Politics
Arrington kicks off effort to eliminate RMF for DoD software
The Defense Department’s latest effort to obtain secure software kicked off a 90-day sprint today to develop a framework and implementation plan under the Software Fast Track (SWFT) initiative.
Katie Arrington, who is performing the duties of the DoD chief information officer, officially launched the initiative in a much-anticipated memo signed on April 24. The Pentagon only made the memo public today.
At the same time, the DoD CIO’s office released three requests for information (RFIs) under SWFT asking vendors for insights around tools, external assessments and how to best use automation and artificial intelligence to assist DoD-led risk assessment for expedited cybersecurity authorizations.
Katie Arrington is performing the duties of the DoD CIO.
“Instead of going through the arduous process of finding a program manager who will look at your software, send it to a lab and test it, I’m of a modern age. In the Supplier Performance Risk System (SPRS), it is backed by a platform called Enterprise Mission Assurance Support Service (eMASS). eMASS is approved from [unclassified] all the way up to special access program (SAP). What I’m going to have software providers do is provide me with their base risk scores on the DoD’s 12 characteristics of risk that range from financial to foreign ownership, control or influence (FOCI) to cyber, including the Cybersecurity Maturity Model Certification (CMMC) and onward down,” Arrington said at the recent AFCEA DC lunch on April 23.
“I’m going to ask you, if you’re a software provider, to provide me your software bill of materials (SBOM) in both your sandbox and production, along with a third-party SBOM. You’re going to populate those artifacts into eMASS. I will have AI tools on the back end to review the data instead of waiting for a human and if all of it passes the right requirements, provisional authority to operate (ATO). Here’s the better part, because I’m blowing up the risk management framework (RMF) and I’m blowing up the ATOs. They’re stupid. They’re archaic,” she said.
As part of the dismantling of the RMF, Arrington brought together on May 1 all service and agency CIOs and chief information security officers to determine what are the security questions and answers that matter the most.
“I want the RMF eliminated. It can be the framework we base it on, but I only have five things I really care about. Did you develop what you’re doing in secure by design? How do I validate that? Are you working with zero trust? How do I validate that? What’s more important in ATO or continuous monitoring? Continuous monitoring, so how do I do that?” she said. “After the May event, we’ll come back and then I’m going to ask industry, ‘does it make sense?’ As we’re redoing acquisition reform, we’re re looking at how to do the far why shouldn’t we be looking at the RMF, which is the thing that holds everything together, and it’s the most archaic thing in the world.”
New attempt to move toward continuous ATO
DoD moved to the RMF in 2018 when it transitioned away from the DoD Information Assurance Certification and Accreditation Process (DIACAP). The RMF is a unified framework for assessing organizational risk posed by IT systems and managing that risk by selecting the appropriate security controls. The framework supports continuous assessment as the security status changes throughout the system lifecycle.
Over time, however, the RMF became too static and unable to guarantee the security of a system. DoD tried to promote the concept of continuous authority to operate (cATO) in a 2022 memo from the CIO. The concept focused on enabling system owners to show they’re capable of defending their systems in real-time and that they have a secure software supply chain.
The Navy, for example, has been moving away from the RMF for more than three years with the “Cyber Ready” approach, which focuses instead on continuous monitoring and ongoing risk assessments. Former Navy Secretary Carlos Del Toro announced the “Cyber Ready” initiative in August 2022 in a memo outlining its principles of pre-emptive cyber defense.
The SWFT initiative is Arrington’s attempt to finally move DoD, particularly software that the military buys to this cATO approach.
“I remember when we were going from DICAP to RMF, I wanted to pull my hair out. It’s still paper. Who reads it? What we do is a program protection plan? We write it, we put it inside the program. We say, ‘this is what we’ll be looking to protect the program.’ We put it in a file, and we don’t look at it for three years,” she said. “We have to get away from paperwork. We have to get away from the way we’ve done business to the way we need to do business, and it’s going to be painful, and they’re going to be a lot of things that we do, and mistakes will be made. I really hope that industry doesn’t do what industry tends to do is want to sue the federal government instead of working with us to fix the problems. I would really love that.”
Along with the memo, Arrington’s office released three RFIs to gauge industry insights and feedback for how to make the process work best.
The first RFI is for SWFT tools.
“DoD seeks industry perspectives for SWFT risk criteria for consistent, secure and accelerated risk assessments. The SWFT supply chain risk management (SCRM) requirements will equip DoD authorization officials with product-specific risk information throughout the software development life cycle,” DoD wrote in the RFI.
DoD seeks answer to six questions, including:
- What are the specific references or industry standards organizations rely on when considering secure software development and software supply chain threats and vulnerabilities to a company and its software products?
- What artifacts does your organization produce to perform risk assessments of software? Does your organization use automated tools to produce these artifacts?
The second RFI is for external assessments to streamline the processes.
“DoD seeks industry perspectives that utilize existing external assessment methodologies that can serve the SWFT initiative. These external assessment methodologies must support rigorous software security verification processes and enable DoD-led risk determinations,” DoD wrote.
DoD laid out five questions, including:
- Does your organization currently have an audit function that assesses software security? If so, internal or external? And is this assessment performed as part of another compliance regime? Which one(s)?
- How could a SWFT external assessment demonstrate technical expertise, cybersecurity, and supply chain risk management (SCRM) experience that is inclusive of sensitive data protection, impartiality, and independence?
The third RFI is how best to apply automation and AI tools to the assessments.
“DoD seeks industry perspectives for the use of automation and artificial intelligence to assist DoD-led risk assessment for expedited cybersecurity authorizations. Risk assessment assistance will utilize supplier SBOM, SWFT artifacts and attestations, and DoD-specific knowledge (e.g., mission impact determinations),” DoD wrote.
Industry has only four questions to answer in this RFI, including:
- What are the possible ways that automation or AI could assist to streamline DoD-led SWFT risk assessments under the DoD defined Risk Management Framework (RMF)?
- What are the considerations that DoD should prioritize when evaluating automation and AI solutions for DoD-led SWFT risk assessments and determinations?
Responses to all three RFIs are due by May 20.
“This initiative will lead the department’s adoption in best practices to obtain, develop and field secure software,” Arrington wrote in the memo. “The SWFT initiative will define clear, specific cybersecurity and SCRM requirements, rigorous software security verification processes, secure information sharing mechanisms and federal government-led risk determinations to expedite the cybersecurity authorizations for rapid software adoption.”
The post Arrington kicks off effort to eliminate RMF for DoD software first appeared on Federal News Network.
Dr. Ben Carson is the newest member of the Trump administration.
On Wednesday, former Secretary of the Department of Housing and Urban Development, Ben Carson, was sworn in as the national adviser for nutrition, health, and housing at the U.S. Department of Agriculture.
Agriculture Secretary Brooke Rollins shared that Carson’s role will be to oversee Trump’s new Big Beautiful Bill law, which aims to ensure Americans’ quality of life, from nutrition to stable housing.
After being sworn in, Carson shared, “Today, too many Americans are suffering from the effects of poor nutrition. Through common-sense policymaking, we have an opportunity to give our most vulnerable families the tools they need to flourish.”
WATCH:
BREAKING Dr. Ben Carson has been sworn in as the National Nutrition Advisor to Make America Healthy Again
THIS IS A HUGE WIN pic.twitter.com/Dr5AsSDkRM
— MAGA Voice (@MAGAVoice) September 24, 2025
Per USDA:
Today, U.S. Secretary of Agriculture Brooke L. Rollins announced that Dr. Benjamin S. Carson, Sr., M.D., was sworn in as the National Advisor for Nutrition, Health, and Housing at the U.S. Department of Agriculture (USDA).
“There is no one more qualified than Dr. Carson to advise on policies that improve Americans’ everyday quality of life, from nutrition to healthcare quality to ensuring families have access to safe and stable housing,” said Secretary Rollins.
“With six in ten Americans living with at least one chronic disease, and rural communities facing unique challenges with respect to adequate housing, Dr. Carson’s insight and experience is critical. Dr. Carson will be crucial to implementing the rural health investment provisions of the One Big Beautiful Bill and advise on America First polices related to nutrition, health, and housing.
“As the U.S. Secretary of Housing and Urban Development in the first Trump Administration, Dr. Carson worked to expand opportunity and strengthen communities, and we are honored to welcome him to the second Trump Administration to help lead our efforts here at USDA to Make America Healthy Again and ensure rural America continues to prosper.”
“Today, too many Americans are suffering from the effects of poor nutrition. Through common-sense policymaking, we have an opportunity to give our most vulnerable families the tools they need to flourish,” said Dr. Ben Carson. “I am honored to work with Secretary Rollins on these important initiatives to help fulfill President Trump’s vision for a healthier, stronger America.”
On Sunday, Dr. Carson was one of the many speakers at the memorial service of the late TPUSA founder Charlie Kirk.
During the memorial service, Carson highlighted that Kirk was shot at 12:24 p.m. and then continued to share the Bible verse John 12:24, which reads, “Verily, verily, I say unto you, Except a corn of wheat fall into the ground and die, it abideth alone: but if it die, it bringeth forth much fruit.”
WATCH:
Ben Carson reads John 12:24 at the Charlie Kirk’s funeral. Charlie was shot at 12:24.
It reads: “Very truly I tell you, unless a kernel of wheat falls to the ground and dies, it remains only a single seed. But if it dies, it produces many seeds”
God is moving and speaking. pic.twitter.com/0ZbVTAwwYl
— Danny Botta (@danny_botta) September 21, 2025
The post President Trump Taps Dr. Ben Carson for New Role — A HUGE Win for America First Agenda appeared first on The Gateway Pundit.
Politics
LEAKED MEMO: Deep State Prosecutors in the Eastern District of Virginia Claim There Isn’t Enough Evidence to Convict Comey Amid Reports of Imminent Indictment
On Wednesday evening, disgruntled officials in the Eastern District of Virginia leaked contents of a memo explaining why charges should not be brought against James Comey.
As reported earlier, former FBI Director James Comey is expected to be indicted in the Eastern District of Virginia in the next few days.
Comey will reportedly be charged for lying to Congress in a 2020 testimony about whether he authorized leaks to the media.
Officials in the Eastern District of Virginia are still fighting to stop Comey from being charged after Trump fired US Attorney Erik Siebert.
President Trump last week fired Erik Siebert as the US Attorney for the Eastern District of Virginia because he refused to bring charges against Letitia James, Comey, Schiff and others.
On Saturday evening, President Trump announced that he had appointed Lindsey Halligan – his personal attorney who defended him against the Mar-a-Lago raid – as US Attorney for the Eastern District of Virginia.
Now, with just days to go before the statute of limitations runs out to charge Comey for lying during a September 30, 2020 testimony, Lindsey Halligan is reportedly gearing up to indict Comey.
Prosecutors reportedly gave newly sworn-in Halligan a memo defending James Comey and explaining why charges should not brought against the fired FBI Director.
Per MSNBC’s Ken Dilanian:
Two sources familiar with the matter tell me prosecutors in the EDVA US attorney‘s office presented newly sworn US attorney Lindsey Halligan with a memo explaining why charges should not be brought against James Comey, because there isn’t enough evidence to establish probable cause a crime was committed, let alone enough to convince a jury to convict him.
Justice Department guidelines say a case should not be brought unless prosecutors believe it’s more likely than not that they can win a conviction beyond a reasonable doubt.
Two sources familiar with the matter tell me prosecutors in the EDVA US attorney‘s office presented newly sworn US attorney Lindsey Halligan with a memo explaining why charges should not be brought against James Comey, because there isn’t enough evidence to establish probable…
— Ken Dilanian (@DilanianMSNBC) September 24, 2025
The post LEAKED MEMO: Deep State Prosecutors in the Eastern District of Virginia Claim There Isn’t Enough Evidence to Convict Comey Amid Reports of Imminent Indictment appeared first on The Gateway Pundit.
Politics
Nearly 8 in 10 Voters Say the United States is in Political Crisis After the Assassination of Charlie Kirk
Nearly eight in ten voters believe that the United States is in a political crisis in the wake of the assassination of conservative icon Charlie Kirk.
According to a Quinnipiac University national poll of registered voters released on Wednesday, a massive 93 percent of Democrats, 84 percent of independents, and 60 percent of Republicans said the nation is in a political crisis.
“The Kirk assassination lays bare raw, bipartisan concerns about where the country is headed,” Quinnipiac University Polling Analyst Tim Malloy said of the poll results.
Quinnipiac reports:
Seventy-one percent of voters think politically motivated violence in the United States today is a very serious problem, 22 percent think it is a somewhat serious problem, 3 percent think it is a not so serious problem, and 1 percent think it is not a problem at all.
This is a jump from Quinnipiac University’s June 26 poll when 54 percent thought politically motivated violence in the United States today was a very serious problem, 37 percent thought it was a somewhat serious problem, 6 percent thought it was a not so serious problem, and 2 percent thought it was not a problem at all.
Nearly 6 in 10 voters (58 percent) think it will not be possible to lower the temperature on political rhetoric and speech in the United States, while 34 percent think it will be possible.
Over half, 54 percent, of voters believe the US will see increased political violence over the next few years. Another 27 percent said they think it will stay “about the same,” while just 14 percent believe it will ease.
A 53 percent majority also said they are “pessimistic about freedom of speech being protected in the United States.”
Surprisingly, a 53 percent majority also believes the current system of democracy is not working.
“From a perceived assault on freedom of speech to the fragility of the democracy, a shudder of concern and pessimism rattles a broad swath of the electorate. Nearly 80 percent of registered voters feel they are witnessing a political crisis, seven in ten say political violence is a very serious problem, and a majority say this discord won’t go away anytime soon,” Malloy added.
The vast majority, 82 percent, said the way that people discuss politics is contributing to the violence.
“When asked if political discourse is contributing to violence, a rare meeting of the minds…Republicans, Democrats, and independents in equal numbers say yes, it is,” Malloy said.
The survey was conducted from September 18 to 21 among 1,276 registered voters with a margin of error of +/- 3.3 percentage points.
The post Nearly 8 in 10 Voters Say the United States is in Political Crisis After the Assassination of Charlie Kirk appeared first on The Gateway Pundit.
Hurdle hints and answers for September 25, 2025
Colleges are giving students ChatGPT. Is it safe?
Get lifetime access to the Imagiyo AI Image Generator for under $40
New Kid and Family Movies in 2025: Calendar of Release Dates (Updating)
Brooklyn Mirage Has Been Quietly Co-Managed by Hedge Fund Manager Axar Capital Amid Reopening Drama
The best sexting apps in 2025
-
Entertainment6 months agoNew Kid and Family Movies in 2025: Calendar of Release Dates (Updating)
-
Entertainment3 months agoBrooklyn Mirage Has Been Quietly Co-Managed by Hedge Fund Manager Axar Capital Amid Reopening Drama
-
Tech6 months ago
The best sexting apps in 2025
-
Entertainment5 months agoKid and Family TV Shows in 2025: New Series & Season Premiere Dates (Updating)
-
Tech7 months agoEvery potential TikTok buyer we know about
-
Tech7 months ago
iOS 18.4 developer beta released — heres what you can expect
-
Tech7 months agoAre You an RSSMasher?
-
Politics7 months agoDOGE-ing toward the best Department of Defense ever