Eric Chewning, deputy assistant secretary for industrial policy at the Defense Department, has said he projects that DoD could address about 33 percent of the identified supply chain gaps within a year and deal with another third in the next few years, Defense News reported Friday.

DoD issued in October a White House-commissioned study that found approximately 300 risks in the U.S. defense industrial base.

Chewning told the audience at the U.S. Chamber of Commerce Friday that he considers the remaining issues in the report as “things that long term we’re going to have to manage, recognizing that new stuff is going to come in and things are going to pop out as we dynamically manage the industrial base.”

The report said those vulnerabilities include suppliers that have decided to exit the defense market, those that could disappear from the sector and foreign-owned suppliers that could potentially leave the market in a critical situation.
 

The Professional Services Council has provided a list of 20 recommendations in response to the Office of Management and Budget’s feedback request for its updated federal cloud strategy.

PSC classified its recommendations for the Cloud Smart strategy into several categories such as the transition from the Cloud First plan to the new strategy; security; procurement; workforce; and CIO Council actions, according to an Oct. 24 letter.

The letter written and signed by Alan Chvotkin, executive vice president and counsel at PSC, was addressed to Federal CIO Suzette Kent.

The council recommended the federal government direct agencies to prioritize the use of vendor-based platforms for information technology services and reiterate its commitment to assisting agencies to leverage U.S. innovation through increased adoption of commercial tech platforms.

For procurement, the administration should include in the Cloud Smart strategy OMB’s commitment to collaborate with Congress to adapt fiscal law to expedite IT modernization and cloud adoption; enable the strategy to encourage flexible contracting measures for the acquisition of cloud and complementary IT platforms; and leverage current budget flexibilities to speed up IT modernization.

The new strategy should encourage the Defense Department to update its Cloud Computing Security Requirements Guide and Defense Acquisition of Services policy to facilitate “reciprocal use of security authorizations, according to PSC.

The Department of Energy‘s National Nuclear Security Administration has posted updated reports highlighting the agency’s strategy to manage and protect the country’s nuclear stockpile.

The “Fiscal Year 2019 Stockpile Stewardship and Management Plan” report features information on programs aiming to extend the lifespan of warheads, the DOE said Thursday.

The report also tackles the 2018 Nuclear Posture Review‘s imposed policies.

Meanwhile, the “Prevent, Counter, and Respond—A Strategic Plan to Reduce Global Nuclear Threats” or NPCR report illustrates the agency’s framework to reduce and address nuclear terrorist acts that threaten the country.

Both reports also include insights on infrastructure modernization and strategic material management.

“NNSA began work immediately to implement this guidance, and these two reports reflect our commitment to maintaining a credible nuclear deterrent and to reducing the threat of nuclear proliferation and nuclear terrorism,” said Lisa Gordon-Hagerty, undersecretary for nuclear security and NNSA administrator.

The National Insider Threat Task Force, spearheaded by the attorney general and the Director of National Intelligence, is working on boosting information security efforts with the release of the Insider Threat Program Maturity Framework.

The National Counterintelligence and Security Center said Thursday the maturity framework aims to implement digital updates to help executive branch departments and federal agencies’ insider threat programs become more functional.

It was conceptualized in the fall of 2017 and vetted in the spring of 2018 by representatives from the Intelligence Community, Defense Department and federal partner insider threat initiatives.

NITTF was created in October 2011 via Executive Order 13587, which required the establishment of insider threat detection and prevention programs.

Researchers from non-profit think tank RAND Corporation have recommended that policymakers increase the use of technology in managing sensitive government information by mandating technological innovation in the field.

James Bruce, Sina Beaghley and W. George Jameson said in a report titled “Secrecy in U.S. National Security: Why a Paradigm Shift is Needed” that modern technologies can substantially enhance the secrecy framework employed by the U.S government.

Cutting-edge technology can be used “to support enhanced classification, secrecy protection and greater transparency,” the researchers stated in the recently-released study.

The authors noted, however, that funding and other incentives have been lacking, resulting in government technology falling behind and failing altogether, as in the cases of Edward Snowden and Chelsea Manning leaking sensitive government information to the internet.

Without the necessary advancements, technology can be “a source of harm if technological weaknesses enable foreign plundering of U.S. vaults of priceless information,” the researchers warned.

National Security Adviser John Bolton recently said that the U.S. budget deficit, at its current level, has national security implications, Defense News reported Friday.

Speaking at a recent event hosted by the Alexander Hamilton Institute, Bolton also commented that “when your national debt gets to the level that ours is, that it constitutes an existential threat to the society.”

Bolton went on to say that he expected reductions in discretionary spending but none in mandatory expenditures.

Last month, the Treasury Department and the Office of Management and Budget announced via a joint statement that, in fiscal 2018, the country had incurred a budget deficit worth $779B, or 3.9 percent of the country’s gross domestic product.

The FY 2018 deficit, driven in part by tax cuts, is the highest in six years.

The Government Accountability Office has recommended that the Defense Department further define the roles, responsibilities and methods for communication and collaboration for groups tasked to address challenges in the oversight for the nuclear enterprise.

The GAO said in a report published Thursday that the DoD still lacks clear standards that the Nuclear Deterrent Enterprise Review Group and nuclear command, control and communications oversight bodies can follow to resolve issues in U.S. nuclear operations and policies.

The department should also update its NC3 oversight guidance to help senior DoD officials internally organize resources and manage risks.

The new recommendations come after the GAO found that the DoD and military service branches such as the U.S. Air Force and Navy still have insufficient practices for overseeing the implementation of suggestions stated in the 2014 nuclear enterprise reviews and 2015 NC3 review despite making progress in the effort.

Then Defense Secretary Chuck Hagel formed the NDERG in 2014 to address concerns in resources, personnel, organization and enterprise policies needed to protect the U.S. nuclear enterprise.

Some cybersecurity experts have expressed their views on cyber strategies issued by the White House and the Defense Department in September, National Defense reported Thursday.

Daniel Charles, CEO and co-founder of Charles Bernard Ventures, said both strategies outline key initiatives, such as efforts to increase accountability among contractors and DoD’s move to prioritize partnerships with foreign allies to address future issues.

That “is something new that has been talked about quietly but hasn’t really ever come out in the light,” Charles, also a cybersecurity fellow at think tank New America, said of international collaboration.

Gary Shiffman, CEO of software firm Giant Oak, said budgetary changes and programmatic activities should follow the release of such strategies in order to effect change.

“At the national level, these kinds of high-level documents provide the top cover for the rest of government to follow in terms of … their future year planning and budgeting,” added Shiffman, a professor at Georgetown University.