The administration is pushing to update federal acquisition regulations to incorporate cybersecurity standards into agency purchasing decisions, according to a top White House official.
J. Michael Daniel, White House cybersecurity coordinator, said Thursday at the 2013 SINET showcase in Washington that the use of cybersecurity standards in how agencies evaluate products and services is a “growing area.”
“You will see increasing use of cybersecurity as a criteria in how the federal government judges products and services and other kinds of technology,” Daniel said.
The Defense Department has already taken steps to incorporate cybersecurity as one of the factors in its acquisition process and the administration will work to make similar changes across government by looking at updating the Federal Acquisition Regulation, he said.
The effort to update the FAR will take years and will be a “long-term effort” the administration will attempt to tackle in stages, Daniel told Federal Times.
“I think some of the initial reports are still coming in on how we would structure that,” he said.
He said it is still too early to tell if the administration would need congressional approval for any of the changes but that there is a lot agencies can do within existing statutes.