate and ensure security compliance. However, in its current form, the C&A process is complex and challenging to navigate, particularly for companies encountering C&A standards for the first time. GovReady will develop tools to help developers through the C&A process and in doing so open the door for more secure, compliant and quality software systems. The project titled “Security Controls Compliance Server” was awarded through the 2014 DHS S&T Long Range Broad Agency Announcement, DHSST-LRBAA14-02 and is part of the DHS S&T Homeland Open Security Technology (HOST) program administered by S&T’s Cyber Security Division.
“The C&A process is key to running software on any government network, yet the challenges are well-known,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers. “S&T is working to simplify and improve the C&A process to help businesses gain access to the government market.”
Since 2011, the S&T HOST program has investigated open-source methods, models and technologies to protect government cyber assets. This work supports the HOST program objectives of supporting and protecting cyber assets in both government and critical infrastructure sectors by lowering adoption barriers for open source security solutions.
“The C&A process is essential, but, in its current state, unnecessarily difficult for small businesses to navigate,” said Dr. Dan Massey, S&T HOST Program Manager. “This project will help to even the playing field between large and small business by giving everyone an opportunity to provide software to the government.”
The work by the GovReady team, led by Greg Elin, will also include an assessment as to whether this can make compliance with the Federal Information Security Management Act easier for open-source software.
For more information, visit scitech.dhs.gov/cyber-research.