MITRE Offers Supply Chain Resilience Recommendations
Published on
MITRE Offers Supply Chain Resilience Recommendations

MITRE, a not-for-profit corporation offering defense and cybersecurity services, has made recommendations for the incoming administration on enhancing the resilience of the United States’ supply chains.

The company said Tuesday it has published a paper detailing the vulnerabilities of the supply chain. It has also identified the possible factors that will help build resilience in the nation’s complex, global supply chain systems.

Supply Chain Issues, Findings and Recommendations

Supply chains are crucial for the country’s economic prosperity, national security and public health. Supply chains need to be stable and reliable. However, they are vulnerable to disruptions. That is why it is necessary to enhance the supply chain’s resilience, or ability to bounce back from such disruptions.

To address these vulnerabilities, the cross-MITRE team evaluated the supply chain trends and gathered insights from federal government sectors, private industry and the research community.

The team recommends the government prioritize establishing and maintaining relationships with industry and international partners. It also suggests that supply chain diversity should be considered. Finally, MITRE believes that increasing the visibility of supply chain operations and participants will help promote resilience.

/
Trump Says He Will Nominate John Ratcliffe as Next CIA Chief
Published on
Trump Says He Will Nominate John Ratcliffe as Next CIA Chief

U.S. President-elect Donald Trump has selected John Ratcliffe as the next director of the Central Intelligence Agency, Reuters reported Tuesday.

Former Director of National Intelligence

Ratcliffe had served as representative of the 4th Congressional District of Texas during the 114th, 115th and 116th Congress. In 2020, he resigned to serve as director of national intelligence, a position he would hold until 2021, when Trump’s first term ended.

Ratcliffe’s nomination by Trump in 2020 for DNI was his second. Trump had sought to appoint him to the position in 2019 but members of Congress expressed concern regarding his relative inexperience. At the time, Ratcliffe was the House Intelligence Committee’s most junior member and had only served on the panel for six months.

Recent Professional Roles

More recently, Ratcliffe served as co-chair of the think tank Center for American Security. He also offered Trump advice regarding national security policy during his recent presidential campaign.

Regarding the nomination, the president-elect said in a statement, “I look forward to John being the first person ever to serve in both of our Nation’s highest Intelligence positions. He will be a fearless fighter for the Constitutional Rights of all Americans, while ensuring the Highest Levels of National Security, and PEACE THROUGH STRENGTH.”

//
Ann Lewis Steps Down as Division Director at GSA
Published on
Ann Lewis Steps Down as Division Director at GSA

Ann Lewis is stepping down as director of the Technology Transformation Services and deputy commissioner of the Federal Acquisition Service at the General Services Administration.

The agency said Tuesday Lewis will leave on Nov. 22 and Mukunda Penugonde, TTS deputy director, will assume the role of acting director of the division.

Lewis first joined GSA in December 2022 as director of TTS. She oversaw the agency’s digital services ensuring the delivery of technical services across multiple government agencies nationwide.

Ann Lewis’ Pre-GSA Career

The executive’s career spans two decades beginning with stints as a software engineer for Amazon, EcoInteractive, Rosetta Stone and various startups. She then served as director of engineering at Pedago and chief technology officer of MoveOn.org. 

Lewis also held the CTO role at Next Street before joining the Small Business Administration as senior advisor for technology and delivery. During her almost two years of service at SBA, she oversaw the agency’s technology strategy, modernization and capacity building efforts. She also supervised the delivery and technology strategy of the American Rescue Plan program.

GSA Administrator Robin Carnahan said, “Under Ann’s leadership, TTS has helped deliver better digital services to millions of Americans, all while keeping our values of secure, accessible and responsible technology top of mind.”

“We have grown, scaled and matured the organization and key programs like Login.gov and FedRAMP,” said Lewis. “Every day, we’ve shown that innovation is possible in government, and that we can pragmatically bring best practices and expertise from the private sector into government in ways that actually work and make government more effective.”

/
US, Allies Warn Against Zero-Day Vulnerability Exploits
Published on
US, Allies Warn Against Zero-Day Vulnerability Exploits

Enterprise networks with zero-day vulnerabilities were the main targets of malicious cyber actors in 2023, according to a joint cybersecurity advisory from U.S., Australian, British and New Zealand government agencies.

The advisory listed the top 15 common vulnerabilities and exposures, or CVEs, from last year and noted that 11 of them were initially exploited as a zero day, a system vulnerability unknown to its owner, developer and the general public, the National Security Agency said Tuesday.

Cybersecurity Best Practices

Jeffrey Dickerson, NSA’s cybersecurity technical director, warned network defenders that the malicious actors may continue to exploit such vulnerabilities until 2025. To prevent zero-day vulnerability attacks, he advised the defenders to be attentive to cybersecurity threat trends and act swiftly to ensure vulnerabilities are patched and mitigated.

Other recommendations include prioritizing secure-by-default configurations, implementing a centralized patch management system, using security tools and asking software providers about their secure-by-design programs to protect enterprise networks from cyberattacks.

NSA, the Cybersecurity and Infrastructure Security Agency, the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre and the United Kingdom’s National Cyber Security Centre are among the advisory’s authors.

/
DOD Approves Private 5G Network Deployment Strategy
Published on
DOD Approves Private 5G Network Deployment Strategy

The Department of Defense has signed a strategy covering the deployment of private 5G networks at military installations. Private 5G is expected to augment or supplement commercial 5G, the DOD said Tuesday.

Objectives of the Strategy

The strategy, titled DOD Private 5G Deployment Strategy, seeks to address three agency objectives. The first involves the DOD seeking to align private 5G infrastructure with the missions of each installation. The 2nd objective involves DOD seeking to accelerate the secure deployment of 5G, both commercial and private. The third objective involves the expansion of an open radio access network ecosystem.

Enabling DOD Modernization

The latest issuance, signed on Oct. 16, builds on prior agency guidance regarding 5G, namely the DOD 5G Strategy and the DOD 5G Strategy Implementation Plan. The technology’s implementation is seen as a key enabler of the agency’s modernization efforts and is expected to provide high-speed connectivity for mobile capabilities that address mission as well as quality of life needs.

Addressing Unique Installation Needs

The need for a strategy specific to private 5G networks stems from the recognition that commercial 5G might not always be able to address a facility’s specific requirements. Private networks can be tailored to meet such needs.

Additional implementation guidance and reference documents are expected to be issued in the coming months.

DOD Approves Private 5G Network Deployment Strategy

Join the Potomac Officers Club’s 2025 5G Summit, which will tackle various topics like 5G at the edge, how 5G supports the DOD’s CJADC2 efforts, 5G-powered warfighting capabilities and more. The event will take place on Feb. 27, 2025.

//
VA Issues RFI for Product Development Support Services
Published on
VA Issues RFI for Product Development Support Services

The Department of Veterans Affairs is seeking industry input on potential organizations to provide product development support for critical and non-critical applications and products in the department’s Vendor Resource Management, or VRM, product line that are meant to enhance new and existing veteran experience services.

According to the request for information posted on SAM.gov, the support services covers software development, product security management and information technology operations and maintenance services. The contracting party will also provide product and delivery management, systems architecture design, user research and feedback and user experience strategy. Further more, the potential contract will also include interaction design, accessibility analysis and mitigation of defects, integration support and data analytics.

VA’s Software Development Process

The department utilizes the DevSecOps software engineering approach that combines software development, security and software operation. This culture-based methodology promotes collaboration between businesses and IT organizations and streamlines the development, deployment and management of the company’s applications. In addition, the approach boosts the use of self-service tools and ideally allows the project team to have more control over their processes.

Benefits of Scaled Agile Framework

The Scaled Agile Framework, or SAFe, is a framework designed to enable the VA to provide services by utilizing lean, agile and DevOps principles and practices. By leveraging these practices, the VA, through its Office of Information and Technology, intends to deploy new systems and update existing ones.

Potomac Officers Club presents the 2024 Healthcare Summit, set for Dec. 11. Register now to explore the transformative trends and innovations shaping the future of the healthcare sector.

VA Issues RFI for Product Development Support Services
/
DLA Testing Tech to Address Data Interoperability Needs
Published on
DLA Testing Tech to Address Data Interoperability Needs

The Defense Logistics Agency is testing artificial intelligence and other emerging technologies to determine how they can address data interoperability challenges among agencies as part of its efforts to improve logistics operations in contested environments.

In partnership with the U.S. Transportation Command and the U.S. Army, a research and development initiative has begun to test the integration of legacy systems and new technologies such as blockchain networks, and their applications in various use cases, including data sharing capabilities and shipment tracking, DLA said Tuesday.

Senior leaders from TRANSCOM and DLA met at the McNamara Headquarters Complex on Thursday to discuss contested logistics environment, supply chain resiliency and data interoperability challenges.

During the meeting, DLA Director Army Lt. Gen. Mark Simerly highlighted the need for the agency to think, act and operate differently in response to the logistics challenges and the evolving needs and priorities of warfighters.

What Are the Benefits of Data Interoperability?

According to Simerly, the ability to make good decisions in using data will help resolve problems by enhancing relationships with customers, suppliers and whole-of-government partners and improving interaction with technological tools.

DLA Chief Information Officer Adarryl Roberts, who was also present at the meeting, called for the creation of data standards and a platform that can meet the cybersecurity needs of the federal government to ensure data exchanges are more secure and manageable.

TRANSCOM has supported the DLA network optimization initiative by maximizing its data-sharing capabilities using its Next Generation Delivery Service, or NGDS. 

“The NGDS is reliable, fast and cost effective, but also increases warfighter readiness from competition through conflict,” said DLA Distribution Commander Navy Rear Adm. Michael York.

//
SSC Certifies Military GPS Receiver for Naval Field Testing
Published on
SSC Certifies Military GPS Receiver for Naval Field Testing

The Space Systems Command has certified the Military GPS User Equipment increment receiver card for the Arleigh Burke-class destroyer, reportedly marking an acquisition program baseline, or APB, milestone for the MGUE.

The Program Executive Officer for Military Communications and Positioning, Navigation and Timing cleared the MGUE aviation and maritime receiver card for naval field testing after its integration into the Navy’s GPS-based PNTS system and the resolution of testing identified in deficiency reports, the SSC said Tuesday.

MGUE Receiver Ready for Operational Fielding

Col. Matt Spencer, commander of PNT Systems Delta at SSC, said the PEO certification prepares the MGUE receiver for operational deployment, adding that the program’s achievement is “a keystone to our modern warfighting capability.”

According to the SSC, the completed APB milestone represents a step toward sustaining and improving an advanced PNT capability for U.S. military forces. The MGUE program develops modern military code form factors with enhanced anti-jam, anti-spoof and anti-tamper security features to provide a more secure and reliable GPS capability for warfighting operations.

About SSC

The SSC collaborates with joint forces, industry, government agencies, academic institutions and allied organizations to acquire and deliver resilient warfighting capabilities to protect U.S. strategic advantage in space.

/
NASA Awards 5 Institutions to Boost Sustainable Aviation
Published on
NASA Awards 5 Institutions to Boost Sustainable Aviation

NASA has awarded a total of $11.5 million to five organizations to develop sustainable aircraft designs.

The agency said Tuesday it will fund studies by four companies and one university through its Advanced Aircraft Concepts for Environmental Sustainability, or AACES, 2050 initiative. The commissioned studies involve aircraft concepts, technologies and designs with the potential to boost sustainable commercial aviation by 2050.

NASA-Funded Sustainable Aircraft Studies

The institutions that will receive funding from NASA have until mid-2026 to finish their studies. The five awardees and their plans are:

  • Aurora Flight Sciences, a Boeing Company, will focus on alternative fuels, propulsion systems, aerodynamic technologies and aircraft configurations.
  • Electra will utilize its distributed electric propulsion and aerodynamic design capabilities to develop innovative wing and fuselage integrations.
  • Georgia Institute of Technology will study alternative fuels, propulsion systems and aircraft configurations then utilize their Advanced Technology Hydrogen Electric Novel Aircraft to develop aircraft concepts.
  • JetZero will study the use of cryogenic, liquid hydrogen as fuel for commercial aviation to reduce greenhouse gas emissions.
  • Pratt and Whitney, a division of RTX Corporation, will explore various propulsion technologies to enhance thermal and propulsive efficiency, aiming to reduce fuel consumption and greenhouse gas emissions.

“Through initiatives like AACES, NASA is positioned to harness a broad set of perspectives about how to further increase aircraft efficiency, reduce aviation’s environmental impact and enhance U.S. technological competitiveness in the 2040s, 2050s and beyond,” said Bob Pearce, associate administrator for the Aeronautics Research Mission Directorate at NASA.

Nateri Madavan, director of Advanced Air Vehicles Program at NASA, added, “The proposals selected come from a diverse set of organizations that will provide exciting and wide-ranging explorations of the scenarios, technologies and aircraft concepts that will advance aviation towards its transformative sustainability goals.” 

/
NIST Readies Post-Quantum Cryptography Roadmap
Published on
NIST Readies Post-Quantum Cryptography Roadmap

The National Institute of Standards and Technology is soliciting public comments on the first draft of its report describing how the agency will manage and guide the transition to cryptography standards less vulnerable to attacks from a quantum computer. 

The 22-page draft report, titled “Transition to Post-Quantum Cryptography Standards,” pinpoints the current quantum-vulnerable cryptographic standards and existing quantum-resistant algorithms proposed for deployment in the migration, NIST said Tuesday. 

The report is designed to serve as a roadmap for federal agencies, industry and standards organizations for migrating IT products, services and networks to post-quantum cryptography, or PQC. 

Digital Signature Candidates

Among the steps that it provides are migration considerations as to use cases in code signing and user and machine authentication, as well as PQC hybrid digital signature techniques. In October, NIST announced 14 candidates to advance the second round of additional digital signatures for the PQC standardization process.

NIST will use the comments on its report draft to revise its PQC transition plan and other similar algorithm- and application-specific migration roadmaps. The deadline for comment submission, sent through the pqc-transition@nist.gov e-mail, is on Jan. 10, 2025. 

1 168 169 170 171 172 2,619