/
OMB Creates Maturity Framework for Event Log Management
Published on
OMB Creates Maturity Framework for Event Log Management

The Office of Management and Budget (OMB) has released a memorandum that establishes a maturity model for event log management as part of efforts to improve the federal government’s capabilities to remediate and investigate cyber incidents in accordance with the cybersecurity executive order issued in May.

The maturity level is composed of four Event Logging tiers meant to help agencies prioritize resources and efforts in order to “achieve full compliance with requirements for implementation, log categories, and centralized access,” OMB said in the Friday memo.

Agencies should evaluate their maturity against the model and identify implementation gaps within 60 days, achieve Event Logging tier 1 maturity within a year, reach EL2 maturity within 18 months and EL3 maturity within two years of the memo’s release date.

The memo also requires agencies to share relevant logs to the FBI, Cybersecurity and Infrastructure Security Agency and other federal agencies to address cyberthreats.

The document outlines the specialized responsibilities of the CISA and Department of Commerce as part of efforts to enhance the use and management of logging practices.

CISA, for instance, will oversee the deployment of teams to advise agencies when it comes to assessing logging capabilities and development of tools to facilitate review of logging maturity across the organization.

Supply Chain Cybersecurity: Revelations and Innovations

ExecutiveBiz, sister site of GovConDaily and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.

/
DOJ Unveils Cyber Fellowship Program; Lisa Monaco Quoted
Published on
DOJ Unveils Cyber Fellowship Program; Lisa Monaco Quoted

Deputy Attorney General Lisa Monaco has announced a new fellowship program at the Department of Justice meant to train and build a pool of attorneys and prosecutors that could handle cybersecurity cases. The establishment of the program is one of the recommendations from a cyber review that Monaco ordered in May.

Under the three-year Cyber Fellowship program, the selected attorneys will have a chance to conduct investigations and prosecute ransomware attacks, state-sponsored cyberthreats, transnational criminal groups and use of cryptocurrency to fund cybercrimes, DOJ said Friday.

“We need to develop the next generation of prosecutors with the training and experience necessary to combat the next generation of cyber threats. This Fellowship gives attorneys a unique opportunity to gain the well-rounded experience they need to tackle the full range of those threats,” Monaco said.

The program will be based in Washington, D.C., and all incoming fellows must have a Top Secret security clearance. DOJ will accept applications for the Cyber Fellowship program’s first track via the Honors Program application portal through Sept. 8.

Supply Chain Cybersecurity: Revelations and Innovations

ExecutiveBiz, sister site of GovConDaily, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.

//
NNSA, NorthStar Sign Cooperative Agreements for Non-Uranium Isotope Production; Jill Hruby Quoted
Published on
NNSA, NorthStar Sign Cooperative Agreements for Non-Uranium Isotope Production; Jill Hruby Quoted

The National Nuclear Security Administration has awarded NorthStar Medical Technologies a pair of cooperative agreements worth $37 million combined to help the company build reactor and electron beam accelerator systems for molybdenum-99 production.

NorthStar agreed to provide matching funds that will support technologies needed for the domestic supply of Mo-99, which hospitals nationwide use to perform diagnostic imaging procedures, the Department of Energy said Friday.

The Wisconsin-based radiopharmaceutical company will use $16.3 million in federal funds for its neutron capture technology project and the remaining $20.7 million for its accelerator development efforts.

“By combining NNSA’s expertise in nuclear nonproliferation with innovative U.S. manufacturing, Americans will benefit from the health applications of radioisotopes while keeping nuclear risks low and setting a global example,” said Jill Hruby, administrator of NNSA and undersecretary for nuclear security at DOE.

NNSA partners with U.S. companies through the agency’s Mo-99 Program to promote the production of the critical isotope for medical applications without the use of highly enriched uranium, a key ingredient in manufacturing nuclear weapons.

/
Adm. Charles Richard: U.S. Needs to Refine Operating Concepts Amid Chinese, Russian Threats
Published on
Adm. Charles Richard: U.S. Needs to Refine Operating Concepts Amid Chinese, Russian Threats

Adm. Charles Richard, who leads U.S. Strategic Command, said the military needs to reexamine its operating concepts as China and Russia continue to jointly pose strategic threats, DOD News reported Friday.

He said at the Hudson Institute that the Department of Defense's operational plans may fall apart if strategic deterrence is not met.

"Both Russia and China have the ability to unilaterally at their own choosing, go to any level of violence, to go to any domain to go worldwide, with all instruments of national power," Richard said.

USSTRATCOM is now revising its deterrence theory and needs the support of broader efforts led by the U.S. combatant commands.

/
DOD Presents Strategy to Address Industrial Workforce Challenges
Published on
DOD Presents Strategy to Address Industrial Workforce Challenges

Jesse Salazar, the deputy assistant secretary of defense for industrial policy, presented a strategy that tackles how the Pentagon plans to address industrial workforce challenges.

Salazar spoke about the "Department of Defense's Perspectives on Industrial Workforce Challenges” on Wednesday at the Accelerated Training in Defense Manufacturing Summit, which took place in Danville, Virginia, DOD said Friday.

DOD's Office of Industrial Policy has awarded $4.3 million to the Institute for Advanced Learning and Research to develop, implement and assess methods through which ATDM can more quickly build a manufacturing workforce that meets maritime production requirements.

The award supports and expands ongoing efforts under the office's Industrial Base Analysis and Sustainment program.

//
StandardAero Wins Cloud Based Predictive Engine Maintenance Contract; Marc Drobny Quoted
Published on
StandardAero Wins Cloud Based Predictive Engine Maintenance Contract; Marc Drobny Quoted

The U.S. Air Force has awarded StandardAero a contract to apply predictive maintenance, readiness and reliability tools to the TF33 engine program for the service branch. 

“We are excited to adapt our tools to this critical military platform,” stated Marc Drobny, president of StandardAero’s Military & Energy division. “The Air Force has been on the leading edge of predictive maintenance philosophy and implementation and StandardAero is proud to play a leading role in their development team.”

Under the contract, StandardAero will provide the USAF the capabilities to optimize the readiness, reliability and costs associated with the maintenance performed on these engines, driven by advanced machine learning integration and utilizing government cloud hosting.  

Most importantly, the contract will provide a significant boost in asset availability and the long-term development in supply chain predictive analytics. StandardAero is leading a team network that includes IBM, Isobar Public Sector and Reliability Concepts International. 

“The Air Force has been on the leading edge of predictive maintenance philosophy and implementation and StandardAero is proud to play a leading role in their development team,” Drobny added. 

About StandardAero 

StandardAero is one of the world's largest independent providers of services including engine and airframe maintenance, repair and overhaul, engine component repair, engineering services, interior completions and paint applications. StandardAero serves a diverse array of customers in business and general aviation, airline, military, helicopter, components and energy markets.

//
Sev1Tech Achieves AWS Advanced Consulting Partner Status; Matt Jordan Quoted
Published on
Sev1Tech Achieves AWS Advanced Consulting Partner Status; Matt Jordan Quoted

Sev1Tech announced on Wednesday that the company has achieved Amazon Web Services (AWS) Advanced Consulting Partner status in the AWS Partner Network (APN). Sev1Tech leverages the capabilities of AWS to deliver complete cloud services and a cloud management portfolio that provides agencies and enterprise customers with fast, flexible access to the cloud.

“Sev1Tech has been accelerating AWS adoption for our public and private sector customers, and I am proud of the work we do together throughout the federal government and private sector,” said Matt Jordan, vice president of Cloud Center of Excellence for Sev1Tech. 

The company supports AWS customers through delivery of managed services, cloud networking, microservices architectures, migration readiness assessments, cloud security reviews and remediation, cost optimization and SecDevOps.

Sev1Tech, which is ISO 27017 certified for Cloud Security, offers FISMA High compliant cloud environments and codified cloud platforms that can reduce Authority to Operate timelines by 50% for public sector clients.

“Our capabilities run the gamut from complex hybrid architectures to microservices for digital commerce and managed services for government and private sector clients. With a clear focus on today’s most innovative cloud solutions, achieving the AWS Advanced Consulting Partner status represents the next step in our relationship with AWS while serving the mission critical needs of our clients.”

About Sev1Tech 

Sev1Tech provides IT modernization, cloud, cybersecurity, engineering, training and program support services to U.S. government agencies and major commercial organizations. Headquartered in the Washington D.C. metro area, Sev1Tech is a trusted contractor supporting critical missions across the defense, intelligence, homeland security, space, and health markets.

/
Navy Conducts Second Stage Rocket Motor Test for Hypersonic Missile Development
Published on
Navy Conducts Second Stage Rocket Motor Test for Hypersonic Missile Development

The U.S. Navy tested the second stage solid rocket motor nearly three months after a successful live fire test of the first stage SRM conducted as part of the development of a hypersonic missile that will be used by the service branch and the Army.

The Aug. 25th test was performed by the Strategic Systems Programs in Promontory, Utah, demonstrated the missile booster and the SRM's thrust vector control system, the Navy said Thursday.

Both tests support the Navy’s Conventional Prompt Strike hypersonic boost-glide missile system development and the Army’s Long Range Hypersonic Weapon program.

The service branches plan to conduct a series of joint flight tests, and gathered data from the said efforts will be used to inform creation and fielding of offensive hypersonic technology envisioned to be capable of defeating targets from long distances.

According to a report, Lockheed Martin serves as the weapon system's prime integrator while Northrop Grumman develops the rocket motor for boost capability. The industry team tested the first SRM in Promontory, Utah, on May 27.

/
NASA, Northrop Complete Webb Telescope’s Final Testing Regimen
Published on
NASA, Northrop Complete Webb Telescope’s Final Testing Regimen

NASA and Northrop Grumman engineers have completed the final testing phase for the James Webb Space Telescope and are preparing to ship the new observatory to a launch site in Kourou, French Guiana.

Cleanroom technicians are working to ensure JWST hardware will arrive safely at the launch pad location on the northeastern coast of South America, the space agency said Thursday.

The launch processing team will configure the spacecraft upon its arrival, conduct post-shipment checkouts, load the propellant tanks and remove the protective covers prior to its flight schedule.

Engineering teams will then work on integrating the observatory to an Ariane 5 rocket from the European Space Agency.

“To me, launching Webb will be a significant life event—I’ll be elated of course when this is successful, but it will also be a time of deep personal introspection,” said Mark Voyton, Webb observatory integration and test manager at NASA’s Goddard Space Flight Center, who spent 20 years helping in the spacecraft’s development.

The agency expects JWST to separate from the rocket approximately 26 minutes after liftoff and automatically deploy the spacecraft's solar array.

JWST will be subject to a six-month commissioning period after the launch phase is completed.

NASA looks to expand Hubble Space Telescope discoveries through Webb’s space mission, which could last for five to 10 years. The new observatory is an international effort headed by NASA in collaboration with its European and Canadian counterparts.

/
FBI IDs ‘OnePercent Group’ Launching Ransomware Attacks
Published on
FBI IDs ‘OnePercent Group’ Launching Ransomware Attacks

The FBI has identified a group of cyberthreat actors that has launched ransomware attacks against U.S. companies since November using Cobalt Strike software.

The OnePercent Group uses phishing emails with a malicious zip file attachment to infiltrate victims’ networks, installs Cobalt Strike using IcedID, encrypts and extracts data from the compromised system using rclone and observes the breached network for a month before deploying the ransomware, the bureau said Monday.

Victims will receive calls through spoofed phone numbers from the cybercrime group demanding ransom. The group will further communicate with victims by providing a ProtonMail email address and its extortion tactics starts with a warning. If an organization fails to immediately pay the ransom, the warning will progress to a partial leak and then to a full leak of extracted data.

The FBI listed indicators of compromise and applications used by the actors to execute ransomware attacks.

The agency also recommended mitigation measures for organizations, such as backing-up critical data offline, keeping devices and applications patched, implementing Microsoft LAPS and network segmentation, auditing user accounts with administrative privileges and using multifactor authentication with strong passphrases.

Supply Chain Cybersecurity: Revelations and Innovations

ExecutiveBiz, sister site of GovConDaily and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.

1 1,057 1,058 1,059 1,060 1,061 2,667