You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Coordinator Comment and Justification: Existing DoD culture has created a “common sense” that any public disclosure is a risk to operational security. As a result, this strategy needs to explicitly define or reference the controls that a supervisor needs to apply in order to preserve operational security.
Coordinator Recommended Change: “Supervisors should encourage Government employees to contribute to OSS projects as part of their official duties, provided that those employees use an identity that is distrinct from their DoD ID. This allows employees to retain credit for their contributions in a future career outside the DoD, and it creates a degree of anonymity for the contribution that hinders a vigilant threat actor from linking the OSS vulnerability to any specific DoD system.”
Originator Response: Partially accept. See reasoning.
Originator Reasoning: Will add content on this topic to the DoD OSS FAQ.
The text was updated successfully, but these errors were encountered:
Coordinator Comment and Justification: Existing DoD culture has created a “common sense” that any public disclosure is a risk to operational security. As a result, this strategy needs to explicitly define or reference the controls that a supervisor needs to apply in order to preserve operational security.
Coordinator Recommended Change: “Supervisors should encourage Government employees to contribute to OSS projects as part of their official duties, provided that those employees use an identity that is distrinct from their DoD ID. This allows employees to retain credit for their contributions in a future career outside the DoD, and it creates a degree of anonymity for the contribution that hinders a vigilant threat actor from linking the OSS vulnerability to any specific DoD system.”
Originator Response: Partially accept. See reasoning.
Originator Reasoning: Will add content on this topic to the DoD OSS FAQ.
The text was updated successfully, but these errors were encountered: