//
Space Operations Command Takes Control of SBIRS Baseline Release Initiative
Published on
Space Operations Command Takes Control of SBIRS Baseline Release Initiative

The Missile Warning Mission Area Team within the Space Operations Command’s Space Operations Center has taken over control of the Space-Based Infrared System Baseline Release, or SBR 23-1, from Space Systems Command.

SBR 23-1, also known as Virtualized Processing Environment Release, is aimed at addressing obsolescence issues, cybersecurity requirements and sustainment concerns within the SBIRS ground system and ensuring uninterrupted, secure operations of the mission control station and backup data processing subsystem system hardware, SSC said Thursday.

The program replaces obsolete hardware, transitions to a Linux-based operating system running on virtual machines and uses the VM environment to provide a consistent cyber update capability.

The Space Force’s SBIRS constellation will supply near real-time, high-fidelity Overhead Persistent Infrared data worldwide to enable warfighters to respond to threats rapidly.

“Strategic competitors and adversaries are rapidly developing and deploying more advanced and diverse missile capabilities around the world,” said Space Force Lt. Col. Robert Smith, director of operations of the 2nd Space Warning Squadron.

“This includes detecting and reporting ballistic missiles, space launches, nuclear detonations, and infrared data with operational importance to the President, Secretary of Defense, combatant commanders, intelligence agencies, global warfighters, and allies. ViPER’s acceptance ensures the space-based missile warning community is postured and ready for Great Power Competition,” Smith said.

/
GAO Urges Federal Agencies to Complete IT Security Requirements Implementation
Published on
GAO Urges Federal Agencies to Complete IT Security Requirements Implementation

The Government Accountability Office has recommended that the federal government complete the implementation of the leadership and oversight requirements outlined in a 2021 executive order on protecting federal information technology systems from cyberattacks.

In a new report published Thursday, GAO said the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology and the Office of Management and Budget have fully completed 49 of the 55 requirements and partially completed five.

One requirement related to standardizing a playbook for responding to cybersecurity vulnerabilities and incidents was flagged not applicable.

GAO recommended that the director of CISA issue its list of software and software product categories considered critical software and improve the operations of the Cyber Safety Review Board.

The agency also outlined three recommendations for OMB, including demonstrating that it has coordinated with pertinent agencies regarding resourcing needs for implementing an endpoint detection and response capability and logging, log retention and log management capabilities.

POC - 2024 Cyber Summit

The Potomac Officers Club will host the 2024 Cyber Summit on June 6 to hear from government and industry experts about the dynamic and ever-evolving role of cyber in the public sector. Register here!

/
DOD Cyber Crime Center, DCSA to Back Defense Industrial Base Through Vulnerability Disclosure Program
Published on
DOD Cyber Crime Center, DCSA to Back Defense Industrial Base Through Vulnerability Disclosure Program

The Department of Defense’s Cyber Crime Center, also known as DC3, and the Defense Counterintelligence and Security Agency have partnered to create a program that seeks to bring vulnerability disclosure capabilities to the defense industrial base.

DC3 said Friday that under the Defense Industrial Base – Vulnerability Disclosure Program — a.k.a. DIB-VDP — participants can voluntarily subject their platforms and assets to vulnerability threat assessments and ethical researcher analyses.

DIB-VDP seeks to help organizations facilitate the sharing of vulnerabilities with other DIB companies and mitigate vulnerabilities in internet-facing information systems.

The DCSA-DC3 partnership expects the efforts under the program to align and address the 2024 Defense Industrial Base Cybersecurity Strategy and cyber policies and strategies at the national level.

DCSA oversees about 12,500 cleared companies under the National Industrial Security Program.

Through the newly created program, DC3 will help address cyberthreats facing the DIB by building on its pilots, policies and public-private collaboration efforts.

In 2022, the two agencies conducted a 12-month pilot that leveraged the relationship between the DIB and DOD’s Defense Industrial Base Collaborative Information Sharing Environment.

POC - 2024 Cyber Summit

Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts and government and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector. Register here.

/
NOAA & Partner to Study Mitigation of Data Corrupting RF Emissions
Published on
NOAA & Partner to Study Mitigation of Data Corrupting RF Emissions

The National Oceanic and Atmospheric Administration has tapped Boulder Environmental Sciences and Technology to study the corruption of radio frequency bands used by Earth-observing satellites for passive sensing.

NOAA’s National Environmental Satellite, Data and Information Service, or NESDIS, said the agency awarded a Joint Venture Partnerships broad agency announcement to the contractor for the delivery of a report on possible efforts that could assist in detecting, identifying, characterizing and mitigating the RF bands corruption.

Boulder Environmental Sciences and Technology is expected to inform NOAA about the identification, characterization and reduction of emissions that interfere or corrupt within a passive band.

The report will also detail associated risks, processes and modifications needed to conduct emission mitigation initiatives on an international basis, as well as processes and resources required to implement the approach.

The $1 million contract was made under the Joint Venture Partnerships program, which is operated by NESDIS.

/
Agile Principles Help Mitigate Risk to Army Enterprise Training System
Published on
Agile Principles Help Mitigate Risk to Army Enterprise Training System

Mitigation mechanisms informed by Agile principles were put into effect to address a risk that could have impacted a system overseen by Program Executive Office Enterprise Information Systems that works to provide an enterprise training capability to the U.S. Army.

According to a feature article posted Thursday on the PEO EIS website, the Army Training Information System program encountered an issue involving the ATIS system’s inability to exchange data with the Army Training Management System, a problem that could have resulted in data duplication.

For leaders within EIS, one of the best practices for risk management involves making continuous risk assessment a part of program increment — or PI — planning. As part of the ATIS program’s Agile Release Train process, risks are put up on a PI planning board for monitoring by development teams, which work to determine if they can resolve the risks on their own or if the risks need to be elevated to the ART team.

The ART team itself has its own tool called a Resolved, Owned, Accepted, Mitigated board, which it uses to monitor and, if necessary, elevate risks to the program level. The use of a ROAM board is part of the recommendations under the Scaled Agile Framework, which PEO EIS had adopted.

The issue ultimately had to be elevated to the program level, and using Agile methods, the ATIS team was able to implement a remedy that has resulted in a near-complete resolution.

David Bridges, a contractor and ATIS operations and risk manager, said, “First it was a critical risk, but now it’s a low to moderate risk, improving every day and unlikely to happen because it is tracked at the program level.”

Prior to the adoption of Agile, the issue’s near-complete resolution would have taken over a year. With the help of Agile, it took six months.

Agile Principles Help Mitigate Risk to Army Enterprise Training System

Army officials, government leaders and industry executives will discuss priorities, strategies and solutions to challenges at the Potomac Officers Club’s 9th Annual Army Summit, which will take place in June. Register now to be part of this important conversation!

New Rule Requires Agencies to Prioritize Procurement, Use of Sustainable Products & Services
Published on
New Rule Requires Agencies to Prioritize Procurement, Use of Sustainable Products & Services

The Department of Defense, General Services Administration and NASA have issued a final rule amending the Federal Acquisition Regulation to require federal agencies to purchase and use sustainable products and services identified or recommended by the Environmental Protection Agency.

Under the final rule, federal agencies are required to purchase WaterSense-label water-efficient products and services and Safer Choice-certified products that contain safer chemical ingredients, the White House said Friday.

The final rule also mandates that agencies follow the EPA’s recommended environmental standards and ecolabels, updated in October 2023, to help purchasers correctly identify and procure environmentally preferable products and services.

“Through these enhanced purchasing standards, we are advancing the Administration’s environmental objectives while supporting U.S. manufacturing and generating significant economic benefits across the country,” said EPA Administrator Michael Regan.

“As part of President Biden’s Investing in America agenda to support U.S. manufacturing and climate action, these new standards will help Federal agencies prioritize the purchase of sustainable products and services certified to EPA-recommended standards and ecolabels that create good-paying jobs right here at home,” said Brenda Mallory, chair of the White House Council on Environmental Quality.

The final rule will help advance the Biden administration’s Federal Sustainability Plan, which aims to achieve net-zero emissions and other procurement goals by 2050.

FISA Section 702 Reauthorization Bill Signed Into Law
Published on
FISA Section 702 Reauthorization Bill Signed Into Law

President Biden on Saturday signed into law a bill that seeks to reauthorize Section 702 of the Foreign Intelligence Surveillance Act and introduce reforms to better protect the privacy and civil liberties of Americans.

National Security Adviser Jake Sullivan issued a statement calling FISA’s Section 702 one of the country’s “most vital intelligence collection tools.”

“The Reforming Intelligence and Securing America Act will retain essential authority to understand and protect against a wide range of dangerous threats to Americans while enhancing safeguards for privacy and civil liberties through the most robust set of reforms ever included in legislation to reauthorize Section 702,” Sullivan added.

The president signed the measure hours after the Senate cleared the reauthorization legislation in a 60-34 vote, The Hill reported.

Attorney General Merrick Garland stated that Section 702 plays an “indispensable” role in the Department of Justice’s efforts to protect citizens from cyberthreats, nation-state actors and terrorists.

“This reauthorization of Section 702 gives the United States the authority to continue to collect foreign intelligence information about non-U.S. persons located outside the United States, while at the same time codifying important reforms the Justice Department has adopted to ensure the protection of Americans’ privacy and civil liberties,” Garland added.

/
Vice Adm. Michael Boyle Nominated as Deputy Chief of Naval Operations
Published on
Vice Adm. Michael Boyle Nominated as Deputy Chief of Naval Operations

President Biden has nominated Navy Vice Adm. Michael Boyle, commander of the Third Fleet, to serve as deputy chief of naval operations for operations, plans and strategy, N3/N5, within the Office of the Chief of Naval Operations.

Defense Secretary and three-time Wash100 awardee Lloyd Austin announced Boyle’s nomination in a Department of Defense news release published Friday.

Boyle, a naval aviator, took the helm of the Third Fleet in June 2022.

The vice admiral previously served as director of maritime operations for the U.S. Pacific Fleet, director of international engagements within the Office of the CNO and executive assistant to the commander within the U.S. Pacific Fleet.

His operational assignments include time serving as commander of the Carrier Strike Group-12 and commander of Naval Component, U.S. Forces Korea and United Nations Command, Korea.

/
FAA to Require Reentry Vehicle Operator to Obtain License Prior to Launch
Published on
FAA to Require Reentry Vehicle Operator to Obtain License Prior to Launch

The Federal Aviation Administration has released a notice stating that a reentry vehicle may be launched as a payload and return to Earth as a reentry spacecraft provided that the operator has secured the necessary reentry license or authorization.

An operator or owner of a reentry vehicle that will lift off as a payload and reenter Earth must meet the payload review requirements for the launch phase and the reentry requirements for the reentry phase, according to a notice published Wednesday in Federal Register.

FAA outlined some of the concerns associated with the launch of a reentry vehicle without reentry license or reauthorization, including public risks, limited options for the safe reentry of the vehicle and payload review.

“Launch of a reentry vehicle without an authorization for reentry would pose safety concerns that are designed to be addressed by the reentry licensing process,” the notice states.

/
CISA, Partners Warn Organizations of Akira Ransomware Attacks
Published on
CISA, Partners Warn Organizations of Akira Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency and its U.S. and international partners have released a joint cybersecurity advisory, or CSA, warning organizations against the Akira ransomware that has targeted critical infrastructure entities in North America, Europe and Australia.

The CSA outlines known tactics, techniques and procedures used by Akira ransomware operators and indicators of compromise to help organizations respond to ransomware attacks, CISA said Thursday.

According to the advisory, Akira threat actors have deployed a Linux variant targeting VMware ESXi virtual machines after initially focusing on Windows systems.

As of January, the ransomware group has targeted more than 250 organizations and gained approximately $42 million in ransomware proceeds.

In August 2023, Akira attacks started using Megazord, using Rust-based code, and Akira ransomware written in C++ and encrypted files.

CISA and its partners encourage organizations to implement the mitigations outlined in the CSA to reduce the impact of Akira ransomware attacks.

1 302 303 304 305 306 2,609