Christopher Krebs, undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate, has said the NPPD aims to delve into the roles of various private industries in critical infrastructure, Federal News Network reported Thursday.

He noted during a Unisys-hosted event that the NPPD seeks to understand the functions and offerings of different industry sectors before collaborating with them for cybersecurity purposes through the National Risk Management Center.

“One of the mottos is: ‘We’re going to do big things here, but we’re going to build on small things to get to those big things’,” Krebs added.

The center will initially house partnerships with the finance, telecommunications and energy industries to address existing and potential concerns in cybersecurity.

The NRMC will eventually expand to host collaborations with a total of 16 private industries.

Meanwhile, the NPPD also plans to look into the public’s confidence in the government’s cybersecurity efforts for the upcoming elections as a 2018 Unisys Security Index indicated that some Americans would refuse to vote due to cyber issues.

Krebs said there is a need to address the psychosocial side of cybersecurity as it has become a “destabilizing threat sector” to the U.S. government and democracy.

The Department of Homeland Security has published a research strategy that identifies capability gaps affecting the integrity of U.S. data infrastructure, Nextgov reported Thursday.

The document, prepared by the DHS Science and Technology Directorate, points out multiple cybersecurity topics or themes where private or public researchers can focus their efforts.

One such area of research involves ensuring the accountability of supply chain firms for security lapses.

The DHS S&T Directorate said that “[there] is growing support for the contention that supply chain actors… should bear the costs imposed by insecure devices.”

However, the directorate also acknowledged that “[it] can be quite challenging to assign responsibility in the context of systems comprised of devices and software from numerous vendors and assets.”

To address such challenges, the authors of the document listed multiple possible research objectives, including modeling mechanisms that would incentivize technology firms to prioritize security when developing products or services, and analyzing the applicability of existing laws in holding firms responsible for security breaches.

U.S. Air Force Secretary Heather Wilson has said the service aims to increase the readiness capability of 204 of 312 operational squadrons to 80 percent by 2020, Defense News reported Friday.

Wilson noted at the Airlift/Tanker Association’s annual symposium that the selected units are more capable of facing the “high-end fight” while the remaining 108 will possibly reach their readiness capability target by 2023.

The second batch of mission capable squadrons will possibly include operators of the Air Force’s fleet of fourth- and fifth-generation fighter and bomber aircraft and command, control, communications, computer, intelligence, surveillance and reconnaissance missions.

Wilson added that the service is boosting its mission capability rate to eliminate the mindset that low readiness is acceptable due to budget constraints.

“Years of shortages of parts and budgets that were inadequate, I think have made us a little bit accepting, perhaps too accepting and complacent,” she noted.

The Air Force official also stressed that there is a need for the service to change its mindset on readiness as maintenance funds increase.

The Energy Department‘s office of inspector general has recommended strategies to secure DOE information systems and data after identifying vulnerabilities during to a fiscal 2018 evaluation.

OIG said in a report published Oct. 19 it found lapses in vulnerability and configuration management, access controls, web application integrity, security control testing, privacy awareness training and cybersecurity approaches at certain DOE sites.

The department oversees many laboratories and plants that rely on IT networks and systems to address national security, research, development and environmental management efforts.

According to the report, DOE faces various malicious threats each year that seek to steal data or hack into information systems that support its missions.

The inspector general recommended that the department identify, prioritize and track the developments of efforts aiming to address identified cybersecurity risks.

OIG conducted the audit to determine the effectiveness of the department-wide unclassified cybersecurity program, as mandated by the Federal Information Security Modernization Act of 2014.

The Energy Department has introduced a program to explore technologies and strategies to address the country’s water security, cost and safety challenges.

DOE said Thursday it partnered with the Environmental Protection Agency on the Water Security Grand Challenge that will include competitions and funding opportunities for early-stage research and development efforts aimed at increasing access to clean water by 2030.

The program’s goals include developing desalination technologies; transforming wastewater from the energy sector and municipal entities into a resource; achieving near-zero water impact from thermoelectric power plants; and establishing small modular energy-water systems for various mission such as national security and disaster response.

DOE added it intends to collaborate with other government entities and companies to meet the objectives.

The department issued a request for information earlier this year to gather public input on how to address water-related problems through competitions.

Roberto Guerrero, deputy assistant secretary of the U.S. Air Force for operational energy, has said the service should build up readiness and combat capability against potential adversaries through comprehensive collection and analysis of data related to operational energy use.

“By collecting flight data across all aircraft and missions, measuring fuel use and other operational parameters, and analyzing how we equip our ranges and conduct training, we can better understand operational and logistical challenges,” he wrote in a Defense News commentary published Thursday.

He noted how a data algorithm-based tool, Jigsaw, has helped the Air Force manage aerial refueling operations.

Guerrero called on all major commands to advance collaboration to improve the collection and analysis of flight data as the service aims to keep its competitive edge against enemies.

“Better operational data collection means better operational analysis — and better operational analysis means increased readiness and greater lethality,” he added.
 

The Defense Department’s digital service team has unveiled a new workspace in Augusta, Ga., to allow service personnel and civilians to work together on cyber capabilities.

DoD said Thursday the Tatooine workspace marks the expansion of Defense Digital Service’s partnership with Army Cyber Command on a pilot program that seeks to support and cultivate technical talent within ARCYBER through collaboration with DDS’ tech professionals with industry experience.

“Tatooine will be a beacon for technical talent across the military – a place to write code and solve problems of impact,” said Chris Lynch, DDS director.

Through the new workspace, DDS experts and soldiers will take part in pilot programs that aim to detect cyber threat actors on DoD networks, redesign training for cyber military personnel and develop systems designed to detect hostile drones.

Tatooine at Georgia Cyber Center will provide pilot teams a space to collaborate and support other technical programs such as the Civilian Hiring as a Service Pilot and the Hack the Army bug bounty initiative.