/
Senate Confirms Retired Navy Vice Adm. Scott Pappano as NNSA Principal Deputy Administrator
Published on
Scott Pappano, principal deputy administrator of NNSA. Senate voted to confirm Pappano

Retired Vice Adm. Scott Pappano has been confirmed as principal deputy administrator for the National Nuclear Security Administration. According to Congress records, legislators voted 51-47 to appoint Pappano.

He also confirmed his new position in a LinkedIn post Thursday.

Who Is Scott Pappano?

President Donald Trump nominated Pappano to be principal deputy administrator for NNSA in February.

Pappano is a seasoned military leader who most recently served as principal military deputy assistant secretary of the Navy for research, development and acquisition. He also held leadership positions at the Special Operations Forces Mobility Program Office and the Strategic and Attack Submarine Program Office, his bio on the Navy’s website revealed.  

At sea, he served aboard USS City of Corpus Christi, USS Albuquerque, USS Michigan and USS Ohio. He also commanded the USS Buffalo while deployed to Guam.

Pappano retired from military service after three decades.

He holds a bachelor’s degree in marine engineering from the U.S. Naval Academy and a master’s degree in nuclear engineering from the Massachusetts Institute of Technology.

//
GSA, xAI Partner to Bring Grok AI Models to Federal Agencies
Published on
Artificial intelligence. GSA and xAI signed a OneGov agreement to bring Grok frontier AI models to federal agencies.

The General Services Administration and xAI have signed an agreement to make the latter’s Grok frontier artificial intelligence models available to federal agencies through March 2027.

GSA said Thursday the partnership with xAI is part of the agency’s OneGov initiative, which aims to simplify the procurement of AI tools to help accelerate federal AI adoption. The new deal is reportedly the lowest price yet for an AI offering through the partnership.

“Widespread access to advanced AI models is essential to building the efficient, accountable government that taxpayers deserve—and to fulfilling President Trump’s promise that America will win the global AI race,” said Josh Gruenbaum, commissioner of GSA’s Federal Acquisition Service. 

“We value xAI for partnering with GSA—and dedicating engineers—to accelerate the adoption of Grok to transform government operations,” added Gruenbaum, a 2025 Wash100 Award recipient.

OneGov Agreement Between GSA & xAI

The OneGov agreement will make xAI’s Grok 4 and Grok 4 Fast AI models available for $0.42 per agency for 18 months.

To drive AI adoption, xAI will provide introductory training programs, deploy a team of engineers to help implement AI tools, offer custom enablement and work with agencies to facilitate integration efforts.

“Thanks to President Trump and his administration, xAI’s frontier AI is now unlocked for every federal agency empowering the U.S. Government to innovate faster and accomplish its mission more effectively than ever before,” said Elon Musk, cofounder and CEO of xAI. 

“We look forward to continuing to work with President Trump and his team to rapidly deploy AI throughout the government for the benefit of the country,” added Musk, a 2025 Wash100 awardee.

//
Kristi Noem Backs Pete Hegseth’s Proposal for Coast Guard Civilian Secretary
Published on
DHS Secretary Kristi Noem. Kristi Noem has endorsed Pete Hegseth's proposal for a U.S. Coast Guard secretary.

Kristi Noem, secretary of the Department of Homeland Security, has publicly endorsed a letter delivered by Secretary of War Pete Hegseth proposing the establishment of a civilian service secretary for the U.S. Coast Guard.

Kristi Noem Backs Pete Hegseth's Proposal for Coast Guard Civilian Secretary

Join the Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12 to hear a keynote from Sec. Noem addressing the GovCon community.

Leadership Role Meant to Boost Maritime Security Operations

The DHS said Thursday that the Coast Guard operates as both a military branch and a federal law enforcement agency, yet lacks a dedicated civilian official to guide policy and strategic direction. Appointing a service secretary could enhance the Coast Guard’s capacity to execute its collaborative missions with other armed forces branches.

“The Coast Guard is the tip of the spear in the fight to protect our Homeland. Every day, they are taking down drug smugglers, going toe-to-toe with our adversaries in the Arctic and the Pacific, and saving lives,” said Noem, a 2025 Wash100 Award winner.

“Having a Secretary of the Coast Guard will be essential for President Trump’s mandate to rebuild the service into the finest maritime fighting force in the world,” Noem continued.

Hegseth, also a recipient of the 2025 Wash100 Award, emphasized in the letter that the proposed position will enhance the DHS’s “stewardship of the Coast Guard’s multi-mission character and its unique homeland security capabilities.”

“The Department of War believes that the establishment of a Secretary of the Coast Guard can complement and reinforce these strengths while ensuring that, in times of peace or war, the service is postured to support the full spectrum of national security operations,” said Hegseth.

/
NOAA NESDIS Publishes Study on AI-Driven Earth Observation Digital Twin Technology
Published on
NOAA logo. NOAA NESDIS has published a study on the AI-driven Earth Observation Digital Twin by Lockheed Martin and NVIDIA.

The National Oceanic and Atmospheric Administration’s National Environmental Satellite, Data and Information Service, or NESDIS, has released a concept study by Lockheed Martin and NVIDIA on the artificial intelligence-driven Earth Observation Digital Twin, or EODT, technology.

NOAA said Thursday the study, conducted by the two companies under a 2022 Joint Ventures Partnership broad agency announcement contract, highlights how EODT can unify data from oceans, land, atmosphere, cryosphere and space weather to support forecasting and impact assessments.

EODT is a digital replica that simulates real-world systems, environments or objects, constantly updated through satellite inputs, machine learning and other data. These virtual copies deliver actionable insights to federal agencies, researchers and industry.

Recommendations for Future EODT Architecture

The study provided NESDIS with recommendations aimed at building an advanced ground enterprise system. These recommendations emphasize standardization and interoperability to enhance collaboration across government and other EODT initiatives.

The suggestions are as follows:

  • Expand digital twin initiatives across NOAA, other federal agencies, academia and industry by aligning data standards.
  • Develop a flexible EODT architecture with data archives, a standardized data file formatter, algorithm processing services, and common and tiled processed file formats.
  • Enhance NOAA-wide data standards for efficient ingestion.
  • Explore the development of a separate digital twin for space weather.
  • Develop multiple digital twins at different scales focused on specific aspects of the Earth system.
  • Utilize Observing System Simulation Experiments to optimize the integration of processes.
/
CISA Emergency Directive Warns of Zero-Day Flaws in Cisco ASA, Firepower Devices
Published on
Madhu Gottumukkala, acting director at CISA. Gottumukkala warned against the cyber campaign targeting Cisco products

The Cybersecurity and Infrastructure Security Agency has published an emergency directive to warn against attackers targeting vulnerabilities affecting Cisco Adaptive Security Appliances, or ASA, web services.

In the memo issued Thursday, CISA said all federal civilian executive branch departments and agencies must take actions to prevent or respond to compromises.

For more updates from CISA and the entirety of the Homeland Security Department, make sure to send the best and brightest from your GovCon company to Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12. Register for this essential networking and technology conference now!

“As the lead for federal cybersecurity, CISA is directing federal agencies to take immediate action due to the alarming ease with which a threat actor can exploit these vulnerabilities, maintain persistence on the device, and gain access to a victim’s network,” according to Madhu Gottumukkala, the agency’s acting director. “The same risks apply to any organizations using these devices. We strongly urge all entities to adopt the actions outlined in this Emergency Directive.”

Details of the Cisco ASA Vulnerability

CISA confirmed a widespread campaign targeting Cisco ASA and Firepower devices through zero-day vulnerabilities that allow remote code execution and privilege escalation.

According to Cisco, the campaign is connected to the ArcaneDoor cyberattacks the company first detected and reported in early 2024. ArcaneDoor, the company warned, has demonstrated the capability to modify read-only memory, or ROM, to maintain system access despite multiple reboots and software upgrades.

What Agencies Must Do

CISA is directing government agencies and other organizations impacted to account for all in-scope devices, gather forensic data and assess for possible compromises. Agencies are also advised to disconnect end-of-support devices and upgrade software to their latest versions.

Cisco has already released patches to address the vulnerabilities.

CISA Emergency Directive Warns of Zero-Day Flaws in Cisco ASA, Firepower Devices
/
White House OSTP Seeks Public Input on AI Regulatory Barriers
Published on
Office of Science and Technology Policy logo. OSTP is seeking public input on federal rules that may hinder AI innovation.

The White House Office of Science and Technology Policy has issued a request for information asking stakeholders to identify federal statutes, regulations and agency policies that hinder the development, deployment and adoption of artificial intelligence technologies in the United States.

Responses are due by Oct. 27, 2025, and may be submitted electronically through the Federal eRulemaking Portal.

Removing Outdated Barriers to AI Adoption

According to OSTP, most federal regulatory regimes were created before modern AI technologies emerged and often rely on assumptions tied to human-operated systems. These frameworks can create barriers to AI adoption by imposing requirements that do not account for adaptive, continuously learning systems, it added.

Key areas of concern include:

  • Decision-making and explainability requirements that assume human actors are always traceable.
  • Liability and accountability rules structured around human decision points.
  • Human oversight mandates requiring prescriptive review or continuous supervision.
  • Data practices that do not reflect the dynamics of AI training and reuse.
  • Testing and certification regimes designed for static, human-delivered services.

Five Categories of AI Barriers

OSTP outlined five categories where existing federal rules may create barriers to artificial intelligence adoption: regulatory mismatches that occur when outdated, human-centered assumptions no longer align with AI capabilities; structural incompatibility arising when legal or procedural frameworks are fundamentally unsuitable for AI systems; lack of regulatory clarity that increases compliance costs and slows innovation; direct hindrance from regulations that explicitly restrict AI use; and organizational factors such as workforce readiness, institutional capacity and cultural barriers within agencies that can limit the pace of AI deployment.

Call for Public Input

The RFI seeks feedback from the private sector, academia, governments and other interested parties on AI-related policy challenges and potential solutions. OSTP noted that responses may reference specific statutes or regulations, propose administrative tools such as exemptions or pilot programs, and suggest forms of regulatory clarity, such as guidance or standards.

The request follows the release of America’s AI Action Plan on July 23, which directed OSTP to gather public input on regulatory obstacles and work with agencies to address them.

//
Deltek: Proposal AI Could Help Transform GovCon Proposal Process
Published on
Deltek logo. Deltek’s Nick Schiffler discussed how proposal AI could help GovCon proposal teams respond quickly to RFPs.

Nick Schiffler, marketing manager at Deltek, said proposal artificial intelligence is becoming a key capability for government contracting teams seeking to respond quickly to requests for proposals and improve competitiveness in the federal marketplace.

Streamlining Proposal Development With AI

In a guest post published on SAME’s website, Schiffler wrote that proposal AI tools could help GovCon proposal teams respond to requests for information, complete their capture plans, develop compliance matrices and transform complex solicitations into more manageable parts.

These tools are built to understand the structure, language, and compliance requirements of federal RFPs, helping teams respond faster and more accurately,” he added.

Leveraging AI Tools to Address GovCon Proposal Challenges

In this piece, the Deltek subject matter expert said proposal AI could enable contractors to strengthen responses to RFPs by eliminating generic language and ensuring the alignment of responses with evaluation criteria.

The technology could also help proposal teams identify compliance gaps. Despite being thorough, he noted that proposal teams could miss critical elements like formatting standards, page limits or mandatory certifications when manually reviewing documents.

According to Schiffler, offerings like Deltek’s GovWin IQ market intelligence platform integrate AI functionality to enable contractors to gain deeper insights and speed up responses to RFPs.

These tools act as AI solutions for government RFPs, offering features like proposal drafting automation and intelligent RFP management that help teams stay ahead of the curve,” he stated.

A recent Deltek blog stated that additional AI solutions are coming soon to Deltek’s suite of proposal capabilities including compliance matrices – which will automatically extract and organize key solicitation requirements – and a full AI-powered proposal platform.

/
Michael Cadenazzi Named Assistant Secretary of Defense for Industrial Base Policy
Published on
Mike Cadenazzi. The finance exec was appointed assistant secretary of defense for industrial base policy.

Michael Cadenazzi announced on LinkedIn Tuesday that he has been confirmed as assistant secretary of defense for industrial base policy.

Who Is Michael Cadenazzi?

Cadenazzi is a seasoned aerospace and defense executive with a proven track record in driving growth, innovation and risk management. He most recently served as the managing director at EY for nearly four years. He was also senior vice president of product development and director of solutions at Govini.

The executive dedicated five years to McKinsey & Company, holding key roles such as associate partner, senior knowledge expert and solutions general manager of VisualDoD—the innovative startup he founded in 2012. As CEO of VisualDoD, he led the company through its growth and eventual acquisition by McKinsey in 2015.

Prior to that, Cadenazzi was the CEO and a partner at Diligent Innovations and a strategy consultant at Toffler Associates. He previously held the position of global head of protective intelligence at Deutsche Bank, where he identified and communicated alerts regarding safety and security risks to the bank’s personnel, operations, data and facilities.

Cadenazzi also worked as a senior engineer at Space and Defense Systems Inc., overseeing business development strategies in advanced communications, signals intelligence, information operations and vulnerability analysis.

He began his service in the U.S. Navy in 2000, where he held multiple roles, including cryptologic and information operations officer, and flag lieutenant.

//
Pentagon Implements Cybersecurity Risk Management Construct
Published on
Katie Arrington. The acting DOD CIO, commented on the Pentagon's new Cybersecurity Risk Management Construct.

The Department of Defense has started implementing a five-phase construct that seeks to provide real-time cyber defense at operational speed and ensure that U.S. warfighters maintain technological superiority against evolving cyberthreats.

5 Phases of DOD’s Cybersecurity Risk Management Construct

DOD said Wednesday the Cybersecurity Risk Management Construct, or CSRMC, consists of five phases aligned to system development and operations: design, build, test, onboard and operations.

The design phase, for instance, aims to ensure resilience of system architecture by embedding security at the outset.

“This construct represents a cultural fundamental shift in how the Department approaches cybersecurity,” said Katie Arrington, a Wash100 awardee who currently performs the duties of the DOD chief information officer.

CSRMC’s 10 Strategic Tenets

According to the department, 10 strategic tenets underpin the construct: automation; critical controls; continuous monitoring and ATO; DevSecOps; cyber survivability; training; enterprise services and inheritance; operationalization; reciprocity; and cybersecurity assessments.

“With automation, continuous monitoring, and resilience at its core, the CSRMC empowers the DoW to defend against today’s adversaries while preparing for tomorrow’s challenges,” said Arrington.

///
Government Cloud Security Program Announces FedRAMP 20x Phase 2 Pilot
Published on
FedRAMP logo. The government cloud security program announced Phase 2 for the FedRAMP 2 pilot initiative.

The Federal Risk and Authorization Management Program has announced the second phase of FedRAMP 20x, a cloud-native authorization framework that aims to advance the use of automation to accelerate secure cloud adoption across federal agencies.

The program said it is targeting about 10 Moderate pilot authorizations as part of the FedRAMP 20x pilot’s Phase 2, which is not open to the public.

According to FedRAMP, the Phase 2 pilot will continue to be iterative and explore an automation-based approach to assessment and validation of security decisions by cloud service providers seeking FedRAMP authorization.

The submission window for this phase is expected to run from Oct. 16 to Dec. 16. FedRAMP said it plans to finalize all Phase 2 requirements from mid-October through Oct. 23.

Eligibility Criteria for FedRAMP 20x Phase 2 Submissions

According to FedRAMP, Phase Two submissions will be accepted only from CSPs that meet one of the following conditions: 

  • Providers who submitted a complete package for Phase One that was not rejected or withdrawn
  • Cloud services that satisfy all FedRAMP AI Prioritization criteria
  • Cloud services with GRC automation capabilities that can consume FedRAMP 20x machine-readable information from authorized services to enable review of initial and ongoing authorization data
  • Cloud services that provide FedRAMP-compatible trust centers

The public can still participate in refining FedRAMP 20x through the program’s Community Working Groups.

FedRAMP 20x Phase 2 Authorization Requirements for CSPs

To submit a qualifying package for FedRAMP 20x Phase Two review, CSPs and assessors must address every recommendation and requirement in the framework. 

Submission packages must demonstrate compliance by showing how the recommendation or requirement is implemented; sharing a plan to implement requirements or recommendations within the next six months; and explaining valid reasons for not implementing recommendations.

1 102 103 104 105 106 2,720