NASA plans to establish a new Earth system observatory that could help inform efforts on climate change, disaster mitigation and forest fire response as well as support modernization of real-time agricultural processes.

The space agency said Tuesday that the observatory is aimed at providing a 3D view of Earth, from bedrock to atmosphere, using satellites designed to complement the others.

Sen. Bill Nelson, administrator of NASA, said information on the Earth’s changing climate over the last three decades is drawn from the space agency's satellite observations and research.

"NASA’s new Earth System Observatory will expand that work, providing the world with an unprecedented understanding of our Earth’s climate system, arming us with next-generation data critical to mitigating climate change, and protecting our communities in the face of natural disasters," he added.

The observatory will focus on several areas, including drought assessment and forecasting, aerosols' impact on global energy balance, surface deformation and change as well as air quality forecasting and severe weather prediction.

NASA has partnered with the Indian Space Research Organisation for two radar systems designed for providing a less-than-a-half-inch measurement of changes in Earth’s surface. The space agency has kicked off the observatory's formulation phase.

NASA’s office of inspector general (OIG) has recommended that the space agency establish metrics to track the performance of its enterprise architecture and integrate it with the enterprise security architecture to help strengthen its cybersecurity readiness. 

The OIG made the recommendation after it found that NASA’s “disorganized approach to Enterprise Architecture” hampers the agency’s ability to detect, mitigate and prevent cyberattacks, according to a May 18th report.

Enterprise architecture is a blueprint of IT assets, governance principles and business processes used to establish a standardized and unified software and hardware environment. Enterprise security architecture integrates cybersecurity into the overall enterprise architecture.

The inspector general also called on NASA to work with the chief engineer on strategies to identify enterprise architecture gaps across institutional and mission IT boundaries and assess the optimal organizational placement of enterprise architect and enterprise security architects during and after Mission Support Future Architecture Program implementation to enhance cyber readiness.

“We also noted that NASA conducts its assessment and authorization (A&A) of IT systems inconsistently and ineffectively, with the quality and cost of the assessments varying widely across the Agency,” the OIG report reads.

To address the issue, NASA should identify each center's annual cost for conducting independent assessments and establish baseline requirements in the proposed Cybersecurity and Privacy Enterprise Solutions and Services contract for a dedicated team to oversee the assessment process for NASA’s 526 IT systems.

Kevin Cox, Continuous Diagnostics and Mitigation (CDM) program manager at the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), said the program management office is on schedule to implement the CDM dashboard and related capabilities at 23 CFO Act agencies by the end of fiscal year 2021, Federal News Network reported Monday.

“We’ve been working to get that new dashboard in place and have made great strides this year. We are in the process now starting to take the feeds up from the agencies,” he told FNN’s Ask the CIO. 

Cox said CDM is deploying a dashboard shared service to small and micro agencies and a dashboard-as-a-service offering to some large agencies. 

“Rather than work to deploy an individual dashboard to each of those smaller agencies, and then put the burden on them to manage the individual dashboard, we build out a shared service where their data is similar to the dashboard-as-a-service that we’re offering to the CFO act agencies. Now the shared service platform enables the agencies to feed their data to this shared environment,” he said.

“The environment is scalable, flexible, it’s multi-tenant, and each agency only sees their data,” added Cox, who is leaving CISA for the Department of Justice (DOJ), where he will serve as deputy chief information officer.

CDM has fielded the shared service at 40 small and micro agencies and plans to launch the second version by July to offer more cyber capabilities. With the dashboard-as-a-service offering, agencies do not have to develop a back-end platform to manage and store data.

If you're interested to get the latest updates about the Cybersecurity Maturity Model Certification, then check out Potomac Officers Club's CMMC Forum coming up on June 16. To register for this virtual forum and view other upcoming events, visit the POC Events page.

The Government Accountability Office (GAO) has recommended that the Department of Defense (DOD) implement leading practices for acquiring space systems, including the development of a comprehensive acquisition strategy for the Space Command and Control program and a plan to obtain additional knowledge before launching a new initiative, in order to help accelerate the delivery of new capabilities.

GAO called on DOD to create a plan to obtain additional knowledge before kicking off a new wideband satellite communications initiative, according to a report published Monday.

The congressional watchdog made the recommendations after it found that DOD still faces challenges when it comes to space systems procurement amid major changes to the acquisition environment.

“Some of these changes are external to DOD, such as increased threats to on-orbit space systems. But over the past several years, DOD also initiated substantial organizational and acquisition process changes,” the report states.

One of those initiatives is implementing an incremental approach to buying space launch services, which enabled the Pentagon to minimize risk by allowing lessons learned from “early launch competitions to inform subsequent competitions.”

The Johns Hopkins University Applied Physics Laboratory (APL) has tested research technologies under a Department of Homeland Security-funded pilot that aims to safeguard industrial control systems from cyber-attacks. 

Demonstrations showcased the capabilities of APL-developed technologies to prevent, detect and mitigate cyberattacks on industrial control systems, the not-for-profit, university-affiliated research center said Wednesday.

The pilot used the water treatment testbed in APL's Cyber Physical Resilient Systems Solutions laboratory to demonstrate a Resilient ICS.

David Halla, a cybersecurity engineer who manages the Homeland Integrated Cyber Operations Program in APL’s Asymmetric Operations Sector, said a cyberattack was effective during testing and demonstrations without defensive technologies.

“But when we turn these defensive technologies on, they prevent the attack from happening," he added.

One of the technologies implemented in the CYPRESS testbed is the Out-of-Band over Existing Communication, or OBEC, for detecting changes to water treatment-related values. APL also tested the Network Deception and Response Toolkit and the Mitigating Incidents with Mock Industrial Control Systems.

"[The technologies] can be combined with open-source tools to provide a robust, resilient approach to ICS cybersecurity," said Lauren Eisenberg Davis of APL.

The Small Business Administration (SBA) has teamed up with U.S. foreign aid agency Millennium Challenge Corporation (MCC) in a push to help smaller companies bring emerging technology to international markets for potential use in multiple sectors. 

SBA said Saturday that it signed a memorandum of understanding with MCC to explore innovations that align with country-specific technological needs in renewable energy, agriculture and irrigation, health, water and sanitation.

John Williams, director of innovation at SBA, said the partnership intends to support businesses working on emerging technology to potentially address complex problems in some parts of the world.

The two agencies jointly organized a virtual roundtable in November 2020 and hosted a second event that coincides with the signing of the MoU.

Fatema Sumar, vice president of MCC's compact operations department, noted that the agency partners with other U.S. government organizations to create a joint impact and attract private companies to blended finance initiatives.

SBA, which coordinates Small Business Innovation Research (SBIR) and Small Business Technology Transfer (SBTT) programs across the federal government, awards more than $4 billion in research and development grants annually and helped MCC establish an innovation and technology program.

Lumen Technologies (NYSE: LUMN) will participate in the following virtual investor conferences:

• Maxine Moreau, president of mass markets, will present at the J.P. Morgan 49th Annual Global Technology, Media and Communications Conference on May 26. The presentation is scheduled to begin at 5:10 p.m. EDT.
• Shaun Andrews, executive vice president and chief marketing officer, will present at the Cowen 49th Annual Technology, Media & Telecom Conference on June 3. The presentation is scheduled to begin at 10:30 a.m. EDT.
• Shaun Andrews, executive vice president and chief marketing officer, will present at the Wells Fargo Virtual Media & Telco Day on June 7. The presentation is scheduled to begin at 1:15 p.m. EDT.

About Lumen Technologies

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With approximately 450,000 route fiber miles and serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences.

The National Cybersecurity Center of Excellence (NCCoE) has drafted a document on data classification practices and asks the public for input. 

NCCoE seeks input from industry entities to further develop the draft project titled “Data Classification Practices: Facilitating Data-Centric Security," the National Institute of Standards and Technology said Wednesday.

The project aims to establish and implement standards for defining and communicating data classifications. This effort would need to determine the hardware, software and requirements needed for a laboratory environment.

NCCoE will also attempt to apply the developed approach as a basic proof-of-concept and eventually corresponding craft practice guides. Interested parties may submit responses through June 21.