//
DHS Evaluates Tech Used to Create Digital Content Forgeries
Published on
DHS Evaluates Tech Used to Create Digital Content Forgeries

The Department of Homeland Security has released a report exploring the technologies used to develop and propagate digital content forgeries and how foreign governments and nongovernmental organizations can use such technologies to weaponize such forgeries.

DHS said Friday the report discusses the potential risks and harms of artificial intelligence-synthesized fake media on homeland security missions.

The 99-page document, titled Impacts of Adversarial Use of Generative AI on Homeland Security, also describes risk-reduction strategies to mitigate risks from digital forgeries.

Key Technical Observations and Considerations

The report presents eight key technical observations and considerations: convenience and security; multipronged mitigation approaches; threats of tomorrow; AI software; AI hardware and the AI race; technical intelligence; artificial general intelligence milestones; and whole of government responses.

For multipronged mitigation approaches, the report offers some key observations relevant to the design of a risk reduction strategy.

These include the need for other methods to prevent the spread of deepfakes and the role of human training and automated contextual analysis tools in detecting deepfakes.

/
Andrew Merkle Named R&D Head at Johns Hopkins Physics Lab
Published on
Andrew Merkle Named R&D Head at Johns Hopkins Physics Lab

Andrew Merkle has been selected as the new head of the Research and Exploratory Development Department, or REDD, at the Johns Hopkins Applied Physics Laboratory.

The Laurel, Maryland-based organization said Monday Merkle will spearhead the department’s innovation advancements.

Andrew Merkle’s Career

Merkle has spent almost 25 years at John Hopkins APL. He most recently served as the mission area executive for REDD. In this role, he was responsible for the creation of research programs on national security, including the use of artificial intelligence to accelerate scientific discovery, the development of new technologies to strengthen climate security and the implementation of biotechnologies for national security and health.

He also held the position of program area manager for research, principal researcher and program manager. Merkle also served for eight years as a senior researcher for biomechanics & injury mitigation systems. He joined the JHU APL in 2000 as an associate researcher and biomechanical engineer.

Before working for the research and development center, Merkle taught biomechanics at the University of Maryland at College Park for three years.

In addition, the executive is currently the chair of systems engineering in Johns Hopkins University’s Engineering for Professionals program.

Ralph Semmel, director at APL, remarked, “Andrew’s dedication to mission-focused R&D, broad technical expertise and strong leadership have led to new capabilities that address some of the most critical challenges facing our nation. In his new role, he will drive transformative research and continue to position APL at the forefront of innovation.”

//
BIS Outlines Rules Framework for Advanced AI Models, Chips Distribution
Published on
BIS Outlines Rules Framework for Advanced AI Models, Chips Distribution

The Bureau of Industry and Security has adopted three strategies to regulate the distribution of advanced computing chips and artificial intelligence models and prevent malicious actors’ access to advanced U.S. technologies in AI and semiconductors.

The first strategy calls for requiring authorizations for exports, reexports and in-country transfers of advanced computing chips. The strategy’s framework also defines certain exemptions on licenses and authorizations to ensure that risk-free commercial chip deals proceed and AI benefits are widely shared, BIS said Monday. 

The exceptions on advanced computing chips will cover a selection of U.S. allies and partners. Also exempted are supply chains in the chip export transfers for semiconductor development, production and storage, but excluding shipments to countries under U.S. arms embargo. In addition, the license exception will apply to low-volume chip transfers outside of the arms-embargoed countries.

Controls Based on AI Computational Weights 

The second strategy in the BIS framework requires export authorizations on AI model weights from 10^26 and above. The control also applies to certain computational model weights for AI developed abroad using advanced U.S. semiconductors or equipment. Exceptions to the rule include open-weight AI models deployed by entities based in the United States or in allied countries.

The third step in the BIS strategic framework calls for instituting security measures to protect the storage of advanced U.S. AI models and microchips overseas and mitigate the risk of the technologies’ diversion to U.S. adversaries.

Commerce Secretary Gina Raimondo noted that national security risk management also needs to consider AI evolution and U.S. allies’ desire to share in the technology’s benefits.

“This policy will help build a trusted technology ecosystem around the world and allow us to protect against the national security risks associated with AI, while ensuring controls do not stifle innovation or U.S. technological leadership,” she said.

/
NAVSEA Publishes Enterprise Strategy to Enhance Readiness
Published on
NAVSEA Publishes Enterprise Strategy to Enhance Readiness

The Naval Sea Systems Command has published an enterprise-wide strategy to better align the organization’s operations to support the Chief of Naval Operations’s Navigation Plan for America’s Warfighting Navy. NAVSEA said Monday that its enterprise strategy was developed following a period of self-assessment with the goal of making the entire organization better in the long run.

Five Lines of Effort

The strategy introduces five lines of effort in line with CNO Adm. Lisa Franchetti’s North Stars for the Navy, which are strategic focus areas that aim to close service gaps in warfighting capabilities. The strategy sets the goal of achieving “readiness for sustained high-end joint and combined combat by 2027.”

The five LOEs are:

  1. To accelerate force generation to support the delivery of ships and combat systems
  2. Generate readiness for the maintenance, modernization and sustainment of military platforms
  3. Capture and use data to encourage innovation
  4. Attract, retain and grow the workforce
  5. Strengthen the NAVSEA foundation by enhancing critical infrastructure.

According to Vice Adm. Jim Downey, commander of NAVSEA, the organization has made changes to improve operations. 

“Nothing was off the table when we started this process last May,” the official commented, “and since then, we’ve realigned departments, merged similar functions, and streamlined command operations to enable greater focus on these lines of effort.”

Improving Navy Readiness

The CNO published the Navigation Plan for America’s Warfighting Navy in September to guide efforts in preparation in case of a war with China and to ensure the service’s long-term advantage against adversaries. 

The plan includes the “Project 33” initiative, which identifies measures such as adding robotic and autonomous systems to the force and reducing delays in ship maintenance. 

/
NCCoE Seeks Public Input on Draft Ransomware Risk Guidance
Published on
NCCoE Seeks Public Input on Draft Ransomware Risk Guidance

The National Cybersecurity Center of Excellence has released an initial public draft of “Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile” and is calling for feedback on the publication.

Managing Ransomware Threats

Also known as NIST Interagency Report 8374, the publication is meant to help readers evaluate whether their organization is prepared to counter ransomware threats, mitigate the effects of a ransomware event and develop a ransomware countermeasure playbook, the National Institute of Standards and Technology said Monday.

The publication, which was developed with the help of industry partners, can also be used by readers to identify areas where they could improve their organizations’ defenses against ransomware.

NIST IR 8374 reflects changes to Cybersecurity Framework 1.1 that are now part of CSF 2.0. These changes include objectives that support the management, detection, response to and recovery from ransomware events.

Input From the Public

Concerning public feedback, NIST is interested in determining which parts of the publication are helpful and which need to be improved. Of particular interest to NIST is determining which types of prioritization and control baselines are helpful.

The agency is also interested in finding out about other resources related to ransomware risk mitigation.

Interested parties have until March 14 to provide feedback. Respondents may also provide general feedback regarding the publication.

/
Sean Gainey Reveals USASMDC Future Plans
Published on
Sean Gainey Reveals USASMDC Future Plans

Lt. Gen. Sean Gainey, commanding general of the U.S. Army Space and Missile Defense Command, has announced the future plans of the USASMDC.

The Army said Monday the command is focusing on modernizing the Army’s air and missile defense strategy and has identified three immediate priorities to achieve this goal. This includes the establishment of an Army space branch, advancement of the missile defeat concept and provision of support for the Ronald Reagan Ballistic Missile Defense Test Site.

Air and Missile Defense Modernization

Gainey, also commander of the Joint Functional Component Command for Integrated Missile Defense, led efforts to update the Army’s air and missile defense strategy through the Integrated Air and Missile Defense Strategy 2040. Expected to be released in September, the revised strategy aims to address evolving and emerging threats.

Army Space Branch

The USASMDC is planning to create a space branch within the Army that will enable the command to retain experts with critical skills.

“Space capabilities are integrated into every aspect of modern warfare and play a significant role in successful multidomain operations,” said Gainey. “It’s USASMDC’s job to plan for the establishment of the space branch and to advocate for its implementation.”

Missile Defeat Concept

As JFCC IMD commander, Gainey can advance the missile defeat concept. His goal is to leverage active, attack and passive operations to achieve a holistic approach to missile defense.

Reagan Ballistic Missile Defense Test Site

The initiative to modernize air and missile defense is connected to the Reagan Test Site on Kwajalein Atoll in the Marshall Islands. By modernizing the RTS and its facilities, the test site will be able to provide enhanced capabilities to Space Command and Space Force.

/
NSA, Partners Share Guidance for Selecting Secure OT Products
Published on
NSA, Partners Share Guidance for Selecting Secure OT Products

The National Security Agency, together with the Cybersecurity and Infrastructure Security Agency and other partner organizations, has issued a guidance to assist operational technology owners and operators in selecting secure OT products.

Cybersecurity Information Sheet

The NSA said Monday the Cybersecurity Information Sheet, called “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators in the Selection of Digital Products,” outlines significant security elements needed to purchase OT products such as industrial automation and control systems. The CSI also includes questions to ask manufacturers.

Many OT products don’t have inherent security features or were not developed securely. These products are usually vulnerable to cyberattacks due to weak authentication, shared software weaknesses, limited logging, default settings, default protocols and default credentials.

According to the CSI, OT owners and operators should select products that feature vital security elements, such as:

  • Configuration management
  • Logging in the baseline product
  • Open standards, ownership
  • Protection of data
  • Secure by default
  • Secure communications
  • Secure controls
  • Strong authentication
  • Threat modeling
  • Upgrade tooling
  • Vulnerability handling

Aside from NSA and CISA, the other partner organizations include the FBI, Department of Energy, Environmental Protection Agency, Transportation Security Administration, European Commission, Australian Signals Directorate’s Australian Cyber Security Centre, Canadian Centre for Cyber Security, Germany’s Federal Office for Information Security, Netherland’s National Cyber Security Centre, New Zealand’s National Cyber Security Centre and the United Kingdom’s National Cyber Security Centre.

Dave Luber, director of cybersecurity at NSA, said, “The guidance not only helps owners and operators of critical systems secure their OT procurement lifecycles, it also sends a message to manufacturers to establish a more resilient and flexible cybersecurity foundation in their products.”

/
Deputy Defense Secretary Highlights 4 Priorities for Competition With China
Published on
Deputy Defense Secretary Highlights 4 Priorities for Competition With China

Deputy Defense Secretary Kathleen Hicks, a 2024 Wash100 awardee, has outlined a plan to be successful in strategic competition with China.

During a keynote address at the John Hopkins School of Advanced International Studies in Washington on Friday, Hicks spoke on the top four lessons she views as vital for staying ahead of China as one of the United States’ most significant competitors.

Focusing on Top Priorities 

With the department monitoring China’s attempts to build a modern military for the past 25 years, Hicks believes the DOD must focus on priorities like creating a strategy to battle China’s military. 

“So, [current defense policy makers] came into office determined to build on the progress of our predecessors — from both parties — and to unlock necessary changes,” Hicks said. 

“Senior decision makers must rigorously align ends, ways and means to ensure the strategy itself remains right and DOD can deliver on it,” she continued. 

Execution & Delivery

Throughout the intensifying strategic competition with China, the U.S. military has executed and delivered various capabilities.

“From day one, we’ve focused relentlessly on driving changes needed to outpace the PRC and ensure our enduring military advantage,” Hicks stated. “The result has been a more modernized, lethal, agile force across our capabilities, operational concepts, posture and much more.”

However, Hicks additionally highlighted China’s ability to be a “fast follower” and urged defense leaders to use discretion with strategies and efforts related to strategic competition.

Competitive Advantage 

Hicks emphasized how the nation’s strong network of allies across the world will serve as a competitive advantage over China. 

“Around the world, America’s friends and allies have been substantially contributing to the common defense … And when Beijing sees — as they did last year — navy ships from Canada, Germany and [other countries] peacefully sailing through the Taiwan Strait, they’re reminded that America is hardly the only democracy that wants to see stability and prosperity prevail over chaos and conflict,” Hicks said.

She went on to note that the DOD’s partnership with government, industry, academia and non-profits is also an advantage.

/
OPM Appoints Melvin Brown II as CIO
Published on
OPM Appoints Melvin Brown II as CIO

The Office of Personnel Management has promoted Melvin Brown II, deputy chief information officer, to CIO.

Brown announced his appointment in a LinkedIn post published Sunday.

He succeeded Guy Cavallo, who retired from federal service after over two decades in government.

Melvin Brown II’s Career Background

According to his profile on the professional networking site, he previously served as a director at the Small Business Administration before joining OPM as deputy CIO in 2021.

Brown spent nearly eight years at the Department of Homeland Security, where he served as a senior adviser to the Presidential Transition Office, program manager for the Supply Chain Management Initiative and program manager for the Performance and Learning Management System.

The U.S. Marine Corps veteran also served as chief of staff within the U.S. Citizenship and Immigration Services’ Office of Information Technology and program manager for the Knowledge Services Network at the Federal Aviation Administration.

He additionally served as an adjunct professor at the University of Phoenix for 14 years.

//
Marine Corps Issues Generative AI Guidance
Published on
Marine Corps Issues Generative AI Guidance

The U.S. Marine Corps has released new guidance on the development, deployment and use of large language models and other generative artificial intelligence technologies within the service branch, Breaking Defense reported Friday.

Guidance for GenAI System Owners, Developers

Unveiled in December, the USMC Guidance on Generative Artificial Intelligence states that GenAI system owners and developers should obtain appropriate approvals for processing classified and sensitive information in compliance with existing software and container security policy and develop processes to document the source and attributes of training data before building or fine-tuning a GenAI model.

They should also test and evaluate GenAI systems in a controlled environment to ensure that such tools operate as expected and provide transparency and explainability for model outputs as required.

Instructions for GenAI System Users

GenAI system users should “distrust and verify all outputs prior to use” and use their best judgment when determining whether to add a citation.

The guidance holds users responsible for the data they input into publicly accessible GenAI tools. Users should also adhere to cybersecurity, legal, operational security, information and classification policies.

Establishment of AI Task Forces

The document directs commands to establish AI task forces or cells to help evaluate existing and in-development GenAI tools for applicability for use within the military branch.

Commands should also come up with a list of forthcoming preferred GenAI systems aligned with common use cases as a reference for USMC organizations seeking to meet their mission requirements with GenAI platforms.

According to the guidance, commands should ensure that developers, system owners and users use appropriate risk assessment frameworks for GenAI systems.

1 233 234 235 236 237 2,720