What's your opinion/take on the efforts of DOGE?

[JDMeister]

The evidence keeps coming out. American taxpayers paid for the impeachment of Donald Trump with laundered USAID money
Jesse Watters “You have this new piece on Substack that the USAID and the CIA helped orchestrate Trump's impeachment?”
Michael Shellenberger “It's a crazy story — The House of Representatives impeached, president Trump in December of 2019. Many people may may not remember that it was a CIA analyst who was left over from the Obama White House who wrote the memo that led to the impeachment. It was all based on hearsay.
The person had not actually been in the room with Trump. Nonetheless, this memo that he wrote relied heavily on a report done by an organization funded by USAID. In fact, its initial founding funding I mean, now it's $10s of millions of dollars had gone into this group called the Organized Crime and Corruption Reporting Project, a name that's not very memorable, OCCRP, but it was basically created as an extension of the state department and then of USAID
— It was a kind of public facing part you know, regime change operation like CIA, but not covert, more overt — They were doing this sort of thing abroad, creating a predicate essentially for Trump's impeachment.”
.

 

[JDMeister]

Trumps New IT Department Head Is Taking Control.
++++++++++++++++


Katie Arrington, the Defense Department’s acting chief information officer, has little sympathy for contractors complaining about the Cybersecurity Maturity Model Certification.

After all, she was the lead ambassador for the launch of the defense industrial base's new cyber and supply chain security standard during the first Trump administration.

The Biden Administration made changes in the approach for CMMC, but the requirement is essentially the same – contractors need to certify how they are following a set of standards for securing government information on their systems.

That mostly refers to 800-171 from the National Institute of Standards and Technology on controlled unclassified information.

Arrington is now back at DOD following Trump’s election in November and CMMC is her responsibility again.

“If you go on LinkedIn one more time and tell me how hard CMMC is, I’m going to beat you,” she said Wednesday at an AFCEA DC luncheon. “That ship sailed in 2014.”

Contractors have been required for more than a decade to comply with NIST Standard 800-171, which has 110 controls for protecting CUI. Contractors have been self-certifying their compliance during that time.

But with CMMC now final, companies must now go through a third-party audit.

“You are telling me over 11 years later how hard it is?” she said.

Complaining now only puts a target on the backs of companies for the Defense Contract Management Agency to come in and audit their cyber posture, Arrington said.

“Do you think the government isn’t watching?” she said. “Do you think China’s is backing off?”

CMMC and zero trust architectures are part of a culture shift at DOD toward a trust but verify posture, Arrington said.

“It’s not a framework. It never was," she added.

Every system DOD fields must start with security and that starts with the acquisition process, she said.

On acquiring software, Arrington said she is developing a software fast-track process to be called SWIFT. The intent is to speed up the authority-to-operate process.

A request for information will be released to look for third-party vendors that can help in risk assessment, she said.

Software will be assessed on 12 characteristics of risk such as financial, foreign ownership and cyber. Arrington also wants artificial intelligence to help review the findings instead of waiting for a human to do it.

“I’m blowing up the risk management assessment framework. I’m blowing up the ATOs,” she said. “I only have five things I really care about: How do you develop what you’re doing that’s secure by design? How do I validate that? Are you working with Zero Trust? How do I validate that? What’s more important – an ATO or continuous monitoring? Continuous monitoring. How do I do that?”

She is planning a meeting for May that will have all of DOD’s component CIOs to work on a plan going forward.

“We have to get away from the way we’ve done business to the way we need to do business,” Arrington said.

 

[JDMeister]

California Is Still Fighting.
.
.
WTF are they thinking?
.
.