//
CW4 Ben Koontz on Army’s Zero Trust Implementation Pilot
Published on
CW4 Ben Koontz on Army’s Zero Trust Implementation Pilot

Chief Warrant Officer Four Ben Koontz, director of the U.S. Army’s functional management office for zero trust, said the military branch has started piloting 58 zero trust capabilities to address the top cyber challenges at the tactical edge, Federal News Network reported Friday.

“The 101st Airborne Division out of Fort Campbell already started piloting the zero trust implementation on tactical and they did very well in an assessment and a threat assessment. They’ve proved the effectiveness of it. They proved that they could take a complex topic as zero trust, architecture, design and implement it at a tactical edge and operationalize it,” Koontz told FNN during a conference in Savannah, Georgia.

He said his office worked with the Cyber Center of Excellence on the strategy detailing the 58 capabilities. 

“We’ve modularized what you can do based on what capabilities you’ve fielded. So some people may only be able to do 30 or 40, and then others will be able to do the full 58,” Koontz said.

He also talked about the reason behind the selection of the 101st Airborne Division for the pilot.

Involvement of Army Leaders

According to Koontz, one of the lessons the Army learned from the pilot is ensuring the involvement of commanders and other military leaders at the start of the planning phase.

He also highlighted the need for leaders to gain visibility into their network by understanding how much traffic goes through it as part of their organization’s tech baseline.

Definitive Guidance

Koontz said the Army intends to release definitive guidance in the next five to six months to accelerate the implementation of zero trust across tactical formations in 2025.

According to the Army official, the document will include a tactical edge zero trust strategy, implementation plan and a concept of operations and will be released along with a cyber zero trust playbook.

/
Margaret Boatner Appointed AIA VP of National Security Policy
Published on
Margaret Boatner Appointed AIA VP of National Security Policy

Margaret Boatner, former deputy assistant secretary of the Army for strategy and acquisition reform, has been selected as vice president of national security policy at Aerospace Industries Association.

The company said Thursday Boatner will spearhead its national security division, joining a team of AIA executives, particularly senior directors and coordinators.

Eric Fanning on Margaret Boatner

“The Aerospace Industries Association is proud to bring innovative leaders like Margaret Boatner to represent industry’s perspective as President Trump, the Department of Defense and Congress focus on streamlining the acquisition process,” said Eric Fanning, president and CEO of AIA and 2018 Wash100 Award winner. “Margaret’s expertise in acquisition policy, procurement and intellectual property will be a valuable asset to our members and the entire aerospace and defense industry, supporting our mission of enabling and accelerating the delivery of world-class equipment to our warfighters.” 

Who Is Margaret Boatner?

In her most recent Army role, Boatner served as the service branch’s lead executive for the design and implementation of acquisition strategies for research and development and production of defense capabilities. The acquisition expert implemented initiatives across the Army enhancing policies on intellectual property, software development and acquisition and industrial base resilience. She also championed the streamlining of the acquisition process.

Boatner also served as principal director of the Office of the DASA SAR and senior adviser to the assistant secretary of the Air Force for manpower and reserve affairs, where she provided policy analysis on human resources matters.

In her earlier years with the Army, Boatner served as director of initiatives under the deputy acquisition executive. She was also the special assistant to the deputy assistant secretary of the Army for procurement.

//
Hegseth Wants to Accelerate DOD Software Acquisition
Published on
Hegseth Wants to Accelerate DOD Software Acquisition

Pete Hegseth, secretary of the Department of Defense and a 2025 Wash100 awardee, has released a memorandum directing DOD to adopt the Software Acquisition Pathway, or SWP, to speed up the development, procurement and delivery of software and other weapons systems to warfighters.

“While commercial industry has rapidly adjusted to a software-defined product reality, DoD has struggled to reframe our acquisition process from a hardware-centric to a software-centric approach,” Hegseth said in the March 6 memo. “When it comes to software acquisition, we are overdue in pivoting to a performance-based outcome and, as such, it is the Warfighter who pays the price.”

Reports on the DOD memo first emerged in late February.

Use of CSO, Other Transactions

In line with the SWP adoption, the memo titled Directing Modern Software Acquisition to Maximize Lethality calls for the department to align its contracting strategies and maximize its use of contracting authorities.

The DOD secretary directs the department to advance the use of Commercial Solutions Openings, or CSO, and Other Transaction, or OT, authorities as the “default solicitation and award approaches for acquiring capabilities” under the pathway.

The memo also calls on the under secretary of defense for acquisition and sustainment to coordinate with the head of the Defense Innovation Unit to develop and submit an implementation plan within 30 days.

DIU’s Use of CSO, OTs

During a Friday media briefing on the memo, a defense official said DIU has awarded over 500 OT agreements using the CSO process since 2016.

The official noted that 88 percent of those contracts went to nontraditional defense contractors and 68 percent were awarded to small businesses.

With the new memo, the Pentagon official stated that the department expects an “uptick” in the demand for DIU projects.

“The second way, which I think is actually the more important way in which this will impact DIU is that we think the real path to scale is to train and educate other acquisition professionals so that they can also use the CSO OT model rather than just relying on DIU to do it for them,” the official added.

Directive’s Impact on DOD Programs

When asked by a reporter about how the memo will affect software-intensive programs like the Technology Refresh 3, or TR3, software and hardware upgrades to the F-35 fighter jet program, another DOD official said the document applies to any program that is “heading into the planning phase” of SWP or that has achieved a “natural transition point to adopt a new acquisition pathway.”

/
SDA Issues RFI for PWSA Battle Management C3 Interface
Published on
SDA Issues RFI for PWSA Battle Management C3 Interface

The Space Development Agency has started seeking industry input on its interface documentation for its in-space Battle Management, Command, Control and Communications Multi-Mission Module, or BMC3 M3.

Developing a BMC3 M3 Interface

The agency said the request for information, posted on SAM.gov Friday, aims to inform future BMC3 M3 solicitations and determine potential vendors capable of developing and refining the documentation governing the interface between a future M3 and its host SDA spacecraft. The RFI is also intended to seek modifications and recommendations to the documentation.

Supporting Modular Open System Approach

By adhering to the interface documentation, the M3s and their spacecraft interface are expected to enable SDA to utilize a modular open system approach, or MOSA, to develop future space edge processing hardware.

SDA’s Battle Management Layer is meant to ensure the Proliferated Warfighter Space Architecture remains agile. It is designed to enable the PWSA to adapt to changing mission requirements and evolving threats through on-orbit enhancements to hardware, firmware and software.

Interested contractors have until April 11 to submit their responses.

//
Dawn Zimmer Takes Helm as Acting DOE CIO After Riedel Resignation
Published on
Dawn Zimmer Takes Helm as Acting DOE CIO After Riedel Resignation

Ryan Riedel, a former network engineer at SpaceX, has stepped down as chief information officer of the Department of Energy.

Dawn Zimmer, former principal deputy CIO, will serve as acting CIO, Nextgov/FCW reported Friday.

Riedel was named DOE CIO in early February and charged with overseeing a workforce of 15,000 professionals tasked with the agency’s technology policy and cybersecurity. He also supervised national labs, power marketing administrations and the National Nuclear Security Administration.

Ryan Riedel’s Career

Prior to his DOE appointment, Riedel worked at Elon Musk-led Space Exploration Technologies, or SpaceX. He was the lead network security engineer at the Brownsville, Texas-based company from 2022. Before that, he served as a network security engineer.

The IT professional was also part of the U.S. Army Cyber Command as a network manager from 2019 to 2020. He also served for over seven years at Corpus Christi Army Depot, where he held vital positions such as network engineer, IT project manager and IT service desk lead.

Riedel also spent time with the Navy as a network administrator and communications security custodian. He served in various leadership roles during his seven-year career in the Navy.

Riedel has yet to announce a reason for his departure from the DOE. 

Dawn Zimmer’s Career at a Glance

Zimmer is a 25-year veteran of the industry with extensive knowledge of IT, service delivery, business partnerships, relationship management and strategic planning and execution. She was previously appointed acting CIO after the resignation of Ann Durkin. Zimmer joined DOE in November 2024 as principal deputy CIO.

The executive currently serves as executive director of information technology experience and engagement at Virginia Tech. She also previously served at the Federal Aviation Administration and the Department of Justice.

/
DHS Launches Remote Identity Validation Rally
Published on
DHS Launches Remote Identity Validation Rally

The Department of Homeland Security Science and Technology Directorate has launched the Remote Identity Validation Rally, or RIVR, for 2025 to enable industry partners to advance and demonstrate remote identity technologies.

Advancing Secure Remote Identity Technologies

DHS S&T said Thursday the series of technology challenges was launched in collaboration with the Transportation Security Administration, Homeland Security Investigations Forensic Laboratory and the National Institute of Standards and Technology. The new evaluation series aims to accelerate the development of secure, accurate and user-friendly remote identity technologies. These innovations will be utilized for critical activities such as applying for government services, opening bank accounts and verifying social media accounts.

The evaluation will focus on the systems’ ability to verify identity documents, detect the “liveness” of selfie photos and assess identity verification using images taken with mobile devices.

The 2024 Remote Identity Validation Technology Demonstration revealed that some remote identity validation technologies work well but the performance of commercial products vary. The results of the RIVTD were used as the basis for benchmarks set for RIVR.

Arun Vemury, senior advisor for biometric and identity technologies at DHS S&T, said, “Through the RIVR, we will partner with industry to foster innovation, incentivize competition and accelerate progress in making these technologies more secure and reliable against evolving threats.” 

TSA Identity Management Capability Manager Jason Lim, added, “TSA is very pleased to once again partner with S&T on the continuation and expansion of this effort to ensure that remotely enrolled digital identities meet our threshold of trust, security and privacy as the use of digital IDs, including mobile driver’s license, continues to expand.”

/
Reusable USSF Space Plane Caps 7th Mission to Demo Flexibility
Published on
Reusable USSF Space Plane Caps 7th Mission to Demo Flexibility

The U.S. Space Force has announced the conclusion of the seventh test to further demonstrate the capabilities of its unmanned space plane, X-37B. Gen. Chance Saltzman, USSF space operations chief, said the X-37B Orbital Test Vehicle-7, or ORV-7, mission “broke new ground” in the flexibility it showed accomplishing experimentation goals across various orbits. 

“The successful execution of the (ORV-7) aerobraking maneuver underscores the U.S. Space Force’s commitment to pushing the bounds of novel space operations in a safe and responsible manner,” noted Saltzman, a three-time Wash100 awardee,  .

424-Day Space Orbit

The Space Force deorbited ORV-7 after a space flight of more than 434 days and landed the space plane at Vandenberg Space Force Base, California, on Friday. A SpaceX Falcon Heavy Rocket had launched the mission to its first highly elliptical orbit for the USSF to demonstrate its capability for rapid launch and recovery across multiple sites.   

During its orbit, the space plane also conducted tests and experiments on space domain awareness technologies vital to USSF operations in a space environment growing increasingly congested and contested, the Space Force said. 

New Aerobraking Maneuver

After its tests and experiments, USSF aerobraked ORV-7 to low Earth orbit to execute landing procedures. According to USSF, the space plane performed a novel aerobraking maneuver that was built upon learnings from previous space missions and harnessed atmospheric drag to shift orbits through multiple passes and minimize fuel use.      

The spaceplane’s previous mission, OTV-6, was deorbited and landed at Kennedy Space Center, Florida, in November 2022 after a 908-day orbit performing various experiments. The mission included research for the Naval Research Laboratory’s solar energy project and NASA’s evaluation on how space exposure affects various materials, such as seeds.

Built by Boeing, the X-37B spacecraft recorded almost 719 days in its fifth mission that wrapped up in August 2019 to support U.S. Air Force efforts on reusable space vehicle technologies. Solar-powered, the space plane is 29 feet long with a wingspan of about 15 feet and 11,000 pounds launch weight.

/
Troy Edgar, Mainstay of Public & Private Sectors, Confirmed as DHS Dep Sec
Published on
Troy Edgar, Mainstay of Public & Private Sectors, Confirmed as DHS Dep Sec

After a close Senate vote, former IBM executive Troy Edgar has been confirmed as deputy secretary of the Department of Homeland Security.

DHS said Thursday the final vote tallied at 53-43 and Edgar expressed his gratitude for Congress and the new administration’s support.

“Congratulations to Deputy Secretary Edgar on his bipartisan confirmation today. He will be a key player in making America safe again,” said DHS Secretary and 2025 Wash100 Award winner Kristi Noem. “I look forward to working alongside Troy to ensure that the United States, once again, is a beacon of freedom, safety, and security for generations to come.”

A Second DHS Tour

The appointment marks Edgar’s return to the department after serving as chief financial officer and associate deputy under secretary of management for a year at DHS during President Trump’s first administration.

“It is an honor to return to the Department. I look forward to working alongside Secretary Noem and the dedicated men and women of DHS in our critical mission to keep Americans safe,” Edgar shared.

Career History

Edgar has led a long and varied career that has touched commercial industry, government, consulting and the military. He was a submariner in the U.S. Navy at the beginning of his working life, before transitioning to organizations like Boeing and McDonnell Douglas and PricewaterhouseCoopers.

His time in public life includes 12 years as mayor and city council member of Los Alamitos, California

Most recently, Edgar was a partner in IBM’s federal business, working to modernize and strengthen finance and supply chain efforts for clients in the Department of Defense, the Department of Veterans Affairs and beyond.

Executive Spotlight Interview

During his time at IBM, Edgar sat down with our sister publication, ExecutiveBiz, for an in-depth interview. He spoke about the importance of federal partnerships with the private sector, digital transformation and much more.

An excerpt:

“The role of partnership has become increasingly important in the federal market, it’s really one of the most powerful forces in tech today across the commercial and government sectors. I’ve been a leader in corporate and government finance, supply chain and consulting for almost 30 years. As a federal client at DHS, I believed that expanding strategic industry partnerships would be the key to future success. In the last two years, especially in the federal market, I’ve been really excited to see this kind of pro-partnership push where all the companies that are in this space—whether it’s small businesses at the lowest level or large corporations like IBM—realize that we should work together to try to bring the best that we can bring to the federal government.”

Read the full conversation here!

/
Mastering IT Audit Readiness: A Proactive Playbook for Federal Agencies
Published on
Mastering IT Audit Readiness: A Proactive Playbook for Federal Agencies

By Cecil Dildine, senior program director at Electrosoft

Few things get the attention of federal agency leaders faster than news of an upcoming IT audit. All federal defense and civilian agencies must undergo routine IT audits to ensure compliance with stringent regulations, including FISCAM, FISMA, FIAR, NIST and SSAE standards. However, many struggle to achieve a state of readiness, often resorting to reactive remediation rather than proactive planning.

Instead of scrambling when an audit occurs, agencies with mature IT audit readiness policies and practices can anticipate audit requirements, reduce their risks and support seamless compliance.

To engage with prominent government officials about IT partnership goals, be sure to sign up for the Potomac Officers Club’s 2025 Digital Transformation Summit, happening April 24 in Tysons Corner, Virginia.

The Evolution of IT Audits

Since the 1970s, IT audits have evolved from basic system reviews to sophisticated assessments. Today’s audits focus on three primary objectives:

  • Compliance: Ensuring IT systems and infrastructure comply with legal and regulatory requirements.
  • Security: Verifying data security and employee adherence to security protocols.
  • Performance: Identifying vulnerabilities and recommending risk mitigation measures.

Federal IT audits are typically performed by independent public accounting firms, or IPAs, which assess compliance against established criteria. Audit frequency is determined by law (e.g., financial statement audits are annual events) and regulations. 

Common Challenges

There are three key challenges many agencies face when preparing for the audits:

  • Readiness – Struggling to compile the necessary documentation and maintain compliance with shifting regulations.
  • Remediation – Addressing deficiencies post-audit, which can be time-consuming and resource-intensive — ultimately delaying corrective action.
  • Reaching a proactive posture – Lacking the internal mechanisms to continuously self-identify and address IT risks before an audit occurs.

Shifting to a proactive approach will allow your agency to embed audit readiness into daily operations, reducing the burden of compliance and enhancing overall security.

Three Steps to Proactive Readiness

A structured approach to IT audit readiness minimizes last-minute efforts and improves an agency’s ability to achieve clean audit opinions. 

Three key strategies include:

1. Integrate IT audits into normal operations

Given the annual nature of financial statement audits and the ongoing monitoring required for IT controls, agencies must encourage a culture where compliance is a continuous risk management effort. Communicate the importance of audit readiness, ensuring your team understands the necessity of ongoing compliance rather than viewing audits as disruptive events.

2. Establish a centralized audit readiness project management office

A dedicated PMO can be an essential asset to help achieve and maintain IT audit readiness by:

  • Developing standardized policies, procedures and templates.
  • Providing training to your staff on IT compliance requirements.
  • Serving as a centralized source of truth for audit progress, reporting and documentation.

By implementing a structured PMO, your agency can streamline audit readiness efforts, track compliance status and enable informed decisions based on real-time data.

3. Assign accountability for IT controls

Successful audit readiness requires clear accountability for internal controls. Assign action officers to oversee your control areas to ensure:

  • Defined roles and responsibilities for compliance activities.
  • Consistent execution of IT policies and procedures.
  • Proper documentation and evidence collection to support audits.

With dedicated personnel responsible for IT controls, your agency can maintain compliance as part of the day-to-day rhythm of your operations. 

Preparing Documentation for IT Audits

Comprehensive documentation is the backbone of IT audit readiness. Federal auditors adhere to the “trust and verify” principle, requiring tangible proof of compliance. 

To support the audit, compile:

  • System inventory – A list of all your certified and accredited IT systems and data assets.
  • Regulatory compliance documents – Applicable laws, regulations, risk assessments, manuals and agreements.
  • Internal policies and procedures – Agency-specific controls implementing federal requirements.
  • IT control documentation – Detailed records of your controls, their execution, review cycles and compliance evidence.

Establishing and maintaining these records in a centralized repository allows agencies to quickly provide auditors with necessary materials, reducing the risk of findings due to missing documentation.

Addressing Audit Findings With a Corrective Action Plan

When deficiencies are identified, agencies receive a notice of findings and recommendations, or NFR. The NFR outlines issues related to access controls, security management, system configurations and more. Agencies must then develop a corrective action plan, or CAP, to address these deficiencies.

A CAP should include:

  • A root cause analysis identifying the underlying factors contributing to noncompliance.
  • Specific actions to correct deficiencies and prevent recurrence.
  • A timeline for remediation and assigned accountability.

If agencies don’t have the in-house expertise to ensure that corrective actions align with best practices and regulatory expectations, they may consider working with an expert contractor who does.

Transitioning From Reactive to Proactive Compliance

The ultimate goal of IT audit readiness is achieving consistent clean audit opinions. This is best achieved by shifting to a proactive posture that prevents issues before they arise.

A proactive IT audit strategy includes:

  • Standardized audit life cycle procedures – Documented processes for compliance activities, stakeholder engagement and issue resolution.
  • Training and monitoring programs – Ongoing education that keeps your staff informed about regulatory changes and compliance best practices.
  • Centralized performance tracking – A unified system for tracking IT control effectiveness, identifying risks and reporting audit readiness status.

By embedding these elements into your operations, you can improve audit outcomes, strengthen IT security, and reduce the burden of last-minute compliance efforts.

With the right strategies and expertise, your agency can turn IT audits from dreaded events into part of your daily operations, enhancing agency effectiveness and resilience.

Mastering IT Audit Readiness: A Proactive Playbook for Federal Agencies
/
Executive Order Establishes Strategic Bitcoin Reserve
Published on
Executive Order Establishes Strategic Bitcoin Reserve

President Donald Trump has signed an executive order to establish a U.S. Digital Asset Stockpile and a strategic reserve that will treat bitcoin as a reserve asset.

The EO came days after Trump ordered the Presidential Working Group to establish a U.S. Cryptocurrency Reserve.

The White House said Thursday the reserve will be funded with the Department of the Treasury-owned bitcoin that was forfeited as part of criminal or civil asset forfeiture cases.

The EO authorizes the secretaries of Commerce and Treasury to develop budget-neutral strategies for acquiring additional bitcoin without imposing incremental costs on taxpayers.

Digital Asset Stockpile

According to the order, the U.S. Digital Asset Stockpile consists of Treasury-owned digital assets forfeited in criminal or civil asset forfeiture proceedings. The secretary of the Treasury may devise strategies for responsible stewardship of such assets, including potential sales from the stockpile.

The EO seeks to ensure a strategic approach to overseeing U.S. digital assets and directs agencies to provide accounting of their digital asset holdings to the President’s Working Group on Digital Asset Markets and the secretary of the Treasury.

Policy for Managing Cryptocurrencies

The new policy intends to address the disjointed management of cryptocurrencies seized through forfeiture by federal agencies by taking steps to centralize control, ownership and management of such assets within the government.

The administration also aims to harness the power of digital assets for national prosperity.

1 100 101 102 103 104 2,618