/
DISA Unveils Automated Tool to Enhance Partners’ Cybersecurity
Published on
DISA Unveils Automated Tool to Enhance Partners’ Cybersecurity

The Defense Information Systems Agency has announced that its Cybersecurity Service Provider team is supplying strategic partners with Endguard, a new tool for enhancing cyber defense. With the new platform, its users will gain access to a round-the-clock endpoint detection and monitoring tool, DISA said in a LinkedIn post Monday.

According to the agency’s post, Endguard operates through Windows, macOS, Unix and Linux systems and uses Microsoft Defender for automated endpoint and server detection. The tool’s automation supports the utilization of every server and endpoint in cyberthreat detection, enables quick response to disrupt threats and simplifies implementation through cloud-based technologies, the agency added.

Real-Time Detection Capability

The tool’s threat detection and response capabilities rely on the cloud-native Microsoft Sentinel platform designed to provide real-time detection and analysis, as well as event management on mitigation and response.

Endguard simulations during the recent U.S. European Command exercise showed 100 percent detection of endpoint team attacks and 94 percent for individual threats, DISA noted.

Main Service Delivery Enabler

Jason Mowery, DISA IT specialist, described Endguard as a “new standard” for effective agency services. 

“Endguard will be the main service delivery enabler for the majority of our strategic partners in the near future, allowing DISA to continue to deliver world-class cybersecurity services to the United States Department of Defense.”

During the 2024 Department of the Air Force Information Technology & Cyberpower Conference in September, DISA Director Lt. Gen. Robert Skinner, a Wash100 awardee, stressed the need for the DOD to enhance its cybersecurity measures and technologies to counter threats and protect critical networks. He also highlighted how optimizing operations and industry collaboration can help secure the U.S. cyber landscape in the future.

//
CISA & FBI Issue Alert on Buffer Overflow Vulnerabilities
Published on
CISA & FBI Issue Alert on Buffer Overflow Vulnerabilities

The Cybersecurity and Infrastructure Security Agency and the FBI are calling on manufacturers to take steps to prevent buffer overflow vulnerabilities from being introduced into their products.

Persistent Security Issue

The agencies said in a Secure by Design Alert issued Wednesday that buffer overflow vulnerabilities are a common and well-documented kind of memory safety software design defect that can lead to system compromise. Despite the availability of proven mitigation measures, manufacturers continue to use unsafe software development practices, resulting in the persistence of buffer overflow vulnerabilities.

Effective Mitigation Measures

The alert documents mitigation measures that CISA has deemed most effective and feasible. These include the use of memory-safe languages when developing software, conducting aggressive adversarial product testing and the publication of a memory-safety roadmap detailing how the manufacturer plans to develop new products with memory-safe languages and migrate code to memory-safe languages. It was recommended that manufacturers put the measures into effect.

Role of the Customer

CISA and the FBI are also calling on customers to help ensure that manufacturers adhere to safe software development practices. According to the two agencies, customers can help by asking manufacturers to provide a software bill of materials and a secure software development attestation.

/
Trump Names Intelligence Advisory Board Chair, Members
Published on
Trump Names Intelligence Advisory Board Chair, Members

President Trump has selected former congressman Devin Nunes to chair an advisory board that will advise the chief executive on the country’s key security challenges and ensure that the Intelligence Community advances the administration’s America First agenda.

The White House said Tuesday Trump named 11 other members to the President’s Intelligence Advisory Board, or PIAB.

Devin Nunes’ Career Background

In addition to his role as chair of PIAB, Nunes is CEO of Trump Media & Technology Group.

He served as U.S. representative for California’s 21st congressional district from 2003 to 2013 and the state’s 22nd congressional district from 2013 to 2022.

During his time in Congress, the previous Wash100 awardee was chair of the House Intelligence Community. He also served as a member of Trump’s first transition team.

Other PIAB Members

  • Amaryllis Fox Kennedy
  • Brad Robert Wenstrup
  • Jeremy Katz
  • Joshua Lobel
  • Katie Miller
  • Reince Priebus
  • Robert O’Brien
  • Sander Gerber
  • Scott Glabe
  • Thomas Ollis Hicks 
  • Wayne Berman

What Is PIAB?

PIAB is an independent element within the Executive Office of the President.

For over 60 years, the advisory board has provided the president with expert advice on the conduct of U.S. intelligence and has made every effort to ensure the strict confidentiality of its deliberations and communications and the objectivity of its advice.

The board assesses issues related to the adequacy, quantity and quality of intelligence activities; effectiveness of organizational structure, personnel and management; and performance of all federal agencies engaged in the collection, evaluation or production of intelligence or the execution of intelligence policy.

The board has access to all information needed to perform its functions.

/
DARPA Invites Defense Contractors to EEI Proposers Day
Published on
DARPA Invites Defense Contractors to EEI Proposers Day

The Defense Advanced Research Projects Agency has opened the registration for a Proposers Day for its Embedded Entrepreneur Initiative, or EEI, program seeking to connect the agency’s technical teams with commercialization professionals to bring new market capabilities. The event will be held in person on Feb. 25 at Strategic Analysis in Arlington, Virginia, according DARPA’s SAM.gov post.

Prospective participants’ registration is through the https://creative.spa.com/darpa/diro/eei/pd/ website, with Feb. 18 as its deadline or until all slots are filled, the post noted. Organizations are limited to two representatives each at the event, and DARPA may hold a virtual Proposers Day if the forthcoming event generates enough interest.

Target Participants: DARPA R&D Contractors

The agency said the event’s target audience are firms that previously supported its research and development projects under a DARPA-funded program. Participants can include small- to medium-scale businesses or larger organizations like universities and large companies interested in a company spin-off.

EEI supports DARPA’s commercial strategy to provide vital commercial technologies to the Department of Defense and strengthen businesses servicing DOD needs. In 2021, the agency formed an industry accelerator to expand EEI’s commercialization efforts.

Under the EEI program, the participants are provided with go-to-market resources, such as tools, advice and business insights complementing their technical expertise. Besides potential opportunities to sell products to government and commercial customers, the program positions its awardees to attract U.S. investment.

/
Quiet NASA Supersonic X-59 Jet Moves Closer to Maiden Flight
Published on
Quiet NASA Supersonic X-59 Jet Moves Closer to Maiden Flight

NASA and Lockheed Martin have completed three engine run tests of the X-59 aircraft for its planned 2025 first flight under the agency’s Quesst program mainly addressing the noise pollution of supersonic flights. The performance of the plane’s modified F414-GE-100 engine met expectations during the tests conducted from October to January at Lockheed’s Skunk Works facility in Palmdale, California, NASA said Tuesday.

Engine Response Checks

One of the tests involved the aircraft’s hydraulics, electrical and environmental control systems, with the engine powered up but idling. Throttle checks were also performed to bring full power to the aircraft and maximum thrust from its afterburner. The third test checked engine reaction to swift throttle snaps to validate the engine’s instantaneous response.

According to Raymond Castner, X-59 propulsion lead at NASA’s Glenn Research Center in Cleveland, ground tests on the aircraft’s engine “have successfully progressed” as planned. 

“We were getting smooth and steady airflow as predicted from wind tunnel testing. We didn’t have any structural or excessive vibration issues. And parts of the engine and aircraft that needed cooling were getting it,” Castner said.

Additional Pre-Flight Testing

Further tests before the X-59’s maiden flight include an evaluation of the potential electromagnetic interference of the aircraft. X-59 taxi tests will also be conducted as part of the preparations for the first flight.

Lockheed introduced the X-59 concept at the American Institute of Aeronautics and Astronautics Aviation Forum in June 2019 and booked a five-year, $40 million NASA contract for the experimental aircraft in December 2020. The X-59 was formally unveiled in a rollout ceremony in January 2024 and passed a flight readiness review in May, transitioning its development to the airworthiness and flight safety tests.

//
GAO Report Tackles Coast Guard Cybersecurity Support for MTS
Published on
GAO Report Tackles Coast Guard Cybersecurity Support for MTS

The Government Accountability Office has found three issues preventing the U.S. Coast Guard from effectively addressing the cybersecurity risks faced by the Maritime Transport System, a critical infrastructure subsector for which the Coast Guard serves as lead risk management agency.

Cybersecurity Risks to MTS

GAO said in a report released Tuesday that the cybersecurity risks faced by the MTS — which handles $5.4 trillion in goods and services annually — stems from the reliance of its constituent vessels and facilities on various technologies, including networking capabilities, that are susceptible to attack from numerous threat actors such as transnational criminal organizations and adversary countries.

Incomplete Cyber Information

One of the ways the Coast Guard helps the MTS address these threats is by identifying cybersecurity-related deficiencies, a function that is impeded by the inability of the system of record — the Marine Information for Safety and Law Enforcement, or MISLE, system — to provide the Coast Guard access to complete information on inspection results concerning to cybersecurity.

Deficient Cyber Strategy

The Coast Guard has also established a cyber strategy to address MTS cybersecurity risks, but of the five characteristics that make such a strategy effectively, only one has been fully addressed.

Workforce Competency Issues

The Coast Guard also appears to not have adhered to leading practices that would ensure its personnel would be capable of handling cybersecurity risks at all. Competency requirements have not been fully developed and competency gaps have not been fully assessed.

GAO Recommendations

To correct these problems, GAO offered five recommendations, including that the Coast Guard update MISLE so it could provide full access to cyber-related information; ensure that all the key characteristics of its cybersecurity strategy are addressed; and assess all workforce competency gaps.

/
Red River Opens Renovated Vehicle Repair Facility
Published on
Red River Opens Renovated Vehicle Repair Facility

The Red River Army Depot unveiled its modernized wheeled vehicle repair facilities on Jan. 30.

The U.S. Army said Tuesday the two renovated facilities are the result of a four-year modernization project worth $42 million.

‘Raising the Roof’ on Red River Modernization

The “raise the roof” project, which started in 2020, increased the height of the roof by almost 12 feet and widened the column space by 20 feet. With a combined floor space of 180,000 for the two buildings, depot team members now have more room for body surface repairs, surface preparation and assembly processes. The larger depot also enables the team to work not only on light and medium tactical vehicles but also on larger assets.

Furthermore, the modernization project provided enhanced equipment, which will help the team to work more efficiently. The revamped facilities are meant to primarily aid and serve warfighters’ experiences.

The ribbon-cutting ceremony was attended by members of the Red River Army Depot, U.S. Army Corps of Engineers staff and representatives from the state and city government. Special guests included Col. Denis Fajardo, commander of the RRAD and Col. Calvin Kroeger, commander of Fort Worth District, U.S. Army Corps of Engineers.

“Many facilities, while having served us faithfully over the decades, are now at a stage where they require significant upgrades to continue to meet the demands of modern military operations,” said Fajardo. “In addition to the extremely positive impact these facilities will have on our production process, the improvements you see today incorporate additional safety measures designed to better protect our workforce.”

/
Rep. Ken Calvert Advocates for Space as Critical Infrastructure
Published on
Rep. Ken Calvert Advocates for Space as Critical Infrastructure

Congressman Ken Calvert of California’s 41st Congressional District has introduced the Space Infrastructure Act, which directs the Secretary of Homeland Security to designate space systems, services and technology as a sector of critical infrastructure

Protecting the Nation by Protecting Space-Based Systems

In a press release released Monday, Calvert said the H.R. 1154 aims to protect the United States’ space systems by officially declaring them as critical infrastructure. According to the representative, the nation relies heavily on space-based systems for communication, navigation, banking and other critical systems. The bill ensures the country’s domestic and national security space infrastructure is safeguarded from emerging threats.

The co-sponsors of the bill include Reps. Salud Carbajal, Brian Fitzpatrick and Ted Lieu, who is co-chair of the Congressional Aerospace Caucus along with Calvert.

Congressional Perspectives

“The Space Infrastructure Act designates our space systems as critical infrastructure and takes appropriate measures to protect them,” said Calvert. “As our economy and essential communication systems become increasingly reliant on the support of space-based systems and services, we must act accordingly to increase the safeguards that shield them from any potential threats.”

“From navigation systems to banking to communications systems – space is infrastructure,” stated Lieu. “To ensure this sector receives the necessary attention and resources, we must designate space as critical infrastructure.”

“I’m proud to be part of bipartisan legislation that ensures assessments of our nation’s critical sectors reflect the role that space infrastructure has in our homes, our commerce, and our national security,” added Carbajal.

“The bipartisan Space Infrastructure Act is a crucial step in ensuring the resilience and security of our nation’s space assets by requiring the Department of Homeland Security to formally designate our space systems and technologies as integral components of our national infrastructure,” remarked Fitzpatrick.

//
Maj. Gen. Stephen Purdy on Space Force Acquisition Reform
Published on
Maj. Gen. Stephen Purdy on Space Force Acquisition Reform

Maj. Gen. Stephen Purdy, the U.S. Space Force’s acting acquisition executive, said his office is advancing efforts to reform acquisition processes and ramp up oversight of underperforming programs, SpaceNews reported Tuesday.

“We’re continuing those efforts, but doing it more aggressively,” Purdy said Tuesday at the National Security Space Association’s Defense and Intelligence Space Conference.

He noted that the military branch is also working to make government officials managing acquisition programs accountable.

“We are looking at taking action against poor-performing government program managers,” Purdy said. “First, we’re going to give them help, provide guidance and additional acquisition support, and if they’re not making it, then we’ll look at removals.”

Evaluating Risk Exposure in Cost-Plus Contracts

According to the major general, his office is now focused on assessing risk exposure in cost-plus contracts, which are commonly linked to more complex, high-risk technology development efforts.

“We are now really looking to explore risk exposure on our programs,” he said. “These typically are programs using cost-plus contracts, and they are really difficult technology. So we’re going to look hard at figuring out how to get out of that, and that’s going to be painful on all sides.”

Increasing Engagement With Investors

The Space Force official said the organization is attempting to improve engagement with venture capital investors to advance the integration of commercial space technologies into national security programs.

Purdy noted that the service branch is working hard to reach out to investment communities, particularly in New York and Miami.

“We found that they really understand our mission area pretty well,” he added.

/
Matthew Graviss Steps Down From State Department CDO Post
Published on
Matthew Graviss Steps Down From State Department CDO Post

Matthew Graviss is stepping down as the State Department’s chief data and artificial intelligence officer, he announced in a LinkedIn post Sunday. 

He became the department’s first chief data officer in December 2020 and has since pushed for data accessibility, interoperability and actionability.

“Serving as State’s first Chief Data and AI Officer has been an honor, and I’m immensely proud of the work we’ve done to modernize the Department with data and digital tools. But beyond the technology, I’m most grateful for playing a small role in transforming the culture—helping State embrace the power of tech to drive diplomacy,” wrote Graviss.

Graviss’ Public Service Career

In addition to his post as chief data and artificial intelligence officer, Graviss also serves as the State Department’s managing director for the Office of Management Strategy and Solution’s Center for Analytics. 

The office’s objective is to promote a data-focused culture within the department while ensuring corresponding talent. It aims to develop data governance, increase analytics capability and modernize data technology solutions at the State Department.

Before joining the department, he held various leadership roles at the Department of Homeland Security, including chief data officer at the Citizenship and Immigration Services, Transportation Security Administration director and Customs and Border Protection director.

1 112 113 114 115 116 2,618