//
GAO: VA Still Needs to Address Cybersecurity Issues
Published on
GAO: VA Still Needs to Address Cybersecurity Issues


GAO: VA Still Needs to Address Cybersecurity Issues

The Government Accountability Office has found that the Department of Veterans Affairs still faces multiple cybersecurity challenges in the course of modernization.

VA must implement security controls to protect sensitive information, identify cybersecurity workforce needs, manage information technology supply chain risks and address known vulnerabilities, GAO said Thursday.

The department exhibited a lack of performance in financial reporting security reporting during fiscal year 2018, with deficiencies in access control, configuration management, contingency planning and other areas.

VA met six of 10 administration-imposed cybersecurity goals and holds one of 18 agency information security programs that inspector generals identify as ineffective.

A total of 46 GAO-issued recommendations still remain unaddressed by VA.

/
DARPA Pursues New Genetics Research Program to Improve Military Health
Published on
DARPA Pursues New Genetics Research Program to Improve Military Health


DARPA Pursues New Genetics Research Program to Improve Military Health

The Defense Advanced Research Projects Agency plans to invest in biotechnology research that applies genetic engineering to health monitoring. DARPA said Friday that its Detect It with Gene Editing Technologies or DIGET program aims to support medical response, elevate military care standards and prevent disease outbreaks and geopolitical effects.

The effort would inform medical officials on health threats across the globe to help the military conduct diagnoses and maintain physical readiness among troops. The agency intends to use a disposable, handheld pathogen-screening device and a multiplexed detector to address the program’s needs.

The multiplexed detector would work to simultaneously scan over 1K targets. Both tools are designed with adaptability to accommodate changing requirements.

DARPA will administer a proposer’s day event Dec. 11 in Atlanta to further inform interested parties about the program.

Navy to Name Two Arleigh Burke-Class Destroyers After Navy Veterans
Published on
Navy to Name Two Arleigh Burke-Class Destroyers After Navy Veterans


Navy to Name Two Arleigh Burke-Class Destroyers After Navy Veterans

The Department of the Navy will be naming two warships after the late Sen. Thad Cochran and the late Sen. Richard G. Lugar, both of whom are Navy veterans.

Cochran entered the U.S. Naval Reserve in 1959, the Navy said Friday. After completing his service three years later, he joined the staff of the Commandant of the Eighth Naval District was later promoted to Lieutenant. He also served for 40 years as a senator for Mississippi from 1978 to 2018

Lugar served in the Navy for four years, from 1957 to 1960. He was also an intelligence briefer for the chief of naval operations and received the presidential medal of freedom in 2013. In addition, he served Indiana as a senator for 36 years from 1977 to 2013.

Arleigh Burke-class warships, capable of moving at speeds over 30 knots, are equipped with missile defense weapons systems and operate in peacetime as well as times of crisis.

/
Stephen Whiting: Space Command to Transfer Space Traffic Mgmt Duties to Commerce Dept
Published on
Stephen Whiting: Space Command to Transfer Space Traffic Mgmt Duties to Commerce Dept


Stephen Whiting
Stephen Whiting

Maj. Gen. Stephen Whiting, commander of the U.S. Space Command’s Combined Force Space Component Command, said that plans are in place for the Department of Commerce to oversee space traffic management, Space News reported Sunday.

The department requested for $10M to establish an Office of Space Commerce to support the transition in fiscal 2020. The move comes after the Trump administration issued Space Policy Directive 3 mandating the department to handle basic space traffic management operations directly or through a partnership with a nongovernment entity.

Whiting noted at a Mitchell Institute event that the transfer of space traffic management responsibilities would allow Space Command to “focus on our military unique mission”. However, the department would still have to secure their resources to support the transition.

According to Whiting, an official from the department is meeting with 18th Space Control Squadron leaders at Vandenberg Air Force Base as part of the planned transition.

/
Eric Smith: Marine Corps Looking to Deploy Edge-Level AI, Machine Learning Capabilities
Published on
Eric Smith: Marine Corps Looking to Deploy Edge-Level AI, Machine Learning Capabilities


Eric Smith
Eric Smith

Lt. Gen. Eric Smith, commander of the Marine Corps Combat Development Command, said that artificial intelligence efforts should focus on collating large amounts of data to be used at the tactical-edge level, C4ISRnet reported Saturday.

Smith, also the deputy commandant for combat development and integration, told attendees an AFCEA event that integrating AI and machine learning into military systems must also involve connecting them to the internet to leverage a broader pool of information. He noted that platforms like the IBM Watson computer can conduct advanced AI and ML efforts due to their capacity for internet connectivity.

“You can’t do AI when the machine can’t learn from one pool of data,” he said.

According to Smith, the Marine Corps is looking for bandwidth and signtaure management capabilities that can help transmit data to Marine systems in the Philippines which may be surrounded by Chinese forces.

/
USDA Deputy CIO Francisco Salguero to Fill Chief IT Role at FCC
Published on
USDA Deputy CIO Francisco Salguero to Fill Chief IT Role at FCC

 

Francisco Salguero
Francisco Salguero

Francisco Salguero has been appointed to serve as chief information officer at the Federal Communications Commission, effective December, Fedscoop reported Friday.

He currently serves with the Department of Agriculture as deputy CIO, a role through which he leads enterprise services, infrastructure and other information technology-related activities. Salguero’s appointment continues his public service tenure of over 14 years. The newly appointed CIO holds over two decades of IT experience.

He joined USDA in 2005 as a project manager for the department’s Food Safety Inspection Service. Salguero will succeed John Skuldarek, who has been FCC’s CIO on an acting basis since May.

 

/
DoD Expects Seven Agencies to Get ‘Clean’ Opinions in FY 2019 Financial Audit
Published on
DoD Expects Seven Agencies to Get ‘Clean’ Opinions in FY 2019 Financial Audit


DoD Expects Seven Agencies to Get ‘Clean’ Opinions in FY 2019 Financial Audit

The Department of Defense announced the completion of its fiscal year 2019 financial audit and expects seven component agencies to receive “clean” or unmodified opinions. DoD said Friday that auditors validated the resolution of over 550 findings in FY 2019, which accounted for more than 23 percent of FY 2018 audit findings.

Audits of the department’s office of inspector general and the Defense Information Systems Agency are still ongoing and are expected to conclude in January. The Pentagon expects the IG office and the Defense Commissary Agency to receive clean opinions.

The five DoD entities that retained unmodified opinions in FY 2019 are the Military Retirement Fund, the Defense Finance and Accounting Service’s Working Capital Fund, U.S. Army Corps of Engineers-Civil Works, Defense Contract Audit Agency and the Defense Health Agency-Contract Resource Management.

Auditors found no evidence of fraud and did not discover any significant concerns with regard to payments made to military members or civilian personnel during the second department-wide annual financial audit.

The FY 2019 audit involved over 1.4K auditors who visited more than 600 DoD sites to evaluate the department’s more than $2.9T in total assets. The effort led to the issuance of more than 1.3K notices of findings and recommendations to DoD components as of Nov. 15.

//
Katie Arrington: DoD’s Cyber Certification Model Could Allow for Reciprocity With FedRAMP
Published on
Katie Arrington: DoD’s Cyber Certification Model Could Allow for Reciprocity With FedRAMP


Katie Arrington
Katie Arrington

Katie Arrington, chief information security officer for acquisition and sustainment at the Department of Defense, said DoD considers opening the Cybersecurity Maturity Model Certification initiative up for a reciprocity process with the General Services Administration’s Federal Risk and Authorization Management program to facilitate the transition, FCW reported Friday.

“I think that there’s a lot of reciprocity to be had there because it’s an investment that you’ve already made,” Arrington said Thursday a panel discussion at the CDM Summit. “The challenge is when we get certified you have to ensure for the CMMC, those POAMs, those plans of action are closed so that we can validate.”

The Pentagon issued in September a draft version of CMMC, which establishes cyber practices and standards meant to help the defense industrial base reduce exfiltration of controlled unclassified information.

Arrington noted that the department will require CMMC level 1 certification for majority of the 300K defense contractors. She said the CMMC accreditation body will hold its inaugural meeting on Nov. 19, Tuesday, and start training and certifying auditors in January.

DoD expects CMMC requirements to be included in requests for information by summer of 2020 and solicitations by fall, according to the report.

//
GSA, DOE Officials on Federal Efforts to Reduce Cyber Risks
Published on
GSA, DOE Officials on Federal Efforts to Reduce Cyber Risks


GSA, DOE Officials on Federal Efforts to Reduce Cyber Risks

The General Services Administration and the Department of Energy are launching initiatives to address cybersecurity risks, Federal News Network reported Friday.

Larry Hale, director of information technology security subcategory at GSA’s Federal Acquisition Service, said the agency is taking steps to ensure the security of products agencies procure from acquisition schedules.

“When a manufacturer doesn’t sell directly to the government, they usually have licensed resellers and I would encourage federal agencies to use those licensed resellers to reduce their risk of getting counterfeit or grey market goods,” Hale said. “We actively pursue reports of counterfeit technologies in the products that people buy from GSA. When we find out that vendors are selling counterfeit goods, we take action against them. We take them off the schedule. We shut them down. We involve law enforcement when appropriate.”

He noted that GSA collaborates with the Department of Defense and National Institute of Standards and Technology on supply chain risk management programs.

Emery Csulak, chief information security officer at DOE, said the department is adopting quantified risk management to reduce cyber risks.

“How can we evaluate whether or not a $1 million investment will give me a $1 million in reduced risk to do a modernization project or will it give me a $30,000 reduction in risk? You have to be able to have those conversations,” Csulak said at the 930Gov conference. “At Energy, we are looking at how historically we’ve spent a lot of time teaching the CFO or COO about how we talk about IT security, but we’ve barely scratched the surface of teaching security people about how to talk dollars, cents, probabilities and the exposure of that. We are embracing quantified risk management.”

/
Paul Cunningham: VA Making Progress on Improving Cybersecurity Posture
Published on
Paul Cunningham: VA Making Progress on Improving Cybersecurity Posture


Paul Cunningham: VA Making Progress on Improving Cybersecurity Posture

Paul Cunnigham, chief information security officer of the Department of Veterans Affairs, said the VA achieved modernization milestones and is working with the Department of Homeland Security to improve cybersecurity, Federal News Network reported Thursday.

Cunningham said that despite the VA’s recurring cybersecurity challenges, the department has made progress with implementing a centralized approach through its new Office of Quality, Process and Risk. He added that the department continues to achieve continuous diagnostics and mitigation program goals and deployed technologies designed to discover hardware assets on its network.

According to Cunningham, the VA has “a very strong relationship” with DHS and is working with the department on a 30-month “request for service” initiative that may help the VA deploy better identity and access management capabilities.

Cunningham’s comments come after the release of the VA’s Federal Information Security Management Act audit which cites cybersecurity as a pervasive problem for the department. VA’s Office of the Inspector General has also cited progress in the department’s cyber efforts, which include an initiative to update its cybersecurity and privacy strategy to cover National Institute of Standards and Technology requirements.

1 1,646 1,647 1,648 1,649 1,650 2,636