Archives page

Posts Tagged ‘Department of Defense’

RESCHEDULED 1/17: Robert Carey, Principal Deputy CIO, DOD
Read More

RESCHEDULED 1/17: Robert Carey, Principal Deputy CIO, DOD

The Government Technology & Services Coalition cordinally invites you to an Insight Session with Mr. Robert J. Carey, Principal Deputy Chief Information Officer at the Department of Defense.

Robert Carey DOD

Mr. Robert J. Carey, Principal Deputy Chief Information Officer, U.S. Department of Defense

Mr. Robert J. Carey serves as the Department of Defense Principal Deputy Chief Information Officer.  Selected to this position in October 2010, his main focus is to help lead the consolidation and standardization of the Defense information technology enterprise while strengthening its cybersecurity posture and the enterprise architecture.  His additional focus is to align, strengthen and manage the office of the DoD Chief Information Officer to have it better serve the Department’s mission and help lead the IT/Cyber workforce into the 21st century.

From November 2006 to September 2010, he served as the fifth Department of the Navy (DON) Chief Information Officer (CIO) where he championed transformation, enterprise services, the use of the internet, and information security.  Mr. Carey joined the staff of the DON CIO in February 2000, serving as the DON CIO eBusiness Team Leader through June 2003.  During this period, he also served as the Director of the DON Smart Card Office from February through September 2001.  Mr. Carey entered the Senior Executive Service in June 2003 as the DON Deputy Chief Information Officer and was responsible for leading the DON CIO staff to achieve IM/IT enterprise integration across the Navy & Marine Corps.

Mr. Carey’s Federal service began with the U.S. Army at the Aberdeen Proving Ground in October 1982, where he worked as a Test Director evaluating small arms, automatic weapons and ammunition.  He began his service with the Department of the Navy in February 1985 with the Naval Sea Systems Command.  He worked in the Anti-Submarine/Undersea Warfare domain where he served in a variety of engineering and leadership positions.

Mr. Carey earned a BS in Engineering in 1982 from the University of South Carolina and a Master of Engineering Management from the George Washington University in 1995.  He has been awarded the Department of the Navy Distinguished Civilian Service Award (twice) as well as the Superior and Meritorious Civilian Service Awards.  He received the prestigious Federal 100 Award in 2006, 2008, and 2009, recognizing his significant contributions to Federal information technology.  He was selected to the InformationWeek Top 50 Government CIOs in 2009, 2010, and 2011.  Mr. Carey was named the Defense Executive of the Year for 2009 by Government Computer News, and he also received the prestigious Association for Federal Information Resources Management (AFFIRM) Executive Leadership Award – Defense for 2011.

A native of West Chester, PA, Mr. Carey is an active member of the United States Navy Reserve and currently holds the rank of CAPTAIN in the Civil Engineer Corps.  He was recalled to active duty for Operation Desert Shield/Storm and Operation Iraqi Freedom where, in 2006-2007, he served in the Al Anbar province with I Marine Expeditionary Force.

Register now

DoD Finalizes Cyber Security Threat Sharing Program
Read More

DoD Finalizes Cyber Security Threat Sharing Program

On October 22, the Department of Defense (DoD) finalized the details for its DoD-Defense Industrial Base (DIB) Voluntary Cyber Security and Information Assurance (CS/IA) threat sharing program with defense industrial base companies. No changes have been made to the interim final rule published in May 2012.

This final rule responds to public comments regarding the establishment of the DIB CS/IA program, a voluntary cyber security information sharing activity between DoD and eligible DIB companies to enhance and supplement DIB participants’ capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems. The program is codified at 32 CFR Part 236 and implements DoD statutory authorities to establish programs and activities to protect DoD information and DoD information systems, including information and information systems operated and maintained by contractors or others in support of DoD activities (see 10 U.S.C. 2224 and the Federal Information Security Management Act (FISMA), codified at 44 U.S.C. 3541 et seq.). It also fulfills important elements of DoD’s critical infrastructure protection responsibilities, as the sector specific agency for the DIB sector see (Presidential Policy Directive 21 (PPD-21), “Critical Infrastructure Security and Resilience”). This program allows eligible DIB companies to receive U.S. Government (USG) threat information and to share information about network intrusions that could compromise DoD programs and missions. In addition, the program permits DIB companies and DoD to assess and reduce damage to DoD programs and missions when DoD information is potentially compromised. Furthermore, the information sharing arrangements between the DoD and each participating DIB company that implement the requirements of this are memorialized in a standardized bilateral agreement, known as a Framework Agreement (FA), signed by the participating DIB company and the Government.

The rule also provides the eligibility requirements for a company to participate in the DIB CS/IA program.
Costs for DIB participants include obtaining access to DoD’s secure voice and data transmission systems supporting the DIB CS/IA program and acquiring DoD approved medium assurance certificates. There also are costs associated with the collection requirements for providing point of contact information and cyber incident reporting. Government costs include onboarding new companies and collecting and analyzing cyber incidents from DIB participants.

A foundational element of this bilateral information sharing model is the recognition that the information being shared between the parties includes extremely sensitive nonpublic information, which must be protected against unauthorized uses and disclosures in order to preserve the integrity of the program.

For additional information regarding the Government’s safeguarding of information received from the DIB companies, with specific focus on PII, see the Privacy Impact Assessment (PIA) for the DIB CS/IA Program.

In addition, this rule and program are intended to be consistent and coordinated with, and updated as necessary to ensure consistency with and support for, other federal activities related to the handling and safeguarding of controlled unclassified information, such as those that are being led by the National Archives and Records Administration pursuant to Executive Order 13556 Controlled Unclassified Information (November 4, 2010).

This rule is not intended to implement the new requirements from section 941 of the National Defense Authorization Act for Fiscal Year 2013.

For more information, read the full final DIB CS/IA rule in the Federal Register.