Pentagon Reveals "Do Not Buy" Software List
The security stand-off between the United States and Russia and China is set to intensify after the Pentagon revealed it has been developing a “do not buy” list of software originating from the two hostile nations.
The Defense Department’s acquisitions boss, Ellen Lord, told reporters that the list was begun six months ago in concert with US intelligence agencies.
As the name suggests, once a vendor is included on the list, their products will be boycotted by the Pentagon as a security risk.
However, drawing up the list has apparently not always been easy given that Beijing and Moscow are keen to hide the true origin of some companies.
"What we are doing is making sure that we do not buy software that is Russian or Chinese provenance, for instance, and quite often that is difficult to tell at first glance because of holding companies," Lord reportedly said. "We have identified certain companies that do not operate in a way consistent with what we have for defense standards."
Chinese telecoms firm ZTE and Russian AV firm Kaspersky Lab have been early casualties in an escalating Balkanisation of global technology flows.
Kaspersky Lab was banned for government use after fears of ties to Russian intelligence which it claims were never substantiated by lawmakers, while both ZTE and Huawei could yet face similar bans on their products if a defense authorization bill for fiscal 2019 passes Congress.
“It really speaks to cybersecurity writ large, which is one of our greatest concerns right now," Lord said. "This is a challenge for us in terms of how to deal with the industrial base, particularly small companies who don’t always have the resources."
Terry Ray, CTO at Imperva, argued that governments have always placed strict controls on foreign technology providers.
“It is common for the US government to scan software used in its environments for backdoors and other embedded code, or configurations that may allow hidden or previously unidentified connections, inbound or outbound to the technology,” he said.
“At the moment, I have not seen details on any new inspection processes which makes me think the technical review will utilize existing techniques. However, it’s important to note that other well-developed countries operate similarly and prefer to purchase and implement in-country or open source technology, in lieu of off-the-shelf products offered by the US or its allies.”
Source: infosecurity-magazine
Latest Jobs
-
- Technical Design Authority (Telecoms, SDWAN, IOT, WAN, Hosted Services)
- Germany
- Up to €90,000 plus car, bonus and benefits
-
Location: Frankfurt Technical design Authority is required to help lead a number of key client Migrations projects for this tier 1 Telecom company, the main role for the TDA is helping customers migrate to new services, with a focusing on hosting (AWS, Azure) SWWAN and IOT. You will be responsible for: Post sales design documentation, implementation and migration of complex solutions for managed enterprise customers. Complex solutions consist of multi-product services. The TDA’s role is to ensure that these services interoperate and integrate into the customer environment. Such products consist of but not limited to MPLS, Ethernet, IPSec VPN’s, VoIP, Video Conferencing, Wireless, Internet, Private DSL, WAN Optimization, Managed Security Services, Managed Hosting, SDWAN and Complex Migration Planning. The TDA will own the technical delivery of customer solutions and will be the technical interface between the customer, product teams and project management during service delivery. Close engagement with pre-sales, technically validating solutions proposed are deliverable and all technical aspects are clearly defined prior to contract signature. The TDA accepts technical ownership of the solution at the point of contract signature. Lead customer facing technical workshops requiring excellent communication with the ability to articulate technical concepts clearly to all levels of competency. Providing support to 3rd line teams for OEM and design related faults. You will need to be at CCIE level (ideally CCIE R&S or SP ) with strong low level design and deployment skills, comfortable in front of customers and leading customer meeting. Fluent German is required. Knowledge in SDWAN and Hosted services would be advantageous. Reference: RA7302
-
- Big Data Architect
- Newbury
- £70,000 + Benefits
-
A Big Data Architect is required for a leading Google Cloud partner. The Big Data Architect will be responsible for advising external customers(FTSE100) on Big data storage and transformation requirements on the Google Cloud platform. You will get the chance to be at the forefront of technology, regularly involved with Google Alpha tests – You will be shaping the future of google tech. Experience required; Public Cloud Architecture – Ideally Google but will consider people with an Azure or AWS background who are looking to move into GCP. Experience with Big Enterprise Data – Set ups, Flows, Pipelines etc. Strong SQL understanding – DataBase, Data Residency. Candidates must be based and eligible to work in the UK without sponsorship as our client do not have the ability to sponsor. Reference Number: PG7347
-
- NetIQ Consultant (Contract)
- London
- £600 Per Day
-
A NetIQ Consultant is needed for a 6 month engagement in London. The NetIQ Consultant will be responsible for Designing, Configuring & Implementing Micro Focus Operations Centre & eDirectory Solutions. Required skills and experience Current experience with Micro Focus Operations Centre & eDirectory. SC Clearance is needed due to the nature of work. Reference Number: CH7363
-
- New Business Sales Consultant
- London
- £50,000 plus benefits and OTE
-
One of our clients who is are a leading service provider are looking for a direct sales consultant to secure new logo business within the Mid market sector selling the full company portfolio of Cloud, Voice & Data solutions Responsibilities: To establish, develop and bring on new accounts to manage. Identify up-sell opportunities within the existing accounts. To ensure sales targets are achieved or a Monthly, Quarterly and Annual basis To plan Sales strategies and liaise with Marketing to produce campaigns to increase market share To competently and knowledgably advise clients on ICT solutions and managed services that best fulfil their requirements, undergoing full assessments and analysis of client needs Participation in planning and preparing marketing campaigns along with your own targeted campaigns Assist with the mentoring of junior staff members Attending networking events which at times may include activities outside of normal work hours Knowledge & experience required: Consistent new business sales record within the cloud, telecoms, ISP, systems integrator or carrier space Knowledge of cloud, data, voice, connectivity and Internet network technologies An ambitious, industrious and aspirational mind-set Experienced selling into the SME/MLE market Committed, engaged, and responsible when dealing with customers Reference Number: RA7361