/
Matt Tait & Venice Goodwine Named to 2024 Wash100 List
Published on
Matt Tait & Venice Goodwine Named to 2024 Wash100 List

ManTech President and CEO Matt Tait and Department of the Air Force Chief Information Officer Venice Goodwine were celebrated on Thursday as winners of Executive Mosaic’s prestigious 2024 Wash100 Award.

The coveted Wash100 Award honors the 100 most influential leaders working in the government and government contracting sectors. Each recipient is recognized for their outstanding leadership, vision, innovation, reliability and achievement. These executives are the ones to watch in the coming year!

Tait earned his second consecutive Wash100 Award for spearheading company growth, appointing key talent to the leadership team and booking new contracts. Executive Mosaic CEO Jim Garrettson said of Tait’s win, “In less than two years as CEO, Matt has proven to be a worthy recipient of the Wash100 Award and the ideal successor to uphold and continue ManTech’s legacy.”

Read Matt Tait’s full Wash100 profile here.

This year marks Goodwine’s first to be recognized as a Wash100 winner. Goodwine is honored for her dedication to elevating the service branch’s information technology investment strategy and embracing emerging technologies across the enterprise.The DAF CIO assumed her current role in August and oversees a $17 billion IT portfolio. Learn more about why Goodwine was selected for this year’s Wash100 — read her full profile here.

Don’t forget to vote for Matt Tait and Venice Goodwine in the annual Wash100 popular vote competition! Cast your ten votes today at Wash100.com.

/
NIST NCCoE Offers Draft Guide on Monitoring Internet Data on TLS 1.3
Published on
NIST NCCoE Offers Draft Guide on Monitoring Internet Data on TLS 1.3

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence has released a new draft practice guide to help organizations monitor incoming internet data for evidence of malware and insider threats while using the latest version of the TLS protocol.

NIST said Tuesday the document aims to help companies in finance, healthcare and other industries implement the TLS 1.3 encryption protocol update while maintaining compliance with network monitoring and auditing regulations.

“TLS 1.3 is an important encryption tool that brings increased security and will be able to support post-quantum cryptography,” explained Cherilyn Pascoe, director of the NCCoE.

The document was developed over the past several years at the NCCoE in collaboration with the Internet Engineering Task Force to provide technical methods for auditing incoming internet traffic while using TLS 1.3.

“This collaborative project focuses on ensuring that organizations can use TLS 1.3 to protect their data while meeting requirements for auditing and cybersecurity,” Pascoe said.

Comments on the draft practice guide are due April 1.

/
DCSA to Grant Conditional National Security Eligibility Determinations for NISP Vendors
Published on
DCSA to Grant Conditional National Security Eligibility Determinations for NISP Vendors

The Defense Counterintelligence and Security Agency has announced that it will issue conditional national security eligibility determinations for contractors under the National Industrial Security Program, effective Feb. 1.

DCSA said Tuesday the conditionals seek to help government customers improve mission resilience by diverting cases from due process to monitoring conducted through the agency’s Continuous Vetting program.

According to a fact sheet issued by DCSA, only issues associated with five adjudicative guidelines may call for a conditional eligibility determination: criminal conduct; financial considerations; sexual behavior; drug involvement and substance abuse; and alcohol consumption.

The fact sheet states that conditional eligibility seeks to support access to sites or classified data and details the actions required of the facility security officer and subjects with regard to conditional eligibility determinations.

The conditional eligibility determination process will not only facilitate collaborative risk management but will also provide subjects with a chance to “maintain access where they would have otherwise lost their eligibility thus, maximizing mission readiness,” the document states.

/
Office of National Cyber Director Issues 2023 Year-End Report on Open Source Software Security Initiative
Published on
Office of National Cyber Director Issues 2023 Year-End Report on Open Source Software Security Initiative

The Office of the National Cyber Director published its annual findings about the projects, challenges and ecosystem of open-source software.

The 2023 year-end report evaluates the Biden administration’s Open-Source Software Security Initiative, which is part of the National Cybersecurity Strategy, the White House announced Tuesday.

The document enumerates efforts to engage the open-source software community in the past year, including issuing a request for information on securing the technology’s foundations, sustaining governance and communities within the sector, fostering innovation and strengthening international collaborations.

In a statement, ONCD pledged to work together with software developers and the private sector to “invest in the development of secure software, including memory-safe languages and software development techniques, frameworks, and testing tools.”

GAO Report Calls out Federal Agencies for Inefficient Tracking of Acquired Software Licenses
Published on
GAO Report Calls out Federal Agencies for Inefficient Tracking of Acquired Software Licenses

A study by the Government Accountability Office found inconsistencies and insufficient data on software purchases made by 24 federal agencies, causing gaps in software license inventory.

The GAO report that was released on Monday highlighted that the highest payment amounts for software cannot be identified and may be costing the government more money due to inefficiency.

The government watchdog interviewed 24 chief financial officers from federal agencies including the Departments of Agriculture, Energy and Housing and Urban Development. They reported Microsoft, Adobe, Salesforce, Oracle and ServiceNow as the highest-paid vendors for fiscal year 2021.

However, GAO could not determine which of the companies’ licensed products were most widely used because the government respondents did not have a standardized system for tracking the number of required licenses for each of the products.

GAO recommended that the agencies compare their inventory of purchased licenses with that of currently used licenses to avoid unnecessary costs for the government, which invests more than $100 billion in software and other IT and cyber-related products.

/
Todd Conklin Appointed Treasury Chief AI Officer & Deputy Assistant Secretary of Cyber
Published on
Todd Conklin Appointed Treasury Chief AI Officer & Deputy Assistant Secretary of Cyber

Todd Conklin, a cyber executive with over 16 years of federal government experience, has been appointed chief artificial intelligence officer and deputy assistant secretary of cyber at the Department of the Treasury.

He announced his new post Tuesday on LinkedIn and assumed the position after serving as deputy assistant secretary for the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection.

His Treasury career includes roles such as chief information officer for innovation and intelligence, chief data officer, deputy associate director and senior sanctions investigator.

He joined the department in September 2010 as the Office of Foreign Assets Control’s liaison to the Afghanistan Narcotics Police/Interdiction Unit.

Prior to joining the Treasury, Conklin was an investigator at the U.S. Secret Service and an intelligence officer at the National Geospatial-Intelligence Agency.

/
CISA Releases New Mitigations Against Ivanti Connect Secure & Policy Secure Vulnerabilities
Published on
CISA Releases New Mitigations Against Ivanti Connect Secure & Policy Secure Vulnerabilities

The Cybersecurity and Infrastructure Security Agency has released new mitigations to address vulnerabilities in Ivanti’s Connect Secure and Policy Secure platforms and warned that threat actors have developed workarounds to current detection methods.

CISA said Tuesday cyberthreat actors continue to exploit vulnerabilities in Ivanti’s remote access virtual private network devices to capture credentials or drop webshells to enable remote access to compromised enterprise networks.

The agency is urging federal civilian agencies running Ivanti Connect Secure and Policy Secure gateways to perform continuous threat hunting on any systems connected to the devices and monitor authentication, account usage and identity management services.

Agencies must also isolate potentially exposed systems from any enterprise resources as much as possible.

CISA recently released an emergency directive warning against weaknesses in two Ivanti devices that enable malicious threat actors to exfiltrate data and establish persistent system access.

/
BlackSky to Further Develop AI-Based Broad Area Search Tech Under IARPA Contract
Published on
BlackSky to Further Develop AI-Based Broad Area Search Tech Under IARPA Contract

BlackSky Technology will transition its artificial intelligence-enabled software platform to the third phase of SMART, or the Space-based Machine Automated Recognition Technique program, through a contract with the Intelligence Advanced Research Projects Activity.

Phase III of the SMART program will see the transfer of technologies for broad area search missions into other programs of the U.S. government, BlackSky said Tuesday.

“BlackSky built a high-performance machine learning operations (MLOps) architecture for the SMART program that was originally designed to manage the analysis of one million square kilometers of land,” said Patrick O’Neil, chief technology officer at BlackSky.

“That foundational technology is now generating value elsewhere on other U.S. government search and discovery efforts, where we are analyzing more than 30 million square kilometers – more than 20 percent – of the Earth’s surface every month,” O’Neil added.

BlackSky Spectra is an AI-based tasking and analytics software that works to analyze vast areas of the Earth’s surface to provide a baseline view of aggregate change over time.

POC - 5th Annual Artificial Intelligence Summit

Register here to attend the Potomac Officers Club’s 5th Annual Artificial Intelligence Summit on March 21 and hear federal leaders and industry experts discuss the latest developments in the field.

/
Latest Edition of Mitre Cybersecurity Evaluation Program to Tackle Ransomware, Threats to macOS
Published on
Latest Edition of Mitre Cybersecurity Evaluation Program to Tackle Ransomware, Threats to macOS

Common behaviors associated with ransomware campaigns will be tackled in the sixth round of MITRE Engenuity‘s ATT&CK Evaluations, a program that seeks to assess the capabilities and performance of enterprise cybersecurity solutions.

MITRE said Tuesday that applications are already being accepted for the latest round of ATT&CK Evals, whose focus on ransomware stems from the malware type’s persistence as “one of the most significant cybercriminal threats across industry verticals,” according to Amy Robertson, the program’s principal cyber threat intelligence analyst.

Due to the Democratic People’s Republic of Korea targeting macOS, the latest Evals round will also tackle Apple‘s laptop and desktop operating system.

“The DPRK has emerged as a formidable cyber threat, and they have progressively been expanding their focus to macOS as they work to evade international sanctions,” Robertson noted.

For his part, ATT&CK Evals General Manager William Booth said he and his organization were thrilled to expand the scope of the program to include macOS, a move that underscores a “commitment to comprehensive, platform-diverse assessments.”

Results of the evaluations will be released in the fourth quarter of 2024. Those interested in undergoing assessment have until April 30 to apply.

/
Derek Tournear: SDA to Continue to Rely on Fixed-Price Contracts
Published on
Derek Tournear: SDA to Continue to Rely on Fixed-Price Contracts

Derek Tournear, director of the Space Development Agency, wrote an article explaining whether industry’s reluctance to compete for fixed-price contracts affects SDA’s business model.

In a LinkedIn article published Wednesday, he said that it does not affect the agency’s business model because SDA relies on a “healthy supplier base” to provide ground systems and satellites for the Proliferated Warfighter Space Architecture designed to deliver space capabilities to warfighters.

He shared his thoughts on SDA’s two key pillars: proliferation and spiral development.

“SDA’s commitment to compete every layer of every tranche helps create this robust and diverse marketplace,” Tournear wrote. “SDA has also been very vocal and transparent – we will utilize fixed price contracts to incentivize speed and technical maturity in bids.”

The SDA chief noted that the agency’s business model focuses on schedule. By requiring order to orbit in about 30 months, the prime contractor is forced to focus on mature technologies, enabling them to implement a low-risk technical approach.

Tournear, a previous Wash100 awardee, also discussed the advantages of locking the contractor into a single tranche over a three-year period and competing each capability each time to vendors and SDA.

“SDA will continue to rely on fixed price contracts as we compete every layer for every tranche, and we look forward to continuing our strong partnership with industry so that they will continue to deliver the PWSA to give the warfighter the capabilities they need, and on time!” he added.

POC - 2024 Space Summit

SDA Director Derek Tournear will deliver a keynote at the Potomac Officers Club’s 2024 Space Summit on March 5. Register here to hear Tournear and other government leaders, industry executives and other experts discuss the latest space technologies, commercial investments and urgent issues facing the space domain.

1 348 349 350 351 352 2,595