It sounds like it could easily have come from President Biden’s May 2021 Executive Order on Improving the Nation’s Cybersecurity. Or perhaps his much more recent National Cybersecurity Strategy released just two months ago. Both documents call for acquisition reform—using the federal government’s purchasing power to force improvements in the security of software products, especially those used in critical infrastructure.
But no. Those declarations were from nearly a decade ago during the Obama presidency—they are the opening lines of a November 2013 report by the Department of Defense and the General Services Administration titled Improving Cybersecurity and Resilience through Acquisition.
