The U.S. Navy and the U.S. Marine Corps will implement a centralized approach to buying cloud services under a new policy signed in December 2020 to gain more visibility into their commercial cloud spending, Federal News Network reported Thursday.

The Department of the Navy will move cloud purchases via the Naval Digital Marketplace, an electronic provisioning service run by the program executive office for digital and enterprise service, beginning in March. PEO Digital will oversee DON’s cloud contracts and decouple such purchases from larger contracts.

“One of the great lessons that we’ve learned was that when cloud was wrapped up within [other contracts], it created risk to the Department of Navy in understanding where our data was and how security was being implemented,” said Travis Methvin, project manager for the Naval Commercial Cloud Services office.

“It also reduces the amount of time and effort it takes an organization to let their own contract if we can focus on enterprise availability of those things. We’re also looking at how we support our partnership with the cloud offices within DoD and their and their desire to get to an enterprise environment.”

PEO Digital will establish new mechanisms to track DON’s commercial cloud consumption and Methvin said the program executive office will initially focus on the department’s fielding of Microsoft Azure cloud services.

“Over the next four-to-six months, you’re going to start to see the ability to use API-driven self-service deployments for things like infrastructure-as-code for our agreements with Azure, you’ll start to see software-as-a-service with our partnership with ServiceNow, and we’ll be looking at other opportunities for industry partnerships that allow mission owners to start to work a little bit more efficiently,” Methvin said. “What used to take nine to 12 months for individual applications, we’re really trying to reduce the barrier and get it into a week’s time.”

Air Force Research Laboratory's Aerospace Systems Directorate demonstrated high-altitude precision airdrop during a test flight in November 2020.

AFRL said Friday that it dropped bundles of the Optimized High Altitude Low Opening cargo delivery system that weighed over 1,900 pounds, with batches of four, six and 16 units.

The tests ran from Nov. 16 to 19 in Yuma, Arizona. Researchers divided the bundles between legacy and modern systems to properly differentiate performance rates.

“The main goal was to demonstrate the capabilities of the Optimized High Altitude Low Opening (HALO) technology, which includes probabilistic airdrop planner algorithms and variable transition altitude in wireless activation device,” said Daniel Schreiter, the program manager for precision airdrop at AFRL.

The new HALO technology is designed to allow for high-altitude drops, and AFRL plans to further modernize airdrop capabilities as future requirements arise.

The Cybersecurity and Infrastructure Security Agency (CISA) has discovered the occurrence of an advanced persistent threat in cloud environments after the event of a system compromise. CISA said Friday that it detected an APT actor that accessed cloud resources via compromised Microsoft 365 applications and additional credentials.

The agency now advises organizations to use CISA's Sparrow tool, CrowdStrike's Azure Reporting Tool and open-source utility Hawk to identify and address APT threats that may affect supply chains.

Concerned network administrators may view CISA's alert report on the matter for more countermeasures and information regarding the APT threats.

Maj. Gen. Sean Gainey, director of the Joint Counter-Small Unmanned Aircraft Systems Office, (JCO) said the U.S. Army will conduct the first government-industry testing event for counter-sUAS technologies in April, Defense News reported Friday.

The service's Rapid Capabilities and Critical Technologies Office will host the testing alongside the U.S. Air Force, Gainey said Friday at a virtual event held by the Center for Strategic and International Studies.

The event will take place during April's first week and represents the defense industry's first opportunity to demonstrate counter-sUAS technology for the Department of Defense (DoD).

JCO has already identified temporary counter-UAS systems to be demonstrated under the program. One of these is the U.S. Marine Corps' Light Mobile Air Defense Integrated System for mounted or mobile use.

The Center for Business Civic Engagement (CBCE) at George Mason University (Mason) has partnered with UiPath to establish the Robotic Process Automation (RPA) Initiative. The joint project will work to determine the impact of RPA on government effectiveness and efficiency.

“We are excited to partner with UiPath, a leader and innovator, and look forward to helping determine how RPA usage can improve the working of public sector organizations and succeed in meeting the ever-growing demand for services among stakeholders,” said Dr. David Rehr, director of the Center and a faculty member at the Schar School of Policy and Government at Mason. 

The initiative will research, educate and communicate how the adoption of RPA can improve productivity, operations and service delivery of public sector organizations. It will also study and recommend governance models and public policy initiatives for RPA deployment.

“Our Center at Mason focuses on researching ways to make government more effective and efficient. We have seen recent examples of RPA deployments throughout federal, local, and state governments helping to confront the COVID pandemic while protecting the safety of our citizens,” continued Rehr.

In addition, the RPA Initiative will promote public knowledge of the RPA industry; conduct case study research; survey the general awareness of RPA; educate policy makers to increase understanding of RPA; present webinars to discuss industry initiatives; and provide an academic stage for discussion of public policy issues relating to RPA across the government.

“Mason has a history of innovation, technology, and studying public policy. We believe the partnership is a great fit and will benefit citizens seeking greater value in public sector programs and initiatives,” said Bobby Patrick, UiPath chief marketing officer.

CyberCore has recently published a white paper that has analyzed cyber hygiene and highlighted various ways for businesses to improve their cyber posture, the company reported on Monday.

“As we have adapted to changes and remote working, the one thing that wasn’t initially at the top of my mind was Cyber Hygiene,” CyberCore’s director of Business Development and Capture, Jennifer Stacey.

Of the reported cyber practices, CyberCore noted that Identity Theft protection will enable users to monitor financial accounts and credit bureaus using MyIDCare, Experian, Lifelock and Identity Guard. CyberCore also urged businesses to update security software and create strong and unique passwords to mitigate risk.

The company added that two-factor authentication on home laptops and computers, cell phones, and any work or personal accounts will increase security. With the increase of remote work, CyberCore noted that a secure home network, with WPA2 or WPA3 encryption on personal routers, is critical to bolster cyber hygiene.

“[Cyber Hygiene is] practices and steps that individuals (users) need to incorporate into their everyday routine in their usage of electronics to maintain devices, systems, health, and improving one’s online security from bad actors,” added Stacey.

CyberCore reported that users and businesses should update security software regularly and securely store sensitive files. When disposing of sensitive data, CyberCore said that it should be shredded with a shredder that has a rating of PS3 or PS4.

The company noted that implementing and practicing Cyber Hygiene while working from home will enable users to protect personal information and companies’ intellectual property from bad actors.