/
DCSA to Grant Conditional National Security Eligibility Determinations for NISP Vendors
Published on
DCSA to Grant Conditional National Security Eligibility Determinations for NISP Vendors

The Defense Counterintelligence and Security Agency has announced that it will issue conditional national security eligibility determinations for contractors under the National Industrial Security Program, effective Feb. 1.

DCSA said Tuesday the conditionals seek to help government customers improve mission resilience by diverting cases from due process to monitoring conducted through the agency’s Continuous Vetting program.

According to a fact sheet issued by DCSA, only issues associated with five adjudicative guidelines may call for a conditional eligibility determination: criminal conduct; financial considerations; sexual behavior; drug involvement and substance abuse; and alcohol consumption.

The fact sheet states that conditional eligibility seeks to support access to sites or classified data and details the actions required of the facility security officer and subjects with regard to conditional eligibility determinations.

The conditional eligibility determination process will not only facilitate collaborative risk management but will also provide subjects with a chance to “maintain access where they would have otherwise lost their eligibility thus, maximizing mission readiness,” the document states.

/
Office of National Cyber Director Issues 2023 Year-End Report on Open Source Software Security Initiative
Published on
Office of National Cyber Director Issues 2023 Year-End Report on Open Source Software Security Initiative

The Office of the National Cyber Director published its annual findings about the projects, challenges and ecosystem of open-source software.

The 2023 year-end report evaluates the Biden administration’s Open-Source Software Security Initiative, which is part of the National Cybersecurity Strategy, the White House announced Tuesday.

The document enumerates efforts to engage the open-source software community in the past year, including issuing a request for information on securing the technology’s foundations, sustaining governance and communities within the sector, fostering innovation and strengthening international collaborations.

In a statement, ONCD pledged to work together with software developers and the private sector to “invest in the development of secure software, including memory-safe languages and software development techniques, frameworks, and testing tools.”

GAO Report Calls out Federal Agencies for Inefficient Tracking of Acquired Software Licenses
Published on
GAO Report Calls out Federal Agencies for Inefficient Tracking of Acquired Software Licenses

A study by the Government Accountability Office found inconsistencies and insufficient data on software purchases made by 24 federal agencies, causing gaps in software license inventory.

The GAO report that was released on Monday highlighted that the highest payment amounts for software cannot be identified and may be costing the government more money due to inefficiency.

The government watchdog interviewed 24 chief financial officers from federal agencies including the Departments of Agriculture, Energy and Housing and Urban Development. They reported Microsoft, Adobe, Salesforce, Oracle and ServiceNow as the highest-paid vendors for fiscal year 2021.

However, GAO could not determine which of the companies’ licensed products were most widely used because the government respondents did not have a standardized system for tracking the number of required licenses for each of the products.

GAO recommended that the agencies compare their inventory of purchased licenses with that of currently used licenses to avoid unnecessary costs for the government, which invests more than $100 billion in software and other IT and cyber-related products.

/
Todd Conklin Appointed Treasury Chief AI Officer & Deputy Assistant Secretary of Cyber
Published on
Todd Conklin Appointed Treasury Chief AI Officer & Deputy Assistant Secretary of Cyber

Todd Conklin, a cyber executive with over 16 years of federal government experience, has been appointed chief artificial intelligence officer and deputy assistant secretary of cyber at the Department of the Treasury.

He announced his new post Tuesday on LinkedIn and assumed the position after serving as deputy assistant secretary for the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection.

His Treasury career includes roles such as chief information officer for innovation and intelligence, chief data officer, deputy associate director and senior sanctions investigator.

He joined the department in September 2010 as the Office of Foreign Assets Control’s liaison to the Afghanistan Narcotics Police/Interdiction Unit.

Prior to joining the Treasury, Conklin was an investigator at the U.S. Secret Service and an intelligence officer at the National Geospatial-Intelligence Agency.

/
CISA Releases New Mitigations Against Ivanti Connect Secure & Policy Secure Vulnerabilities
Published on
CISA Releases New Mitigations Against Ivanti Connect Secure & Policy Secure Vulnerabilities

The Cybersecurity and Infrastructure Security Agency has released new mitigations to address vulnerabilities in Ivanti’s Connect Secure and Policy Secure platforms and warned that threat actors have developed workarounds to current detection methods.

CISA said Tuesday cyberthreat actors continue to exploit vulnerabilities in Ivanti’s remote access virtual private network devices to capture credentials or drop webshells to enable remote access to compromised enterprise networks.

The agency is urging federal civilian agencies running Ivanti Connect Secure and Policy Secure gateways to perform continuous threat hunting on any systems connected to the devices and monitor authentication, account usage and identity management services.

Agencies must also isolate potentially exposed systems from any enterprise resources as much as possible.

CISA recently released an emergency directive warning against weaknesses in two Ivanti devices that enable malicious threat actors to exfiltrate data and establish persistent system access.

/
BlackSky to Further Develop AI-Based Broad Area Search Tech Under IARPA Contract
Published on
BlackSky to Further Develop AI-Based Broad Area Search Tech Under IARPA Contract

BlackSky Technology will transition its artificial intelligence-enabled software platform to the third phase of SMART, or the Space-based Machine Automated Recognition Technique program, through a contract with the Intelligence Advanced Research Projects Activity.

Phase III of the SMART program will see the transfer of technologies for broad area search missions into other programs of the U.S. government, BlackSky said Tuesday.

“BlackSky built a high-performance machine learning operations (MLOps) architecture for the SMART program that was originally designed to manage the analysis of one million square kilometers of land,” said Patrick O’Neil, chief technology officer at BlackSky.

“That foundational technology is now generating value elsewhere on other U.S. government search and discovery efforts, where we are analyzing more than 30 million square kilometers – more than 20 percent – of the Earth’s surface every month,” O’Neil added.

BlackSky Spectra is an AI-based tasking and analytics software that works to analyze vast areas of the Earth’s surface to provide a baseline view of aggregate change over time.

POC - 5th Annual Artificial Intelligence Summit

Register here to attend the Potomac Officers Club’s 5th Annual Artificial Intelligence Summit on March 21 and hear federal leaders and industry experts discuss the latest developments in the field.

/
Latest Edition of Mitre Cybersecurity Evaluation Program to Tackle Ransomware, Threats to macOS
Published on
Latest Edition of Mitre Cybersecurity Evaluation Program to Tackle Ransomware, Threats to macOS

Common behaviors associated with ransomware campaigns will be tackled in the sixth round of MITRE Engenuity‘s ATT&CK Evaluations, a program that seeks to assess the capabilities and performance of enterprise cybersecurity solutions.

MITRE said Tuesday that applications are already being accepted for the latest round of ATT&CK Evals, whose focus on ransomware stems from the malware type’s persistence as “one of the most significant cybercriminal threats across industry verticals,” according to Amy Robertson, the program’s principal cyber threat intelligence analyst.

Due to the Democratic People’s Republic of Korea targeting macOS, the latest Evals round will also tackle Apple‘s laptop and desktop operating system.

“The DPRK has emerged as a formidable cyber threat, and they have progressively been expanding their focus to macOS as they work to evade international sanctions,” Robertson noted.

For his part, ATT&CK Evals General Manager William Booth said he and his organization were thrilled to expand the scope of the program to include macOS, a move that underscores a “commitment to comprehensive, platform-diverse assessments.”

Results of the evaluations will be released in the fourth quarter of 2024. Those interested in undergoing assessment have until April 30 to apply.

/
Derek Tournear: SDA to Continue to Rely on Fixed-Price Contracts
Published on
Derek Tournear: SDA to Continue to Rely on Fixed-Price Contracts

Derek Tournear, director of the Space Development Agency, wrote an article explaining whether industry’s reluctance to compete for fixed-price contracts affects SDA’s business model.

In a LinkedIn article published Wednesday, he said that it does not affect the agency’s business model because SDA relies on a “healthy supplier base” to provide ground systems and satellites for the Proliferated Warfighter Space Architecture designed to deliver space capabilities to warfighters.

He shared his thoughts on SDA’s two key pillars: proliferation and spiral development.

“SDA’s commitment to compete every layer of every tranche helps create this robust and diverse marketplace,” Tournear wrote. “SDA has also been very vocal and transparent – we will utilize fixed price contracts to incentivize speed and technical maturity in bids.”

The SDA chief noted that the agency’s business model focuses on schedule. By requiring order to orbit in about 30 months, the prime contractor is forced to focus on mature technologies, enabling them to implement a low-risk technical approach.

Tournear, a previous Wash100 awardee, also discussed the advantages of locking the contractor into a single tranche over a three-year period and competing each capability each time to vendors and SDA.

“SDA will continue to rely on fixed price contracts as we compete every layer for every tranche, and we look forward to continuing our strong partnership with industry so that they will continue to deliver the PWSA to give the warfighter the capabilities they need, and on time!” he added.

POC - 2024 Space Summit

SDA Director Derek Tournear will deliver a keynote at the Potomac Officers Club’s 2024 Space Summit on March 5. Register here to hear Tournear and other government leaders, industry executives and other experts discuss the latest space technologies, commercial investments and urgent issues facing the space domain.

/
Executive Mosaic Awards 2024 Wash100 to CDAO Craig Martell & CGI Federal President Stephanie Mango
Published on
Executive Mosaic Awards 2024 Wash100 to CDAO Craig Martell & CGI Federal President Stephanie Mango

The Department of Defense’s top artificial intelligence executive and the leader of the federal business of information technology and consulting company CGI have been elected to the 2024 Wash100 by Executive Mosaic.

This is Chief Digital and Artificial Intelligence Officer Craig Martell’s second consecutive recognition and CGI Federal President Stephanie Mango’s third. The Wash100 Award annually celebrates the most outstanding figures in the government contracting landscape, praising the sector’s great leaders and innovators and placing votes of confidence for those the organization believes will be most influential in the coming months and years.

Martell secured his spot by directing his office toward consistently advocating for safe and secure AI usage in the U.S. In 2023, it collaborated with the Massachusetts Institute of Technology to enrich education about the technology and stood up Task Force Lima, a key effort to minimize risk and promote positive usages of generative AI. To learn more about Martell’s qualifications, read his GovCon Wire profile here.

Mango also sung the praises of AI in a November video interview with Executive Mosaic’s Summer Myatt. She led CGI to a massive contract from the U.S. Environmental Protection Agency and a five-year U.S. Strategic Command award, among many other accomplishments in 2023. Read about her high-achieving year in ExecutiveBiz here.

Executive Mosaic extends its congratulations to Craig Martell, Stephanie Mango and their teams. If you’d like to vote for either of them, or some of your other favorite 2024 Wash100 winners, in the popular vote contest, do so before April 30! The sooner, the better.

/
Department of Energy Seeks Industry Input for Carbon Capture Technology Development Efforts
Published on
Department of Energy Seeks Industry Input for Carbon Capture Technology Development Efforts

The Office of Fossil Energy and Carbon Management at the Department of Energy has issued a request for information concerning U.S. government efforts to achieve a net-zero emissions economy by 2050.

FECM said Monday that it is seeking input from industry, academia and other stakeholders that would help with potential projects focused on the development, demonstration and deployment of carbon capture, storage and conversion technologies.

Responses to the RFI will be used to, among other things, identify challenges and gaps in knowledge and determine new areas of innovation. Of particular importance to the DOE is input from a number of sectors, including those that produce petrochemicals, liquified natural gas, aluminum and iron and steel.

Interested parties have until March 14 to respond.

1 378 379 380 381 382 2,624