Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and a 2020 Wash100 Award winner, said Russian interference in the 2016 presidential election has helped improve collaboration between DHS and the National Security Agency, CyberScoop reported Monday.

Krebs told attendees at the San Francisco CyberTalks on Monday that he has seen an improvement in information sharing in election security since 2016 driven in part by the formation of the Election Infrastructure Sharing and Analysis Center in 2018. He said the Center for Internet Security-run ISAC has helped DHS establish proper channels to help local and state government agencies perform risk assessment of their systems.

“Just having an ISAC — all 50 states, 2,400 jurisdictions — those sorts of things [make it so] we can continue to push information out. We can push out indicators on intrusion detection systems that we’ve been working with states on,” Krebs said.

Anne Neuberger, director of the NSA’s cybersecurity directorate and a fellow 2020 Wash100 Award recipient, joined Krebs at the event to discuss her agency’s efforts to facilitate sharing of data on cybersecurity vulnerabilities.

Stacy Bostjanick, director of the Cybersecurity Maturity Model Certification policy office within the office of the defense undersecretary for acquisition and sustainment, said the first batch of third-party assessment organizations should be available by late summer and that the Pentagon intends to finalize the assessment and training guides for CMMC in March, Federal News Network reported Monday.

She said the independent accreditation body will come up with training classes for third-party assessors between April and June and expects the first set of vendors to undergo the evaluation process by June or July in preparation for the first 15 procurements requiring the cyber standards.

“The accreditation body is working with us to develop training material to accredit third-party assessors. There will be a marketplace for them as they go through the two-week course and test for level 3 accreditor certifications,” Bostjanick said. “We also will have Defense Acquisition University training where we will be working with program managers and contracting officers so they understand what the different CMMC levels are and give them a layman’s guide to controlled unclassified information so program managers can figure out how to disaggregate the data and flow down the CMMC requirements.”

Bostjanick also warned vendors against fraudulent third-party CMMC assessors and cited plans for a new defense federal acquisition regulations notice for the new cyber framework.

Gen. David Goldfein, chief of staff of the U.S. Air Force and a 2020 Wash100 Award winner, told Defense News on Monday about his priority to link assets across the joint force to facilitate secure data sharing through the joint all domain command and control concept.

“Right now we’re really focused on making sure that my fellow joint chiefs truly believe that we have their equities covered,” Goldfein when asked about his plans for the JADC2 program. “What I want to do in these next few months is make sure that we get to a point where they’re comfortable. We’re not just paying lip service but are diving into this so that we’re moving forward as a joint team and not just an Air Force team.”

He noted that the service branch continues to stick to the goal of having 386 operational squadrons by 2030 to address the threats posed by Russia and China. “The 386 target is still the absolute viable target. And I shouldn’t back off the answer to the question just because we’re not able to afford it. It’s still the absolute answer to the question we got from Congress,” he added.

Goldfein discussed plans to retire legacy aircraft, the service’s new aircraft production lines and the increasing requirement for space capability. He also mentioned talks with defense industry CEOs through “issue dinners.”

The National Institute of Standards and Technology has issued its guidance on ensuring the security of government information housed in systems not owned and operated by federal entities.

The guidance, titled “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”, includes security recommendations for agencies seeking to ensure the confidentiality of CUI in systems that don’t operate under government oversight.

NIST noted that the guidance may be used to inform the development of requirements in contract vehicles and other agreements with commercial entities. Technologies covered by the guidance include components of nonfederal platforms that process CUI or provide protection for such data. 

According to the agency, protection of CUI is “of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential missions and functions.”

The Department of Health and Human Services has released a strategy that addresses the health information technology burden caused by excessive regulation.

The report, titled “Strategy on Reducing Regulatory and Administrative Burden Relating to the Use of Health IT and EHRs,” tackles regulation-caused burden on the electronic health record, HHS said Friday.

HHS also included recommendations made to help care providers provide IT-driven, patient-centric services with less focus on paperwork.

“We received feedback from hundreds of organizations and healthcare providers on this new burden-reduction strategy, and the input made clear that there are plenty of steps still necessary to make IT more usable for providers and maximize the promise of electronic health records,” said Alex Azar, HHS secretary.

The report focuses on the areas of health IT usability, reporting requirements and coordinated public health reporting.

HHS’ Office of the National Coordinator for Health Information Technology worked with the Centers for Medicare and Medicaid Services to construct the report as directed by the 21st Century Cures Act.

The Department of Education is beginning the second year of its effort to modernize information technology, with the focus now being consolidation, Federal News Network reported Thursday.

Jason Gray, chief information officer of the department, said he wants to decrease its amount of cloud service providers to address administrative overhead and avoid having so many contract officers.

“In terms of the future in continuing our modernization effort, we are looking at ways we can rationalize from a systems and software portfolio standpoint,” he told Federal News Network in an interview.

Gray aims to drop the department's current number of 25 cloud service providers in the effort's current phase.

The modernization strategy may last for up to eight years in total.

The U.S. Air Force and its partners have decommissioned a satellite that provided global weather data for over two decades.

The Defense Meteorological Satellite Program Flight 14 satellite performed more than 118K orbits throughout its operational life before the decommissioning on Feb. 11, Los Angeles Air Force Base said Thursday.

USAF's Space and Missiles Systems Center helped the U.S. Space Force and the National Oceanic and Atmospheric Administration conduct end of life operations at NOAA's Maryland-based Satellite Operations Facility.

DMSP Flight 14 leaves four remaining DMSP satellites that will continue data-gathering operations.

SMC is now contracted with Ball Aerospace for the development of technologies under the Weather System Follow-on – Microwave program, a new satellite effort that will also gather data on ocean surface wind.

WSF-M is scheduled to begin critical design review activities by the last week of March.