/
Navy Publishes Memo on Mitigating Technical Debt
Published on
Navy Publishes Memo on Mitigating Technical Debt

The Department of the Navy has made public a new memorandum developed to reduce technical debt across installations. In a press release published Thursday, the Navy said the document aims to strengthen mission readiness and advance sustainability across the organization.

Meredith Berger, assistant secretary of the Navy for energy, installations and environment and chief sustainability officer, collaborated with Jane Overslaugh Rathbun, chief information officer at DON and a Wash100 winner, to create the memorandum titled CSO Serial Six: Technical Debt. 

Mitigating Vulnerabilities Through Modernization

A technical debt refers to outdated systems that create cyber vulnerabilities and impact operational efficiency. The CSO Serial Six memorandum plans to remedy the issue through four actions, starting with exercises to find vulnerabilities in military systems, test responses to cyber incidents and strengthen cybersecurity. 

The CSO also recommended investing in new technologies that not only improve workforce productivity but also boost energy efficiency and overall sustainability. According to the memo, outdated systems cause various challenges such as frequent disruptions and downtime. The adoption of cloud services, for example, can eliminate downtime and facilitate collaboration, leading to more streamlined operations. 

The memo also calls for the use of innovative cooling technologies and the implementation of responsible electronic equipment practices. Both actions support the DON’s sustainability goals. 

“These actions will provide more reliable and efficient systems, which will enhance mission readiness, operational cost efficiency, and increase user productivity,” said Berger. “Through sustainability, we support an agile, resilient, and ready force equipped to meet the demands of today’s missions and stay ahead of future requirements.” 

The CSO Serial Six: Technical Debt is the sixth memorandum Berger’s office has published. The first five memoranda focused on infrastructure resilience, water security, nature-based resilience, sustainable supply and acquisition, and shore energy and decarbonization.

/
NASA Assigns Mary Beth Schwartz, David Korth to Johnson Center Posts
Published on
NASA Assigns Mary Beth Schwartz, David Korth to Johnson Center Posts

NASA has announced the appointments of Mary Beth Schwartz as head of center operations directorate at the Johnson Space Center and David Korth as deputy for Johnson’s safety and mission assurance directorate.

Schwartz, who has been working with NASA for almost 20 years after starting as an intern, was the immediate former deputy of Johnson’s center operations directorate, according to her LinkedIn profile. Her previous positions in the agency include senior chair of the payload safety review panel for the International Space Station and Space Shuttle programs.

She also worked as manager of safety and mission assurance business office and led its budget consolidation and integration functions. A graduate of bachelor of science in mechanical engineering from the University of Houston, Schwartz has received the NASA Exceptional Service medal the NASA Honor and Silver Snoopy awards.

Vanessa Wyche, Johnson Space Center director, cited Schwartz’s “unique perspective” in focusing center operations not only on mission and customer goals but also employee experience.

“I appreciate her vision for the organization, commitment to the mission and overall genuine respect of the workforce,” she said.

Korth’s Background

Wyche also acknowledged Korth’s track record meriting his appointment as Johnson’s safety and mission assurance directorate deputy, calling him an “outstanding leader and engineer” with a full grasp on the agency’s safety procedures.

“His leadership will ensure the center continues its safety-first ideology,” Wyche commented.

Korth has worked at NASA for over 17 years and held the role of deputy manager of the ISS Avionics and Software Office before his new appointment. He also previously served as deputy manager of the ISS Systems Engineering Office where he concurrently headed procurement for the NASA commercial destination program. 

His NASA career started in 1998 as an engineer in the ISS operations planning group, bringing with him over eight years of experience in the Houston-based aerospace company Barrios Technology. He also previously worked part-time for five years as an adjunct mathematics instructor at Lee College. 

Korth has earned several career recognitions, including a Rotary National Award for Space Achievement, two NASA Outstanding Leadership medals and a NASA Exceptional Achievement medal. He holds a bachelor’s degree in aerospace engineering from Texas A&M University and a master’s degree in statistics from the University of Houston-Clear Lake.

//
NSA Publishes Recommendations to Address Software Comprehension
Published on
NSA Publishes Recommendations to Address Software Comprehension

The National Security Agency, in partnership with other federal agencies, has released a cybersecurity information sheet, or CSI, outlining recommended actions to address software understanding gaps.

The CSI was finalized in coordination with the Cybersecurity and Infrastructure Security Agency, the Defense Advanced Research Projects Agency and the Office of the Under Secretary of Defense for Research and Engineering, NSA said Thursday. The document highlights the need for systems owners and operators to construct their software-controlled infrastructure across normal, abnormal and hostile conditions.

Software Understanding as Critical Effort

According to NSA Research Technical Director Neal Ziring, the report urges the government and private sectors to treat software understanding as a critical effort to the country’s success in the future.

“A lack of understanding of software imposes risks on many critical systems that are dependent on software to run properly and as intended,” he noted.

The new report pushes for enhanced collaboration to achieve “a more vigorous understanding of software on a national scale,” CISA said in a separate release, adding the U.S. government is already involved in activities, such as research investments and mission agency initiatives, seeking to improve software understanding.

Policy Actions, Innovations and Investment

Titled “Closing the Software Understanding Gap,” the CSI says software understanding gaps can be addressed by implementing policies that require characterizing software behavior before it is deployed into critical systems. The document also calls for the introduction of technical innovations, such as artificial intelligence, to develop reliable and affordable capabilities. Additionally, stakeholders are encouraged to invest in research, development and engineering for a unified set of software understanding capabilities.

/
OMB Moves to Reestablish Chief Data Officer Council
Published on
OMB Moves to Reestablish Chief Data Officer Council

The Office of Management and Budget has issued a memorandum to reestablish the Chief Data Officer, or CDO, Council to continue its efforts to enhance the management, protection, dissemination, generation and use of data in government decision-making and operations.

The memo dated Wednesday was signed by OMB Director Shalanda Young.

What Are the Functions of the CDO Council?

According to the document, the council should establish governmentwide best practices for the protection, dissemination, generation and use of data; promote data sharing agreements between agencies; and identify ways in which agencies can improve upon the production of evidence for use in policymaking.

The CDO Council should identify and assess new technologies to improve data collection and use and consult with the public and other stakeholders on how to improve access to the federal government’s data assets.

The council’s executive committee should submit to the OMB director an implementation plan for the re-established organization, including revisions to the June 2020 charter.

//
Steven Hernandez Named New CISO, Deputy CIO at USAID
Published on
Steven Hernandez Named New CISO, Deputy CIO at USAID

The U.S. Agency for International Development has appointed Steven Hernandez as its new chief information security officer and deputy chief information officer, bringing over two decades of IT security experience to the post.

In a LinkedIn on Tuesday, Hernandez announced his new government role, serving under current USAID CIO Jason Gray.

Federal IT and Cybersecurity Expertise

Before his new assignment, the new appointee held the same job at the Department of Education, where he managed a billion-dollar IT portfolio for more than seven years. Hernandez has also served as co-chair of the Federal Chief Information Security Officer Council since October 2018.

While serving at the Education Department, the new CISO played a key role in increasing the agency’s Federal Information Technology Acquisition Reform Act rating and achieving cyber excellence. Earlier, Hernandez was the Office of Inspector General CISO at the Department of Health and Human Services, occupying the post for over seven years.

Academic Credentials

Hernandez earned a master’s and bachelor’s degree in business administration, with a focus on information security, from Idaho State University. In December 2019, he completed a certificate in national and international security, international relations and national security studies offered by the Harvard Business School’s Executive Education wing.

/
Comments Sought on Proposed Rule on Controlled Unclassified Info
Published on
Comments Sought on Proposed Rule on Controlled Unclassified Info

The Department of Defense, NASA and the General Services Administration have begun soliciting comments on a proposed rule to implement the National Archives and Records Administration’s final rule on the Federal Controlled Unclassified Information Program as it relates to performance under federal contracts.

According to a notice published in Federal Register, public comments on the proposed rule, which was introduced as an amendment to the Federal Acquisition Regulation, are due March 17.

What Is the Purpose of the Proposed Rule?

The proposed policy seeks to introduce a new standard form to establish a uniform process for communicating the information contractors must manage and protect.

The rule identifies responsibilities and roles for agencies and contractors when controlled unclassified information, or CUI, is located on federal information systems within a government facility or resides on or transits through vendors’ data systems.

It also includes two new clauses and a provision to facilitate contractor reporting and compliance responsibilities in federal solicitations and contracts.

Questions for Respondents

DOD, NASA, and GSA are asking commenters about specific situations in which their organizations will be required to report on different timelines to comply with the CUI incident reporting requirements outlined in the proposed rule.

Responders can also provide additional guidance or information they view as necessary to effectively comply with the rule.

/
DOE Announces $625M Funding Opportunity for QIS Research Centers
Published on
DOE Announces $625M Funding Opportunity for QIS Research Centers

The Department of Energy’s Office of Science has announced the availability of $625 million in funding to establish national research centers to help accelerate advances in new quantum-based technology platforms to support the development of capabilities in quantum information science, or QIS.

DOE said Tuesday the funding opportunity is open only to the department’s national laboratories.

Pre-proposals are required and are due March 12.

DOE set a June 4 deadline for final proposals.

What Is the Purpose of the National QIS Research Centers?

The proposed National QIS Research Centers will deliver tech prototypes, capabilities, and other breakthroughs that can be further developed into new resources or capabilities in support of the QIS research and development community.

The centers will integrate basic research, engineering, technical development and other innovations in a co-design framework.

Technical Areas of Interest

The centers will focus on several technical areas, including quantum computing and simulation, quantum communications, quantum devices and sensors, quantum foundries and materials, and chemistry for QIS systems and applications.

Each technical area has subtopics. Under quantum communications, subtopics include fundamental limits on information transfer in quantum systems; tools and techniques to address transduction and network integration; and facilities to support network development and testing.

//
NASA Launches Science & Technology Moon Mission
Published on
NASA Launches Science & Technology Moon Mission

NASA has launched Blue Ghost Mission 1 aboard a SpaceX Falcon 9 rocket from Launch Complex 39A at the Kennedy Space Center in Florida on Jan. 15. It is expected to land on the Moon on March 2.

Blue Ghost Mission 1 Objectives

The agency said Wednesday the mission, Firefly Aerospace’s first Commercial Lunar Payload Services flight for NASA, is bringing scientific and technology demonstrations to the Moon to gain insights into its environment. The mission also aims to test and assess technologies that will enable Artemis astronauts to land safely on the Moon to conduct lunar exploration. Furthermore, the Blue Ghost mission is meant to determine the possible effects of space weather on Earth.

10 NASA Science and Technology Instruments

NASA intends to evaluate and demonstrate several technologies on the lunar surface. Some of the tests will involve drilling on the Moon’s surface, collecting regolith or lunar rocks and soil samples, using navigation satellite systems, implementing radiation-tolerant computing and mitigating lunar dust.

The 10 NASA payloads included in the mission are:

  • Lunar Instrumentation for Subsurface Thermal Exploration with Rapidity of Texas Tech University 
  • Lunar PlanetVac of Honeybee Robotics  
  • Next Generation Lunar Retroreflector of the University of Maryland
  • Regolith Adherence Characterization of Aegis Aerospace 
  • Radiation Tolerant Computer of Montana State University 
  • Electrodynamic Dust Shield of NASA’s Kennedy Space Center 
  • Lunar Environment heliospheric X-ray Imager of NASA’s Goddard Space Flight Center, Boston University and Johns Hopkins University 
  • Lunar Magnetotelluric Sounder of Southwest Research Institute
  • Lunar GNSS Receiver Experiment of NASA Goddard, Italian Space Agency
  • Stereo Camera for Lunar Plume-Surface Studies of NASA’s Langley Research Center 

NASA Deputy Administrator Pam Melroy, a 2023 Wash100 Award winner, said “This mission embodies the bold spirit of NASA’s Artemis campaign – a campaign driven by scientific exploration and discovery. Each flight we’re part of is a vital step in the larger blueprint to establish a responsible, sustained human presence at the Moon, Mars and beyond.”

/
CISA Playbook Offers New Microsoft Cloud Logs for Cybersecurity
Published on
CISA Playbook Offers New Microsoft Cloud Logs for Cybersecurity

Public and private sector users of the standard Microsoft Purview Audit can now access new logging capabilities designed for cybersecurity through the Microsoft Expanded Cloud Log Implementation Playbook that the Cybersecurity and Infrastructure Security Agency released Wednesday. The log capabilities were previously accessible to Audit Premium subscribers only, CISA said.

The guidance was released in partnership with the Office of Management and Budget, the Office of the National Cyber Director and Microsoft, the agency added.

Through the 60-page playbook, users can familiarize themselves with each of the Microsoft cloud security logs introduced in the guidance and their operationalization to support threat detection and incident response. 

Microsoft 365 Logs Navigation

The guidance also provides scenario-based approaches to help analyze the common tactics used in identity theft attempts. In addition, users can learn from the playbook’s best practices on navigating Microsoft 365 logs for their effective use in cyber defense. 

The logging capabilities in the playbook focus on enabling users to perform forensic and compliance reviews by checking critical areas, including sent and accessed mail and search activities in SharePoint Online and Exchange Online.

Cybersecurity Tools and Resources

CISA Director Jen Easterly, a Wash100 awardee, described the playbook as a “valuable resource” and acknowledged the support of Microsoft and government partners in its release. “We are pleased to see this progress and continue work to ensure greater adoption of Secure by Design principles,” she added.

Candice Ling, Microsoft Federal senior vice president and a Wash100 winner as well, noted that the guidebook not only provides tools but also resources for cybersecurity.

“Microsoft remains committed to partnering with the federal government to prioritize security above all else,” she said.

/
New Report Tackles Supply Chain Illumination at DOD
Published on
New Report Tackles Supply Chain Illumination at DOD

Since 2022, the Department of Defense has taken multiple steps and made progress in supply chain illumination, or SCI, a process that provides visibility into and transparency regarding the entities, products, parts and raw materials comprising one’s supply chain, according to a report released recently by the Defense Business Board.

Why Is Supply Chain Illumination Necessary?

Such visibility is necessary in light of the complexities of modern supply chains, evolving threats and geopolitical disruptions, the report said. Through supply chain illumination, the DOD can work to identify risks and mitigate them and thereby ensure national security and operational readiness.

Leadership Alignment in SCI

Despite the progress made, six areas remain where the DOD can further improve, according to the report. First, the agency must work to ensure that leaders at all layers incorporate strategic supply chain illumination objectives into their respective operational practices.

Centralizing SCRM Data Management

Second, directives must be updated in order to empower the centralization of supply chain risk management, or SCRM, data governance, management and integration. Decentralization undermines not only supply chain illumination but also the DOD’s ability to generate actionable insights.

Outcome-Driven Approach to SCI

Third, the DOD should shift to a more focused, outcome-driven approach to illumination. The agency’s broad-based approach to enterprise-wide visibility slows down the securing of essential supply chain nodes due to the prioritization of comprehensive datasets over the addressing of critical risks.

Need for Standardization

Fourth, the DOD should establish standardized practices for Digital Bills of Materials and Software Bills of Materials. The lack of such standards undermines the ability to trace suppliers. The agency should also establish a defined technology stack, whose absence slows progress in supply chain modernization and illumination.

Capacity-Building

Fifth, agency expertise and capacity in supply chain illumination techniques and tools must be built up. The same is true for systems integration, advanced analytics and emerging technologies. The shortage of talent in these fields limit the agency’s ability to modernize and deploy modular supply chain technologies.

SCI Vision

Finally, a cohesive long-term vision for supply chain illumination must be formulated. The lack of forward planning for SCI limits the DOD’s ability to adapt to evolving supply chain challenges.

1 131 132 133 134 135 2,621