//
GAO Says EPA Needs National Strategy to Address Cyberthreats Against US Water Sector
Published on
GAO Says EPA Needs National Strategy to Address Cyberthreats Against US Water Sector

The Government Accountability Office has called on the Environmental Protection Agency to develop a national strategy to address the cybersecurity threats against U.S. water and wastewater systems.

In a report published on Thursday, GAO said the EPA, which heads the water cybersecurity efforts in the United States, must identify and prioritize the greatest risks that could disrupt the water sector’s operations.

The watchdog stressed that the EPA urgently needs a standard cyber strategy as the sector faces growing risks, specifically from external bad actors.

The office noted that foreign hackers targeted multiple water systems in 2023, adding that the incidents should remind the EPA and other relevant agencies that cyberattacks threaten critical infrastructure sectors.

To address the threats, the watchdog suggested that the EPA evaluate water sector risks and develop and execute a national cyber strategy.

GAO also urged the agency to review if its legal authorities to carry out cybersecurity responsibilities remain sufficient and seek additional powers if needed.

The accountability office stressed that a modern strategy and additional authority are necessary for the EPA to ensure that “the water sector is better prepared for any future cyberattacks.”

The GAO report came out after the EPA collaborated with the Cybersecurity and Infrastructure Security Agency and the FBI to release guidance in January that water sector owners and operators can use to better respond to cyber incidents.

//
AFWERX, MTSI Evaluate Electric Aircrafts for Possible Military Use
Published on
AFWERX, MTSI Evaluate Electric Aircrafts for Possible Military Use

AFWERX, the Department of the Air Force’s innovation arm, and defense contractor MTSI have been conducting a series of test flights to evaluate electric-powered aircrafts.

The Air Force said Wednesday the collaboration is intended to assess the performance of BlackFly, an electric vertical take-off and landing—or eVTOL—aircraft from Pivotal, along with other electric aircrafts.

The project started mid-June and is expected to conclude in mid-September. The daily test flights are being conducted at Springfield-Beckley Airport with preparations done at the National Advanced Air Mobility Center of Excellence.

According to Josh Lane, AFWERX flight test engineer, the BlackFly is being evaluated for its flying capabilities and infrastructure. In line with AFWERX’s Agility Prime program, the project is exploring the possibilities of using these aircrafts for military operations while other stakeholders are looking at their potential for commercial use.

They are also trying to determine if the single-seat eVTOL can be converted into an unmanned aircraft. Joshua Bohun, the remote pilot in command, noted that the BlackFly’s advanced control systems made it easy to maneuver the aircraft.

The project is also evaluating the performance of DANNAR’s battery energy storage system and the portable chargers, particularly the remote-controlled Mobile Power Station, as the main electric charging system for the eVTOL aircrafts.

“The DANNAR system is designed to provide modularity and flexibility,” Lane said. “We use it for various power aspects, including ground control computers and aircraft recharging.”

Aside from the BlackFly, other eVTOL aircrafts being evaluated include the BETA ALIA, Pyka Pelican Cargo and Pipistrel Velis Electro.

Take part in the upcoming GovCon International Summit and get a chance to dissect the minds of government and industry experts. Register here.

AFWERX, MTSI Evaluate Electric Aircrafts for Possible Military Use
/
CISA Issues Playbook for Supply Chain Software Security
Published on
CISA Issues Playbook for Supply Chain Software Security

The Cybersecurity and Infrastructure Security Agency has provided government acquisition and procurement organizations with a newly developed guidebook on mitigating cyberattack threats on the software they use in the supply chain.

Titled “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management Lifecycle,” the playbook consolidates software assurance standards and frameworks, with focus on software acquisition and lifecycle activities, CISA said.

Developed by CISA’s information and communications technology supply chain risk management task force, the guide addresses the heightened importance of rebalancing cybersecurity responsibilities between software suppliers and users.

According to Mona Harrington, CISA national risk management center assistant director and ICT SCRM task force co-chair, the guidance includes the agency’s secure by design principles and a questionnaire that should be tackled in the risk mitigation process for software procured from third parties.

The guide is a tool for government acquisition and procurement bodies for initiating discussions with their cybersecurity staff and enterprise risk frontliners, such as chief information officers, Harrington added.

The playbook provides a spreadsheet complementing its software acquisition roadmap to help users navigate the document.

The ICT SCRM task force will hold a webinar on the guidebook in the fall.

NCSC Releases 2024 National Counterintelligence Strategy
Published on
NCSC Releases 2024 National Counterintelligence Strategy

The National Counterintelligence and Security Center has issued a new strategy that seeks to provide strategic direction for the U.S. federal government and the counterintelligence — or CI — community to counter foreign intelligence threats and align CI priorities with the National Security Strategy.

In a statement published Thursday, NCSC Director Michael Casey said the National Counterintelligence Strategy is designed to drive action, integration and resources across the CI community to safeguard U.S. strategic advantages and outmanuever foreign intelligence entities.

“Developed with our partners across the U.S. government, the strategy provides a comprehensive vision and direction for the CI community to address increasingly complex foreign intelligence threats,” Casey added.

The 2024 strategy has three key pillars: outmaneuver and constrain FIEs, protect U.S. strategic advantages and invest in the future.

Each pillar has specific strategic goals. For the first pillar, goals include detecting, understanding and anticipating foreign intelligence threats and combatting foreign intelligence cyber activities.

Under the second pillar, protecting individuals against foreign intelligence targeting and collection, safeguarding critical technology and U.S. economic security and reducing risks to key U.S. supply chains are some of the goals.

The third pillar calls for the U.S. government to build counterintelligence capabilities, resilience and partnerships.

POC - 2024 Intel Summit

Register here to join the Potomac Officers Club’s 2024 Intel Summit on Sept. 19 and hear top U.S. intelligence community officials and industry executives discuss the challenges, innovation initiatives, opportunities and technologies shaping the future of American intelligence.

/
DARPA Tackles Memory Safety Vulnerabilities Problem With New Program
Published on
DARPA Tackles Memory Safety Vulnerabilities Problem With New Program

The Defense Advanced Research Project Agency is aiming to eliminate memory safety vulnerabilities completely with a new program.

The Department of Defense research division said Wednesday issues with disclosed software vulnerabilities can be solved with the help of the Translating All C to Rust, or TRACTOR, program.

TRACTOR is an answer to the call of the Office of the National Cyber Director for a more proactive approach to finally solving memory safety vulnerabilities and lowering the risk of attacks. The program will be hosting public competitions.

The program intends to find ways to automate the translation of the world’s legacy C code to the safer Rust programming language with the help of large language models and other advancements in machine learning.

Existing tools for finding bugs are not enough to tackle memory safety issues in C and C++. The problem with memory safe programming languages is that it is difficult to rewrite legacy code at a scale large enough to deal with the whole problem. With the help of LLMs, the possibility of memory safety vulnerabilities affecting a computer’s memory will be erased.

Dan Wallach, DARPA program manager for TRACTOR, described the process as simply going to any LLM website and telling the AI chatbot to translate C code to a safe idiomatic Rust code.

“The research challenge is to dramatically improve the automated translation from C to Rust, particularly for program constructs with the most relevance,” said Wallach.

Join the Potomac Officers Club in getting to know some of the nation’s leading defense researchers, experts and decision-makers at the 2025 Defense R&D Summit in January. Click here to register.

DARPA Tackles Memory Safety Vulnerabilities Problem With New Program
/
Maj. Gen. Robert Harter Appointed to Dual Leadership Role at Army Reserve Command
Published on
Maj. Gen. Robert Harter Appointed to Dual Leadership Role at Army Reserve Command

Maj. Gen. Robert Harter has been named the new chief of Army Reserve and commanding general of the U.S. Army Reserve Command.

The Army Reserve said Thursday Harter was confirmed by the Senate to the dual role at the Army Reserve Command. He was also promoted to lieutenant general.

Prior to his new assignment, Maj. Gen. Harter was the commanding general of the 81st Readiness Division and the deputy chief and G3 of the Office of the Chief of Army Reserve. He also served as deputy chief of staff and later director of the Office of the Chief of Army Reserve staff.

In between his roles at the Army Reserve, Harter was chief of staff of the Army Materiel Command where he was tasked with integrating headquarters operations in support of AMC’s global sustainment mission set.

As the commanding general of the 316th Expeditionary Sustainment Command, Harter was deployed to CENTCOM in support of Operations Spartan Shield, Inherent Resolve and Enduring Freedom. He also served as the director of logistics and distribution operations for the 316th ESC..

The Alaska-born general’s other assignments as part of the Active Guard Reserve program include training chief for readiness of the 99th Regional Readiness Command; support operations officer of the 55th Sustainment Brigade; and branch chief of the Force Protection Branch, Joint Staff J8, Force Structure, Resources, and Assessment.

Before his AGR assignments, Harter was in active service, particularly with the 11th Armored Cavalry Regiment at Bad Hersfeld, Germany, the 101st Corps Support Group at Fort Campbell Kentucky and the Army Munition Center and School at Redstone Arsenal, Alabama.

The Virginia-based Harter earned a Bachelor of Arts degree in business and communication from Virginia Tech and a master’s degree in national security strategy from the National War College.

//
Michael Sulmeyer Becomes Pentagon’s 1st Assistant Secretary of Defense for Cyber Policy
Published on
Michael Sulmeyer Becomes Pentagon’s 1st Assistant Secretary of Defense for Cyber Policy

The U.S. Senate has confirmed Michael Sulmeyer as the first cyber policy chief of the Department of Defense.

In this new role, Sulmeyer will lead the Office of the Assistant Secretary of Defense for Cyber Policy, established in March as mandated by the fiscal 2023 National Defense Authorization Act. He will oversee cyber policy development across the DOD.

The confirmation comes just two days after the Senate Armed Services Committee advanced Sulmeyer’s nomination to the Senate floor for a vote.

Sulmeyer most recently served as the principal cyber adviser for the U.S. Army, where he gave counsel to military leaders on all matters of cyber such as readiness and capabilities. He also held the position of director of the rapid vulnerability review at the Office of the Deputy Secretary of Defense and senior adviser to the head of the U.S. Cyber Command.

Before entering the government sector, Sulmeyer led the Cybersecurity Project at the Harvard Kennedy School’s Belfer Center for Science and International Affairs. He also taught at the University of Texas School of Law.

In July, Republican Sen. Mike Rounds, who is a member of the Senate Armed Services Committee’s cyber panel, said Sulmeyer has the “character, competence and experience” needed to address cyber threats the nation will face in the future.

/
Air Force Looking for Sources of Intelligence Production Advisory, Assistance Services
Published on
Air Force Looking for Sources of Intelligence Production Advisory, Assistance Services

The U.S. Air Force is seeking potential sources of advisory and assistance services to support the National Air and Space Intelligence Center’s activities involving research, development, and sustainment of new and existing hardware, systems and software capabilities enabling scientific and technical intelligence production.

The Air Force intends to award a $480 million indefinite-delivery/indefinite-quantity contract with a one-year base and four one-year optional ordering periods, according to a notice posted on SAM.gov on Thursday.

A draft performance work statement indicated that the potential contract would also support technical intelligence collection, analysis, planning, processing, dissemination and archiving for NASIC, the Air Force, the Department of Defense and national-level intelligence efforts.

Other responsibilities include deploying program management and systems acquisition experts who will provide assistance, advice or training for all phases of intelligence R&D, systems, acquisition and production program execution.

The contract requirements align with NASIC’s mission to discover and characterize air, space, missile, forces, and cyber threats to enable multi-domain operations, drive weapon system acquisition and inform national defense policy.

Responses to the notice are due Aug. 15.

/
Air Force Secretary Frank Kendall Speaks on USAF Modernization at LCID 2024 Keynote
Published on
Air Force Secretary Frank Kendall Speaks on USAF Modernization at LCID 2024 Keynote

Frank Kendall, secretary of the Department of the Air Force and 2024 Wash100 Award winner, gave updates on DAF modernization strategies during a keynote address at Life Cycle Industry Days on July 30.

Kendall discussed numerous topics, including space security and optimizing USAF resources as the global operational ecosystem continues to transform, the U.S. Space Force announced Friday.

“The strategic environment we’re in today is the toughest that I’ve ever seen,” the secretary said.

Kendall emphasized that as the military prepares to address the great power competition, or GPC, the Air Force has recently authorized the Integrated Development Office and Air Force Information Dominance Systems Center to gain a leg up on adversaries.

GPC is the impetus for Kendall’s seven operational imperatives, about which he revealed, “We’d like to go faster. We’d like to get a wider spectrum of capabilities out there.”

Kendall noted his appointment of Brig. Gen. Luke Cropsey as Air Force integrating program executive officer for command, control, communications and battle management and how it has paid dividends for the USAF. Cropsey is working on manufacturing joint capabilities for the USAF and Space Force to hopefully strengthen ties with international programs and partners.

Kendall then highlighted the challenges faced with integrating technology.

“Information systems are possible vulnerabilities that can be tapped and it’s no mystery that they’re being attacked,” he said.

“We have to grow our people,” Kendall urged, adding, “We’re going to make sure they get the right training, and we’re going to need more people who are as proficient as possible and have a really good set of experiences to do effective management.”

Kendall closed his remarks by highlighting the importance of space funding. One of the most significant efforts in GPC is in outer orbit operations.

“If you are targeted in space, you’re not going to survive,” Kendall explained. “And we have got to do something about that. And if we can’t target from space, we will not be successful. It’s as simple as that.”

/
NOAA Office of Space Commerce Seeks Bids for TraCSS Presentation Layer
Published on
NOAA Office of Space Commerce Seeks Bids for TraCSS Presentation Layer

The National Oceanic and Atmospheric Administration has begun soliciting proposals for the Presentation Layer of the Traffic Coordination System for Space, or TraCSS, program.

NOAA’s Office of Space Commerce said Thursday it is asking commercial enterprises for mature capabilities for the TraCSS Presentation Layer, which will be composed of web-based graphical user interfaces, or GUIs, and a data products service to produce formatted human-readable data products.

According to OSC, the contractor should build the program’s website to showcase the data products and GUIs.

The data products, GUIs and the website should use the TraCSS application programming interfaces and gateway business logic as defined by the program’s system integrator to retrieve and store data.

According to a solicitation notice published Thursday on SAM.gov, the acquisition is a total set-aside program for small businesses with a one-year base period and four option years.

Offers are due Aug. 13.

Recent TraCSS Developments

In July, OSC appointed Dmitry Poisik, a U.S. Navy veteran, as the inaugural TraCSS program manager.

In March, the office issued a call for demonstrations for the TraCSS Presentation Layer and awarded Parsons a contract to provide system integration and cloud management services for the TraCSS program.

NOAA’s OSC is building TraCSS as a cloud-based information technology system that will provide space situational awareness and space traffic coordination support services for private and civil space operators.

1 278 279 280 281 282 2,656