The Centers for Medicare and Medicaid Services officials have concluded that no pertinent tax, health or banking information have been divulged during an Obamacare website hack early October, the Washington Examiner reported Friday.

The officials added that a portion of the healthcare.gov website, which was called the “Direct Enrollment pathway,” has already been back online.

CMS previously reported that data from around 75,000 people might have been endangered.

The information was lodged in a part of the Obamacare website that provides a direct link for customers to connect with agents and brokers selling health insurance.

 

The Department of Homeland Security aims to develop an approach for government chief information security officers to assign and compare risk scores to agency networks, Federal News Network reported Friday.

Jeanette Manfra, assistant secretary for the DHS’ cybersecurity and communications office, told the station in an interview the department will work with federal agencies to create an algorithm to identify information technology vulnerabilities through the next phase of the Continuous and Diagnostics Mitigation program.

“We do intend for it to be a tool for agencies to understand where they are and have a measureable way of demonstrating progress in a simpler to understand score,” Manfra added.

The report noted DHS intends for the risk scoring system to improve how the government manages network security vulnerabilities.

 

Brig. Gen. Steven Blaymaier, director of Air Mobility Command’s logistics, engineering and force protection, has said the C-130J military transport aircraft and the KC-135 refueling tanker are scheduled to enter the U.S. Air Force’s conditions-based maintenance program in 2019, Defense News reported Saturday.

CBM aims to increase mission-capable rates by predicting problems in aircraft components through the use of data analytics.

“As we move forward with conditions based maintenance plus (CBM+) and predictive analytics, we’ll be able to know by tail number which parts are going to fail on certain aircraft,” Blaymaier said in an interview at the Airlift Tanker Association symposium.

“It’ll be much more surgical [and] operational.”

He noted that the command will implement the CBM program for the KC-135 fleet in the spring of 2019 and C-130J by summer with plans to roll it out to other aircraft such as KC-10s and C-17s.

The service has fielded the CBM concept to AMC’s C-5 transport aircraft fleet and Air Force Global Strike Command’s B-1 bombers.
 

The Office of Management and Budget has issued an updated guidance that outlines new Continuous Diagnostics and Mitigation program requirements for agencies to comply with the Federal Information Security Modernization Act of 2014, FedScoop reported Friday.

The memo now directs agencies to submit justification should they choose to buy continuous monitoring tools and capabilities outside of the General Services Administration’s IT Schedule 70 CDM tools special item number, CDM Dynamic and Evolving Federal Enterprise Network Defense and other contract vehicles.

The justification should be submitted to the CDM program management office at the Department of Homeland Security, OMB resource management office and the federal chief information officer’s cyber team, according to the document signed by OMB Director Mick Mulvaney.

Under the guidance, CDM PMO will pay for licensing and maintenance costs of agencies’ cyber tools under the program’s one-year base term and first option year.

After the two-year period, agencies will be asked to fund the maintenance and operation of their CDM capabilities.

The memo requires agencies to include CDM-specific line items in their budget plans for fiscal 2021 and beyond.

The document also states the deployment of a federal dashboard to facilitate sharing of cyber threat data among agencies; FISMA reporting requirements and deadlines; and implementation of the Federal Cybersecurity Risk Determination Report and Action Plan.
 

Deputy Defense Secretary Patrick Shanahan has said drafting the budget for fiscal year 2020 calls for the Pentagon to “put the resources in place” in order to operationalize the national defense strategy.

“We are not going to reverse course on all that planning but we will build two budgets,” Shanahan said Friday at the Military Reporters and Editors conference in Arlington, Va.

The Defense Department plans to have two budget requests in place by Dec. 1 – a $733B spending plan and a $700B budget.

He told attendees the proposed “space force” will have three components: space operations; technology development for space operators; and headquarters to oversee resources and training.

Shanahan also noted that the space development agency will focus on capability development to ensure U.S. dominance in space.
 

The Department of Homeland Security’s Science and Technology Directorate and Pacific Northwest National Laboratory have facilitated a workshop focusing on the future of airport security.

Professionals in the aviation industry convened at the second annual Aviation Security Futures Workshop in Reston, Va., to address issues in various aspects of airport security as part of the Apex Screening at Speed program, DHS said Thursday.

Apex SaS Program Manager John Fortune noted that the project coordinates with the Transportation Security Administration to procure modern technologies to sustain aviation security in the short and long run.

The event also built on the first workshop held in September 2017, addressing issues in biometrics, human factors, big data, location and tracking technologies, autonomous vehicles and future airport design.

Lt. Col. Steven Webber, deputy chief of the Defense Threat Reduction Agency’s nuclear detection division and Jay Stanley, senior policy analyst with the American Civil Liberties Union’s Project on Speech, Privacy and Technology led discussions about innovation and civil liberty issues related to physical security.

DHS is planning to administer a third Aviation Security Futures Workshop in 2019.

Christopher Krebs, undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate, has said the NPPD aims to delve into the roles of various private industries in critical infrastructure, Federal News Network reported Thursday.

He noted during a Unisys-hosted event that the NPPD seeks to understand the functions and offerings of different industry sectors before collaborating with them for cybersecurity purposes through the National Risk Management Center.

“One of the mottos is: ‘We’re going to do big things here, but we’re going to build on small things to get to those big things’,” Krebs added.

The center will initially house partnerships with the finance, telecommunications and energy industries to address existing and potential concerns in cybersecurity.

The NRMC will eventually expand to host collaborations with a total of 16 private industries.

Meanwhile, the NPPD also plans to look into the public’s confidence in the government’s cybersecurity efforts for the upcoming elections as a 2018 Unisys Security Index indicated that some Americans would refuse to vote due to cyber issues.

Krebs said there is a need to address the psychosocial side of cybersecurity as it has become a “destabilizing threat sector” to the U.S. government and democracy.

The Department of Homeland Security has published a research strategy that identifies capability gaps affecting the integrity of U.S. data infrastructure, Nextgov reported Thursday.

The document, prepared by the DHS Science and Technology Directorate, points out multiple cybersecurity topics or themes where private or public researchers can focus their efforts.

One such area of research involves ensuring the accountability of supply chain firms for security lapses.

The DHS S&T Directorate said that “[there] is growing support for the contention that supply chain actors… should bear the costs imposed by insecure devices.”

However, the directorate also acknowledged that “[it] can be quite challenging to assign responsibility in the context of systems comprised of devices and software from numerous vendors and assets.”

To address such challenges, the authors of the document listed multiple possible research objectives, including modeling mechanisms that would incentivize technology firms to prioritize security when developing products or services, and analyzing the applicability of existing laws in holding firms responsible for security breaches.

U.S. Air Force Secretary Heather Wilson has said the service aims to increase the readiness capability of 204 of 312 operational squadrons to 80 percent by 2020, Defense News reported Friday.

Wilson noted at the Airlift/Tanker Association’s annual symposium that the selected units are more capable of facing the “high-end fight” while the remaining 108 will possibly reach their readiness capability target by 2023.

The second batch of mission capable squadrons will possibly include operators of the Air Force’s fleet of fourth- and fifth-generation fighter and bomber aircraft and command, control, communications, computer, intelligence, surveillance and reconnaissance missions.

Wilson added that the service is boosting its mission capability rate to eliminate the mindset that low readiness is acceptable due to budget constraints.

“Years of shortages of parts and budgets that were inadequate, I think have made us a little bit accepting, perhaps too accepting and complacent,” she noted.

The Air Force official also stressed that there is a need for the service to change its mindset on readiness as maintenance funds increase.