/
HHS to Update HIPAA Security Rule to Better Protect Health Data
Published on
HHS to Update HIPAA Security Rule to Better Protect Health Data

The Office for Civil Rights at the Department of Health and Human Services has proposed a new measure to amend the Security Rule of the Health Insurance Portability and Accountability Act—or HIPAA—of 1996 to require health plans, healthcare providers and healthcare clearinghouses to better safeguard individuals’ electronic health information from cyberthreats.

“Cyberattacks continue to impact the health care sector, with rampant escalation in ransomware and hacking causing significant increases in the number of large breaches reported to OCR annually,” OCR Director Melanie Fontes Rainer said in a statement published Friday.

According to HHS, large breaches caused by hacking and ransomware have increased 89 percent and 102 percent, respectively, since 2019.

“This proposed rule to upgrade the HIPAA Security Rule addresses current and future cybersecurity threats. It would require updates to existing cybersecurity safeguards to reflect advances in technology and cybersecurity, and help ensure that doctors, health plans, and others providing health care meet their obligations to protect the security of individuals’ protected health information across the nation,” Rainer added.

What Would the Proposed Rule Do?

The proposed measure would provide more specific instructions for covered entities and business associates to better secure electronic health data.

The rule would also require regular testing and updating of policies and procedures and better align the Security Rule with modern cybersecurity best practices.

/
AIA Calls for Consistency, Clarity in Proposed Changes to US Space Export Controls
Published on
AIA Calls for Consistency, Clarity in Proposed Changes to US Space Export Controls

The Aerospace Industries Association has posted key recommendations for changes in export controls that take into consideration progress and advancements in space technology. The trade organization said in comments submitted to the Directorate of Defense Trade Controls and the Bureau of Industry and Security that updating the U.S. export controls would strengthen the nation’s leadership position in space innovation on the global stage. 

The comments were made in response to the DDTC and BIS’ October announcement on a series of rules on space-related exports, including a proposed rule on transferring jurisdiction on certain space-related defense articles from the U.S. Munitions List to the Department of State to the Department of Commerce’s Control List. 

The AIA represents over 300 companies within the aerospace and defense industry. 

“As the U.S. space industrial base continues to expand and technological innovation accelerates, AIA, on behalf of the U.S. space industry, remains committed to advancing the space enterprise while protecting national security and enabling commercial space interests abroad,” commented Steve Jordan Tomaszewski, the association’s vice president of space systems.

Industry Representative Calls for Consistency

In its comments, the group pointed out that the DDTC’s proposed rule includes technologies that are no longer listed in the Missile Technology Control Regime’s list or controlled by MTCR partner nations. The AIA asked the DDTC and BIS to ensure that changes to U.S. export controls are in line with the MTCR’s commitments. 

The association also called for increased attention to unmanned aerial vehicle systems, specifically the separation and staging mechanisms and launch technology, in the proposed rule. 

In addition, the AIA urged the government to make further revisions to the U.S. Munitions List, or USML. The government must work with industry to ensure that the catalog more accurately reflects the technologies available in the commercial market, the comments read. 

AIA Requests Enhanced Clarity to Avoid Misinterpretation

One of the main points that the AIA raised is clarity in the language used in the proposed rule. The group said the DDTC and BIS should review paragraphs on USML updates to avoid misunderstandings. Providing definitions of terms and controlled articles and minor reclassifications could ensure that changes to the list of controlled technologies are clear and concise. 

The AIA also recommended that the DDTC and BIS adopt the aerospace and defense industry’s interpretation of space technology and spaceflight.

//
USAF Leads Standardized Aircraft Data Format Development
Published on
USAF Leads Standardized Aircraft Data Format Development

The U.S. Air Force Rapid Sustainment Office is collaborating with industry partners to establish standardized data formats for the whole Air Force fleet through the SAE AS7140 Common Open Data Exchange initiative.

The Air Force Materiel Command said Thursday the initiative involves the Air Force Safety Center and Air Force Test Center along with partners from the private sector, namely, Airbus, Bell, Boeing, Collins Aerospace, EASA, GE Aerospace, Honeywell Aerospace, IEEE, Leonardo, Lockheed Martin, Meggitt, Northrop Grumman, Raytheon, Rolls Royce, SAE and Sikorsky.

SAE AS7140 Common Open Data Exchange

The SAE AS7140 CODEX aims to develop three standardized aircraft data file formats and a universal data decoder application programming interface by early 2025. The project also involves the standardization of health and usage monitoring systems, or HUMS, data for modern and selected legacy Air Force platforms.

The file formats include the line replaceable units, or LRU, format used for binary, or BIN, data stored onboard aircraft avionic systems where data is gathered from the aircraft and uploaded into a Department of Defense cloud. 

The ground-station format provides a human-readable form of the decoded data, while the third format, called the cloud format, or PARQUET, determines how the cloud data is stored. This format is characterized by its metadata-rich compressed state and supports legacy and modern aircraft.

The standard data decoder API addresses the challenge of data accessibility. It enhances source data access enabling it to decode data from any next-gen LRU or aircraft.

//
Army Advances Software Modernization, Cybersecurity With 5 Policy Memos
Published on
Army Advances Software Modernization, Cybersecurity With 5 Policy Memos

The Office of the Army Chief Information Officer has advanced software modernization by releasing five new policy memos to guide Initiative 8 under Army Directive 2024-02, Enabling Modern Software Development and Acquisition Practices.

In a LinkedIn post, the Army CIO Office said the policy documents seek to accelerate cybersecurity through DevSecOps, which intends to integrate security into software development to rapidly deliver new tools to warfighters.

The memos are Army Software Modernization Directive—Initiative 8—Implementation Plan; Army DevSecOps Configuration Management Framework; Army DevSecOps Platform Certification; Army DevSecOps Pipeline Certification; and Army Transition to Continuous Authority to Operate, or cATO.

Leonel Garciga, CIO of the U.S. Army and a 2024 Wash100 awardee, signed all five memos.

Software Modernization Directive Implementation Plan

The first memo will serve as guidance for the implementation of Initiative 8 of Army Directive 2024-02 and ensure that security is integrated into the software development lifecycle by using DevSecOps methodologies.

Initiative 8 seeks to modernize cybersecurity by accelerating and improving the traditional approach to the risk management framework.

According to this policy, all Army software development supporting capabilities that require an authority to operate, or ATO, will use certified DevSecOps platforms, or DSOPs.

As appropriate, software development that uses continuous delivery and deployment will use certified DevSecOps pipelines.

The memo states that all software development that has not received an ATO will need a certified DSOP and a certified DevSecOps pipeline before a cATO will be issued or within 365 days.

/
Future USS Iowa Joins Navy Submarine Fleet
Published on
Future USS Iowa Joins Navy Submarine Fleet

The future USS Iowa, the newest attack submarine and the 12th battle force ship delivered in 2024, has been welcomed by the U.S. Navy Submarine Force on Dec. 22.

The pre-commissioning unit, or PCU, of the SSN 797 arrived at the Naval Submarine Base New London in Groton, Connecticut on Dec. 19 and was delivered to Submarine Squadron 4, the Navy said Monday.

The Future USS Iowa

The USS Iowa, designed for anti-submarine, anti-surface ship and strike warfare, is the 24th Virginia-class submarine on which General Dynamics’ Electric Boat subsidiary and HII-Newport News Shipbuilding collaborated. It is also the sixth of 10 VCS Block IV configured attack submarines and the 13th attack submarine delivered by GDEB.

The SSN 797 is the first submarine named after the Hawkeye State, though there are five other Navy ships christened with the same name. This includes the USS Iowa, BB 61, which served during World War II and the Vietnam War.

GDEB held the ceremonial ship launching of the USS Iowa on June 17, 2023, at its shipyard in Groton, Connecticut with Christie Vilsack as the PCU’s sponsor. The commissioning ceremony will be held on April 5, 2025.

Capt. Mike Hollenbach, Virginia Class Submarine program manager, stated, “The Virginia-class submarine represents a Navy and industry commitment to deliver warfighting excellence to the fleet.”

//
White House Issues Cybersecurity Plan for US Energy Ecosystem
Published on
White House Issues Cybersecurity Plan for US Energy Ecosystem

The Office of the National Cyber Director has published an Energy Modernization Cybersecurity Implementation Plan outlining the federal government’s initiatives to achieve a more secure energy ecosystem.

The EMCIP provides a roadmap for federal efforts to secure the next generation of U.S. energy generation, transmission and distribution, which calls for close partnership between the government and the private sector, the White House said Friday. Under the plan, each of the 32 initiatives will be managed by a lead agency with a specific deadline for completion.

Promoting Cyber Resilience for the US Energy Ecosystem

The EMCIP will carry out programs to achieve cybersecurity resilience for five linchpin energy technologies, which are determined to deliver the highest return on efforts to secure the U.S. energy infrastructure. Through the plan, the Department of Energy will integrate battery energy storage systems operators into cyber exercise programs to address challenges in the battery ecosystem.

Securing Distributed Energy Resources

The DOE will also develop guidance for adopting the tools to increase the cyber posture of network-connected inverters and power conversion equipment. In addition, the agency will design testing procedures for the critical management software to securely operate distributed energy resources and other innovative energy systems.

The EMCIP initiatives aim to enhance the country’s building energy management systems by conducting risk assessments for their most commonly used components and platforms. The plan will also work to safeguard the cybersecurity of electric vehicles and EV charging infrastructure, which will used as backup electricity or virtual power plants to advance systemic resilience.

The government will implement the EMCIP through 12 federal agencies, which will work with stakeholders and form new partnerships in executing its initiatives.

/
Senate Bill to Authorize $25.4B in FY25 Funds for NASA
Published on
Senate Bill to Authorize $25.4B in FY25 Funds for NASA

Six senators have introduced a bipartisan bill that would authorize $25.4 billion in fiscal year 2025 funding for NASA’s space exploration, operations, technology development and Earth and space science initiatives.

In a Dec. 19 news release the Senate Commerce Science and Transportation Committee said the proposed NASA Transition Authorization Act of 2024 would allocate approximately $7.6 billion in FY 2025 funds for space exploration efforts; $4.5 billion for space operations; $7.6 billion for science; and $1.2 billion for space technology.

“This bipartisan legislation sets an ambitious course for America’s space program, ensuring NASA’s leadership from Earth’s orbit to the Moon and Mars,” said Sen. Maria Cantwell, D-Wash., chair of the Senate panel.

“With a $25.4 billion investment in exploration and innovation, we’re creating extraordinary economic opportunities – Washington state alone has over 1,500 aerospace companies generating $4.6 billion in economic activity,” she added.

Cantwell introduced the measure with Sens. Ted Cruz, R-Texas; Kyrsten Sinema, I-Ariz.; Eric Schmitt, R-Mo.; Ben Ray Lujan, D-N.M.; and Roger Wicker, R-Miss. 

What Would the Bill Do?

The legislation would direct NASA to continue the development of all space exploration elements under the Artemis moon exploration program and provide continued support for at least two lunar landers.

The proposed measure would require the space agency to use commercially provided orbiting space stations and continue the commercial lunar payload services program to acquire lunar payload delivery support from commercial providers.

According to the legislation, the space agency should support the development of navigation capabilities, advanced communications and time synchronization standards to ensure well-coordinated activities on the moon’s surface.

Under the bill, NASA should brief Congress on the support its personnel provide to federal agencies that regulate the country’s commercial space industry.

//
GigEagle Lands CDAO Funding for AI-Powered Talent Marketplace
Published on
GigEagle Lands CDAO Funding for AI-Powered Talent Marketplace

The Chief Digital and Artificial Intelligence Office has invested $5.3 million to support the further development of GigEagle’s artificial intelligence-powered joint talent marketplace for digital talent.

CDAO’s GigEagle Investment

The Defense Innovation Unit said on Dec. 20 CDAO’s grant for research, development, test and evaluation through its Management Innovation Pilot is intended for the development and deployment of innovative identification and engagement capabilities for digital talent across the DOD. 

GigEagle’s Talent Matching Platform

The real-time digital talent marketplace, launched by the Defense Innovation Unit in April, utilizes machine learning to quickly connect skilled workers with critical roles. Aside from the DIU and CDAO, GigEagle is also collaborating with the Office of the Undersecretary for Personnel and Readiness and the Chief Talent Management Office to accelerate the development and deployment of the platform across the defense enterprise. This initiative aligns with the DOD’s commitment to prioritize talent management of military and civilian personnel.

The platform has served the Office of the Chief of the Army Reserve, Space Systems Command, European Command, Air Force Research Laboratory, an Intelligence Community agency and other organizations.

Air Force Brig. Gen. Michael McGinley, director of GigEagle and the Agile Talent Ecosystem, stated, “Partnering at the enterprise level is a major step toward harnessing and scaling GigEagle’s technology for DOD’s digital workforce.”

DIU Director Doug Beck said, “GigEagle and tools that help provide easy access to this talent, from within the Defense Innovation Community of Entities, like AFWERX, Marine Innovation Unit and Spacewerx, across the services and components, will be critical in helping to leverage tech with the warfighter focus, speed and scale for strategic effect.”

Chief Digital and AI Officer Radha Plumb, added, “GigEagle helps to match our highly skilled Reserve and National Guard personnel with opportunities throughout the department.”

//
DOE Awards $179M in Funding Grants for Chip Development
Published on
DOE Awards $179M in Funding Grants for Chip Development

The Department of Energy has selected three microelectronics science research centers for funding grants of $179 million to help them enhance microelectronics’ energy efficiency and create new chips for extreme environments.

The funding will enable the MSRCs to conduct research in microelectronics materials, device and system design, and manufacturing science to transform microelectronics technologies, the DOE said Monday. The program supports the government’s vision of producing microelectronics capable of operating in high-radiation, cryogenic and high-magnetic field environments.

According to Harriet Kung, deputy director of science programs at the DOE’s Office of Science, the research centers will deliver innovations to improve U.S. lives and enable the country to maintain its science and technology leadership. 

“Advancements in microelectronics are critical to furthering scientific discovery,” she added.

Funding Recipients and Their Missions

The funding program will help the Microelectronics Energy Efficiency Research Center for Advanced Technologies explore technologies to bridge sensing, edge processing, artificial intelligence and high-performance computing. MEERCAT will accelerate the deployment of scalable and sustainable systems to reimagine computing and sensing models.

Another fund recipient, the Co-design and Heterogeneous Integration in Microelectronics for Extreme Environments Center, will develop durable systems for high performance in extreme thermal and radiation environments. CHIME will turn new research into scalable capabilities that address critical societal and industrial needs.

Under the program, the Extreme Lithography and Materials Innovation Center will integrate new materials and processes into advanced microelectronic systems. ELMIC will collaborate with Lawrence Livermore National Laboratory to start working on a future build of extreme ultraviolet lithography.

The centers are established as networks of projects that were selected by competitive peer review under the DOE. Projects will run up to four years and access an initial $41 million, with the succeeding funding to be determined by congressional appropriations.

//
Navy Establishes Software Modernization & Innovation Organization
Published on
Navy Establishes Software Modernization & Innovation Organization

The Department of the Navy has released a memorandum directing the establishment of an Echelon I organization to help accelerate the development and deployment of mission-driven and user-focused software to warfighters and civilians.

SMIO’s Responsibilities

DON said Monday the Software Modernization and Innovation Organization, or SMIO, within the Office of the Assistant Secretary of the Navy for Research, Development and Acquisition, or ASN RD&A, will collaborate with the department’s software practitioners and mission owners to advance enterprise DevSecOps platforms.

According to the Dec. 6 memo, SMIO will drive the department’s collaborative customer-focused strategy to advance modernized software development and delivery efforts. The new organization will introduce operating guidance and best practices associated with a software factory ecosystem, or SwFE, including a transparent process for designating and using enterprise DevSecOps platforms, or EDPs.

Within 60 days of the memo’s release, the new organization should issue a charter outlining the mission, functions, roles, reporting structure and reported outcomes.

The department directs SMIO to design and implement automated metrics and technical data standards to track SwFE’s overall health and provide insight into performance, schedule and cost; leverage diverse pathways to innovation to ensure that the fleet’s requirements are being met and emergent technologies are integrated into SwFE; and work with the Office of the DON Chief Information Officer/Chief Technical Officer on processes, metrics and policies in software containerization, open-source software and application programming interfaces, among key areas.

Jane Rathbun, DON CIO and a 2024 Wash100 Award recipient, signed the memo with ASN RD&A Nickolas Guertin, a previous Wash100 awardee.

1 116 117 118 119 120 2,595