Yo, Open Source Cheerleaders: Department of Defense News
May 21, 2025
Add this to the many changes we have recently seen in the federal government: We learn from Tech Radar, “Pentagon Looks to Shake Up ‘Outdated’ Software Procurement, Declares War on Open Source.” As much as we love open-source software, we know it poses certain security risks for sensitive systems. With an initiative dubbed the Software Fast-Track (SWFT), DOD CIO Katherine Arrington aims to overhaul the department’s software acquisition, authorization, and testing processes. The new framework is to be published by the end of July. Writer Craig Hale reports:
“In the memo, Arrington explained the SWFT Framework will define ‘clear’ and ‘specific’ cybersecurity and Supple Chain Risk Management (SCRM) requirements, rigorous software security verification processes, secure information sharing mechanisms and Federal Government-led risk determinations to expedite the cybersecurity authorizations for rapid software adoption. She continued to explain that current systems are best seen as ‘outdated,’ noting that acquisition processes don’t enable the agility that departments need. Arrington also noted that the use of open source software ‘presents a significant and ongoing challenge,’ with a lack of visibility into the origins and security of software code particularly troubling. Malware and partner leaks have already exposed vulnerabilities in DOD systems, with software vulnerabilities among the most popular entry points for attackers.”
Excellent point. We note the DOD seems to have several goals for this initiative. One can only hope security will take precedence over rapid adoption and penny-pinching. We are curious to see how the agency will save money while shifting away from free software.
Cynthia Murrell, May 21, 2025
Comments
Got something to say?
-
- Subscribe to Beyond Search
Feature archive
News archive
-
