/
NIST Updates Cybersecurity, Privacy Learning Program Guidance
Published on
NIST Updates Cybersecurity, Privacy Learning Program Guidance

The National Institute of Standards and Technology’s newly released Special Publication 800-50r1 (Revision 1) provides the federal government with updated guidance for developing and managing a robust cybersecurity and privacy learning program.

The first SP 800-50 revision integrates privacy with cybersecurity in the development of organization-wide learning programs; introduces a learning program concept that incorporates language found in other NIST documents; proposes an employee-focused cybersecurity and privacy culture for organizations; and incorporates guidance for using standard instructional design elements, maturity models and assessment approaches, NIST said Thursday.

Other changes include guidelines to integrate learning programs with organizational goals to manage cybersecurity and privacy risks and address the challenge of measuring the impacts of cybersecurity and privacy learning programs.

The SP 800-50r1 was informed by the fiscal year 2021 National Defense Authorization Act, the Cybersecurity Enhancement Act of 2014 and the NICE Workforce Framework for Cybersecurity.

Federal agencies must have security and privacy awareness and training programs under the Office of Management and Budget Circular A-130.

//
DLA Officials Underscore Value of Industry Partnerships
Published on
DLA Officials Underscore Value of Industry Partnerships

The Defense Logistics Agency must take advantage of the opportunities inherent in commercial technologies while working to manage the accompanying risks, according to U.S. Army Lt. Gen. Mark Simerly, the director of the agency.

Simerly made the remarks on Sept. 10 at the fifth annual Industry Collider Day, which underscored the importance of partnerships between government and the private sector, according to a news article posted Thursday on the DLA website.

“Our reliance on industry has always been foundational to our role in joint logistics,” Simerly said, adding that his agency works “as an interlocutor for industry,” translating for commercial providers the warfighting requirements of the military services.

The need for collaborating with industry was echoed by DLA Chief Information Officer Adarryl Roberts, who said it benefits improving the capabilities of the agency.

Roberts nevertheless emphasized the need for industry to understand the DLA’s mission and problem sets “and match the best technology solutions to those challenges.”

/
State Department Wants Contractors to Perform More Self-Assessments
Published on
State Department Wants Contractors to Perform More Self-Assessments

Vendor self-assessments have emerged as a potential measure to address the challenges associated with the Contractor Performance Assessment Reporting System, or CPARS process, but a State Department official said companies rarely submit those assessments, Federal News Network reported Thursday.

Self-assessment is “an incredibly underutilized tool. We would love to see more of it,” said Michael Derrios, the senior procurement executive at the State Department.

Derrios cited the lack of engagement between the government and vendor at the start of the contract performance and stressed the importance of continuous communication throughout the contract period’s duration to avoid surprises when CPARS ratings are finalized.

The dialog has to be happening throughout the year, and it’s almost like you have to be writing your CPARS the entire time with direct questions like, ‘How do you think this is going to play into CPARS ratings? You have to be that direct about the dialog,” he added.

/
US Army Awards BAE Systems $440M Contract to Supply Bradley Fighting Vehicles
Published on
US Army Awards BAE Systems $440M Contract to Supply Bradley Fighting Vehicles

The U.S. Army has awarded BAE Systems a $440 million contract modification to continue manufacturing Bradley Fighting Vehicles. 

Under the contract, BAE Systems will produce more than 200 Bradley A4 variants for the Army to replace some of the vehicles the government has given to Ukraine, the aerospace and security company announced Thursday.

Dan Furber, director of ground vehicle production for BAE Systems Combat Mission System’s business, said, “The Bradley Fighting Vehicle brings game-changing capabilities to the Army and our allied nations.”

The Bradley A4 vehicle is designed to advance mission performance and satisfy numerous functional requirements. The vehicle’s system is designed for optimum situational awareness, network connectivity and communication within the Army’s Armored Brigade Combat Team. 

It is meant to increase soldier safety and the equip with the ability to defeat oppositional forces in any environment.

“Because of the support for additional production of the modern Bradley A4 variant, this enduring capability continues to make a difference for troops all over the world, ensuring they have the firepower, mobility and survivability they need to achieve their missions,” Furber stated.

BAE Systems will continue developing the Bradley A4 vehicle across the company’s broad industrial network in Aiken, South Carolina; Anniston, Alabama; Minneapolis, Minnesota; San Jose, California; Sterling Heights, Michigan and York, Pennsylvania.

//
Jennifer Orozco Appointed Department of Air Force Deputy CIO
Published on
Jennifer Orozco Appointed Department of Air Force Deputy CIO

Jennifer Orozco , a U.S. Air Force veteran with a career spanning almost three decades, has been chosen as the new deputy chief information officer for the Department of the Air Force, the DAF Office of the CIO announced on LinkedIn Thursday.

In her new role, Orozco will assist the CIO in overseeing the Enterprise Information Technology, Data and Artificial Intelligence and Cybersecurity directorates and managing the office’s $17 billion budget and 20,000 personnel worldwide.

As deputy CIO, Orozco will oversee DAF’s information technology investment strategy, including data management, cloud computing and digital transformation. She is also tasked with safeguarding the department’s systems from cyber threats.

Orozco has served in various capacities in her 28 years with the Air Force and the Department of Defense.

Before her appointment, she was the director of security for special program oversight and information protection, in which she was responsible for protecting sensitive information, technologies and capabilities.

Orozco was division chief for security policy and oversight at the Office of the Administrative Assistant to the Secretary of Air Force and for the Strategy, Readiness and Force Development directorate of Security Forces before that.

//
CMS Wants Feedback on Impact of AI in Healthcare
Published on
CMS Wants Feedback on Impact of AI in Healthcare

The Centers for Medicare and Medicaid Services is soliciting information on current artificial intelligence capabilities that could enhance its program executions.

In a request for information posted on Monday, CMS said it seeks input on AI technologies that could inspire the workforce on AI capabilities and increase efficiencies within agency operations.

The government expects to receive submissions from healthcare companies, providers, payers and tech startups.

The input from interested parties should focus on discussing the impact of key AI functionalities in healthcare, including generative AI, diagnostics and imaging analysis, business automation, workforce enablement, direct-to-patient communication, robotic-assisted healthcare delivery and fraud detection.

In their submissions, the organizations should also outline their experience and describe how their AI technology would address risks and benefits.

CMS will then select organizations to demonstrate their AI products and services during a series of “CMS AI Demo Days,” which aim to educate the CMS community on AI products.

During the demo phase, the chosen organization will work with the agency’s technical panel and will prepare a 15-minute presentation of their products or services.

Interested parties should submit their questions before Sept. 27 and their capability statements by Oct. 7.

On Dec. 11, join the Potomac Officers Club’s 2024 Healthcare Summit to explore the transformative trends and innovations shaping the future of the healthcare sector.

CMS Wants Feedback on Impact of AI in Healthcare
/
Pentagon Establishes New Special Access Program Policy
Published on
Pentagon Establishes New Special Access Program Policy

The Department of Defense has released a directive establishing policy and providing governance structure for the management of all special access programs, or SAPs, across DOD.

The latest DOD Instruction, which took effect Thursday, outlines the responsibilities of the director of the DOD Special Access Program Central Office—or DOD SAPCO—the undersecretary of defense for research and engineering and USD for acquisition and sustainment, among other officials, for the oversight of SAPs.

The directive states that the director of DOD SAPCO should serve as the proponent for developing and implementing policies for SAP execution, management and governance and publish and maintain security classification guides, among other functions.

According to the document, the department will develop and apply SAP security protection to classified national security information in compliance with an executive order and other regulations to protect sensitive classified data related to advanced technologies and capabilities.

Kathleen Hicks, deputy secretary of DOD and a 2024 Wash100 awardee, approved the latest directive.

Register here to join the Potomac Officers Club’s 2024 Intel Summit on Sept. 19 and hear top U.S. intelligence community officials and industry executives discuss the challenges, innovation initiatives, opportunities and technologies shaping the future of American intelligence.

POC - 2024 Intel Summit
//
Army Advances FTUAS Program With Prototype Evaluations, Flight Demos
Published on
Army Advances FTUAS Program With Prototype Evaluations, Flight Demos

The U.S. Army has reportedly made significant progress with its Future Tactical Uncrewed Aircraft System, or FTUAS, program.

Two competitors — Griffon Aerospace and Textron Systems — completed the modular open system approach, or MOSA, conformance evaluations in May and later conducted flight demonstrations of their prototype aircraft, the Army announced Tuesday.

The FTUAS are intended to help brigade combat teams by providing reconnaissance and surveillance. The data they collect will enable the BCT commanders to make the right decisions during multi-domain operations.

The MOSA certification was done by replacing the hardware and software of the vendors’ prototype aircraft with the mission computer from a third-party surrogate. This allowed the independent assessor to determine the openness and modularity of the prototype.

During the flight demonstrations, held at the Army Redstone Test Center, the unmanned systems were evaluated based on their vertical takeoff and landing, on-the-move command and control, reduced acoustic signature, system integration, rapid emplacement and flight performance.

The FTUAS program is in accordance with the mission of the Program Executive Office for Aviation, particularly the Uncrewed Aircraft Systems Project Office, of modernizing the Army’s aviation fleet of crewed and uncrewed aircraft.

/
FedRAMP Should Expand Metrics to Include Assessment Reciprocity, MITRE Says
Published on
FedRAMP Should Expand Metrics to Include Assessment Reciprocity, MITRE Says

MITRE has released its response to a request for information issued by the Federal Risk and Authorization Management Program regarding a set of metrics meant to measure the end-to-end FedRAMP authorization experience.

Public input had been sought for those metrics with the aim of focusing and refining them, MITRE said Tuesday.

Input was solicited from a variety of stakeholders, including cloud service providers and third-party assessment organizations. Responses were to be submitted no later than Aug. 29.

For its part, MITRE recommended that the metrics be expanded to enhance the effectiveness of FedRAMP beyond cost and timeliness to include the streamlining of compliance and the reduction of redundant assessments.

Concerning the latter, MITRE specifically proposed that FedRAMP processes and metrics be revised to bring about “reciprocity-at-scale,” a concept that calls for the reuse of assessment information across risk management frameworks and assessment and authorization processes.

MITRE believes that through reciprocity, the government would be able to deploy secure cloud services faster by being able to recognize certifications and authorizations across varying frameworks, while service providers would be able to expand their services into new markets while enjoying savings from not having to undergo multiple certifications.

MITRE’s other recommendations include those concerning continuous monitoring and support for the adoption of quantum resistant cryptography and zero trust.

//
GSA’s 18F Issues De-risking Government Technology Guide 2.0
Published on
GSA’s 18F Issues De-risking Government Technology Guide 2.0

The 18F digital services agency within the General Services Administration’s Technology Transformation Services has released an updated guide to help federal, state and local government agencies reduce the risk of failure of government technology projects.

GSA said Wednesday the De-risking Government Technology Guide 2.0 includes an in-depth section on vendor management to help agencies manage the implementation of their tech projects and marks the first update since the document’s publication in 2020.

“The new section on vendor management adds even more value to a guide that’s already proven to be a useful resource across federal and state governments,” said TTS Director Ann Lewis

“Thoughtful acquisition of software requires collectively understanding existing systems, programs, and agency goals. The updated guide offers foundational knowledge that helps reduce cost, time, and risk during technology procurement, making service delivery more efficient and effective,” she added.

The updated guide offers modern software development best practices and information on 18F’s experience working with federal and state partners. It also combines the original document’s two parts: the Federal Field Guide and the State Software Budgeting Handbook.

The document covers topics such as the differences and tradeoffs between custom and commercial software, how to buy custom software development services using performance-based services contracting and key principles for effective custom software development.

1 199 200 201 202 203 2,608