/
Jen Easterly Says Federal Computer Software Manufacturing Should Improve
Published on
Jen Easterly Says Federal Computer Software Manufacturing Should Improve

Due to a recent surge of cybersecurity infiltrations, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, believes the technology industry must advance computer software manufacturing processes to better protect against such attacks, CyberScoop reported Friday.

The 2024 Wash100 awardee relayed her beliefs during the Black Hat security conference on Thursday. Easterly said, “We don’t have a cybersecurity problem. We have a software quality problem.”

“We have a multi-billion dollar cybersecurity industry because for decades, technology vendors have been allowed to create defective, insecure, flawed software,” Easterly added.

In March, Easterly and CISA unveiled a Secure by Design pledge, the main principles of which include multi-factor authentication, lessening default passwords, reducing vulnerability classes and increasing customer security patch installation to secure product development.

The Streamlining Federal Cybersecurity Regulations Act also seeks to implement an interagency committee within the Office of the National Cyber Director to mobilize a program to improve cybersecurity and information security regulations and compliance requirements.

Easterly emphasized the importance of Congress playing its part in improving software vulnerabilities.

“Congress can also have a transformative impact by establishing a software liability regime with an articulable standard of care and safe harbor provisions for those vendors that innovate responsibly, prioritizing secure development processes,” Easterly stated.

Since the Secure by Design pledge launch, Easterly said 200 companies have signed on.

/
How to Ensure Supply Chain Security
Published on
How to Ensure Supply Chain Security

Cyber attacks are on the rise, and government contractors are looking at new ways to protect their valuable assets, data and information. Executive Mosaic spoke with DTS CEO and President Ed Tuorinsky in a new video interview to find out how companies should be thinking about supply chain security in the digital age.

Understand Your Information Flow

According to Tuorinsky, the first step in ensuring supply chain security is understanding the flow of information within your organization. That can help companies understand which partners can put them at risk and which ones can’t.

Companies have information flowing in and out at all times. At the lowest risk level is general business communications, which may look like emails back and forth between companies and partners or between the sales team and potential customers.

One step up from that is proprietary information that a company may want to limit to internal use but still may share externally with the right partners.

Some of the more sensitive information a company has includes personal information — like social security numbers. In the government contracting space, especially when working with the Department of Defense, companies may also have controlled unclassified information, or CUI.

“Really understanding the information flow and what partners are receiving what — that’s really the start of your supply chain security,” Tuorinsky said. “Understanding who’s receiving what, what is that information and should it be protected.”

Determine Which Partners Should Be Vetted

Companies can have a wide range of vendors and partners, from office supplies providers to subcontractors. Not all partners require the same kinds of supply chain security and controls, Tuorinsky explained.

“Staples, for example — you’re ordering your supplies, paper, pencils, pens. They have your credit card information, but they’re not in that critical information flow. They’re a vendor, they’re a supplier of yours. Yes, if your information gets stolen, it is a hassle to change that, but it’s not critical,” he said.

However, if a company outsources something like business development, that’s when company proprietary information, financial information and even CUI could come into play.

“That vendor has to be vetted,” Tuorinsky emphasized. “You are sharing critical information with them, and you want to make sure not only your corporate information is protected, but your potential client information is protected.”

Unlock more supply chain security insights by watching Ed Tuorinsky’s video interview.

/
Labor Department CIO Gundeep Ahluwalia Stepping Down
Published on
Labor Department CIO Gundeep Ahluwalia Stepping Down

Gundeep Ahluwalia, chief information officer of the Department of Labor, is stepping down after serving as CIO for eight years, Federal News Network reported Monday.

In an email to staff obtained by FNN, Ahluwalia’s last day at DOL would be Friday, Aug. 16.

According to the report, Louis Charlier, the department’s deputy CIO, will assume the role of acting CIO.

Under Ahluwalia’s leadership, DOL has established a digital infrastructure during the pandemic, advanced cloud adoption, implemented cloud-based cybersecurity capabilities, modernized more than 500 business applications and enabled the digitization of labor certification programs and enhanced the workman compensation program delivery, among other efforts.

“Our successes in creating novel funding mechanisms, Technology Modernization Funding wins, legendary TechDay, creating resilient infrastructure, websites, applications, mobile applications, data infrastructure, cybersecurity, artificial intelligence and emerging technologies are all things I can talk about for days!” he wrote in the email.

Ahluwalia joined DOL in August 2016 as deputy CIO.

Before the Labor Department, he spent four years at the Food and Drug Administration as deputy director of business informatics.

Prior to joining federal service, the CIO was director for information technology and application support at Agentrics.

/
VA Taps Electronic Health Information System for Research to Help Improve Clinical Care
Published on
VA Taps Electronic Health Information System for Research to Help Improve Clinical Care

The Department of Veterans Affairs has partnered with Oak Ridge National Laboratory to establish a knowledge-sharing website using VA electronic health records to accelerate research that can support improved clinical care.

The platform, called Centralized Interactive Phenomics Resource, or CIPHER, can open a broader sharing of research findings within the scientific community, the VA said.

The public-facing online resource, open to VA and non-VA researchers, provides data culled from the department’s integrated health care system—the United States’ largest.

Researchers can tap the CIPHER library for computable inputs derived from complex health data, such as phenotypes for diseases and clinical conditions. The library generates the data through the ORNL’s compute facilities and expertise.

According to Sumitra Muralidhar, director of the VA Million Veteran Program (CIPHER’s lead sponsor), the platform “has revolutionized” researchers’ use of EHR data with its standardized and streamlined approach that allows a head start in health research.

The VA has previously undertaken EHR modernization efforts, which engaged private industry, to improve clinical outcomes for members of military service branches.

VA Taps Electronic Health Information System for Research to Help Improve Clinical Care

Attend the Potomac Officers Club’s 2024 Healthcare Summit in December for all of the latest updates on U.S. healthcare technology.

/
DIU Awards Autonomous Maritime Vehicle Prototype Contracts
Published on
DIU Awards Autonomous Maritime Vehicle Prototype Contracts

The Defense Innovation Unit, in partnership with the U.S. Navy, has awarded contracts to select mid-size, non-traditional and venture-backed companies to prototype small unmanned surface vehicle — or sUSV — interceptors that can operate together as robotic swarms in contested environments.

The effort supports the Department of Defense’s Replicator initiative, which aims to provide warfighters with all-domain, attritable, autonomous systems faster than traditional procurement timelines, the DIU said Monday.

Speaking at the National Defense Industry Association 2024 Emerging Technology for Defense Conference, Kathleen Hicks, deputy secretary of Defense and a 2024 Wash100 awardee, said Replicator is demonstrating how to deliver all kinds of capability at speed and scale.

“What we’ve done in under 12 months can take seven-to-ten years. At the end of the day, all our efforts are conditioning DoD, Congress, and the private sector for the battlespace of the future, and the pace of change necessary to succeed,” she added.

The sUSV prototype contract awardees were selected among over 100 applicants that responded to the DIU’s solicitation for production-ready automated maritime drones in January.

DIU Director Doug Beck said having non-traditional defense companies as contract winners demonstrates the DOD’s “growing ability to leverage leading commercial and dual-use technologies to meet critical and emerging national security needs.”

Get an in-depth look into current Navy priorities at the Potomac Officers Club’s 2024 Navy Summit on August 15. Register here.

DIU Awards Autonomous Maritime Vehicle Prototype Contracts
/
GovCon Index Took Downward Turn Last Week
Published on
GovCon Index Took Downward Turn Last Week

Executive Mosaic’s GovCon Index fell by 0.03% last week. This slight loss marked the end of a four-week growth trend.

GovCon Index is an aggregate index that presents real-time data on the stock market performance of 30 major government contracting companies. This information enables users to analyze the financial success of each tracked organization and gain insights into the broad trends shaping today’s GovCon marketplace.

GovCon Index began last week with a 2.15% drop on Monday. It jumped back into positive territory on Tuesday, and made slight gains on Wednesday. On Thursday, GovCon Index rose by a notable 1.74% — an increase driven by Palantir’s 11.25% rise. Though growth continued on Friday, GovCon Index stayed negative overall.

For more details on daily GovCon Index performance, check out last week’s market reports. To access the complete list of tracked companies, click here.

/
NSF Selects First Pilot Projects Advancing National Quantum Virtual Laboratory
Published on
NSF Selects First Pilot Projects Advancing National Quantum Virtual Laboratory

The National Science Foundation has selected the initial batch of pilot projects to advance its National Quantum Virtual Laboratory program.

The five projects, which will receive funding of $1 million each, will build the foundation for NQVL, a decentralized national resource enabling accelerated discovery and development of use-inspired quantum technologies, NSF said.

For instance, one of the projects will build a quantum network to support secure long-distance communication systems. Stony Brook University will collaborate with Columbia University, Yale University and Brookhaven National Laboratory on the effort.

According to NSF Assistant Director for Mathematical and Physical Sciences Denise Caldwell, the upcoming laboratory will facilitate the translation of new scientific ideas into developed technologies that benefit society.

NSF noted that NQVL will accelerate the translation of fundamental science and engineering concepts into practical applications co-designed by a diverse community of computing, networking and sensing experts.

The laboratory also intends to train the STEM workforce that would spearhead U.S. industries in the future, the foundation explained.

NSF will announce five additional projects supporting NQVL in late 2024.

/
DOD Unveils Housing Feedback System for Service Members
Published on
DOD Unveils Housing Feedback System for Service Members

The Department of Defense has unveiled a system to improve communication between service members and their privatized landlords throughout DOD military housing.

The DOD Housing Feedback System, or DHFS, will allow service members and their authorized dependents to submit public feedback on the condition of their current housing unit by opening an additional communication channel for occupants, the DOD announced Monday.

Deborah Rosenblum, acting deputy under secretary of defense for acquisition and sustainment, said, “The Department of Defense has a moral obligation to ensure that the spaces where our Service members and their families live are healthy, functional, and resilient.”

The DHFS will provide a direct portal to place maintenance work order requests as the department continues to improve the housing quality of approximately 250,000 homes for service members and their families.

“This new feedback system is a critical step to ensuring transparent and timely responses to occupants’ concerns and aligns with Secretary Austin’s priority to Take Care of Our People,” Rosenblum emphasized.

“We are focused on putting our people’s experiences at the very center of all the work we do,” she added.

Earlier this year, the DOD unveiled a Resilient and Healthy Defense Communities Strategy designed to produce sustainable housing for service members and their families. The DHFS is currently up and running.

/
Air Force Conducts QUICKSINK Demo to Enhance Naval Warfare Capabilities
Published on
Air Force Conducts QUICKSINK Demo to Enhance Naval Warfare Capabilities

The U.S. Air Force recently conducted a demonstration to determine the capability of low-cost, air-delivered methods in neutralizing surface vessels.

The Air Force said Thursday a QUICKSINK demonstration took place in the Gulf of Mexico near Elgin Air Force. The test was done with the goal of strengthening the nation’s defense against maritime threats. In particular, the QUICKSINK program aims to develop the capability to quickly neutralize such threats despite the vastness of the oceans.

QUICKSINK is part of the Maritime Weapon Program spearheaded by the Air Force Research Laboratory and the Navy. This program covers the development of enhanced weapons that can be launched from an aircraft to neutralize enemy vessels.

Another QUICKSINK demo was performed in July as part of the second RIMPAC SINKEX. In the demo, a low-cost air-delivered method was tested with the help of a B-2 Spirit stealth bomber .

Col. Matthew Caspers, director of AFRL, Munitions Directorate, stressed the strategic importance of QUICKSINK. “The development of this technology helps deliver technological superiority to ensure the United States can defend our interests, maintain freedom of action, and seize the initiative over large maritime areas.”

“QUICKSINK is an answer to an urgent need to neutralize maritime threats to freedom around the world. This program is unique in that it can provide capabilities to modify existing and future Department of Defense weapons systems, giving combatant commanders and our national leaders new ways to defend against maritime threats,” added Caspers.

The Potomac Officers Club invites you to the 2024 Navy Summit, where naval leaders, experts, and innovators from government and industry will gather to discuss maritime security and other vital issues. Click here to register.

Air Force Conducts QUICKSINK Demo to Enhance Naval Warfare Capabilities
//
Bipartisan Senate Bill Seeks Mandatory Contractor Cyber Vulnerability Disclosure
Published on
Bipartisan Senate Bill Seeks Mandatory Contractor Cyber Vulnerability Disclosure

Sens. Mark Warner, D-Va., and James Lankford, R-Okla. have put forward the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024, which would extend the coverage of the National Institute of Standards and Technology’s vulnerability disclosure policies, or VDPs, to federal contractors.

A companion House bill has been introduced by Rep. Nancy Mace, R-S.C., calling for a Federal Acquisition Regulation update requiring federal contractors to implement VDPs, Warner’s office said Friday.

The policies currently cover civilian federal agencies but do not regulate the information systems that federal contractors use in their contracts, the senator’s office added.

One of the provisions of the Warner-Lankford bill requires the Secretary of Defense to direct revisions on the Defense Federal Acquisition Regulation Supplement contract requirements to ensure contractors’ compliance to VDPs.

Warner describes VDPs as proactive tools to mitigate cyber vulnerabilities. “This legislation will ensure that federal contractors, along with federal agencies, are adhering to national guidelines that will better protect our critical infrastructure, and sensitive data from potential attacks,” he stressed.

1 241 242 243 244 245 2,626