/
New CISA Guide Focuses on Issuance of Software Vulnerability Exploitability Notices
Published on
New CISA Guide Focuses on Issuance of Software Vulnerability Exploitability Notices

The Cybersecurity and Infrastructure Security Agency worked with software and other IT experts to formulate a guide to help organizations decide when to issue a vulnerability exploitability exchange — a.k.a. VEX — information.

CISA said Monday that the document will facilitate the creation of machine-readable VEX data notices that will aid downstream software users in their own discernment of vulnerability risks.

VEX information is issued by software suppliers, researchers and related entities that need to assert the level of risk that their products’ vulnerabilities pose.

VEX data may be published when the weakness is found in upstream component, or if it has been publicly disclosed. Legal circumstances such as contract terms and government requirements may also warrant VEX issuance.

Issuers of VEX data should regularly update changes in status and time, and utilize automated response tools to support maintenance of the information, CISA stated.

Cybersecurity is one of the focal points at the Potomac Officers Club’s 2023 Homeland Security Summit on Nov. 15. Register here to attend the event.

POC - 2023 Homeland Security Summit
Mitre Outlines Recommendations on Harmonizing Critical Infrastructure Cybersecurity Regulations
Published on
Mitre Outlines Recommendations on Harmonizing Critical Infrastructure Cybersecurity Regulations

Mitre has developed recommendations on refining cybersecurity regulations to secure the U.S. critical infrastructure sector in response to a request for information from the Office of the National Cyber Director.

The Center for Data-Driven Policy led a cross-analysis of the RFI’s posed questions to help the ONCD develop evidence-based, actionable plans to address obstacles to harmonizing critical infrastructure cybersecurity regulations, the non-profit research organization said Friday.

According to Mitre, refinements to existing cybersecurity regulations or new policies must not specify technical requirements or implementation details for critical infrastructure owners and operators to avoid complicating continuous regulation harmonization.

Instead, regulations or administration guidance must provide sector risk management agencies with additional direction on shifting their focus to strengthening the mechanisms needed by critical infrastructure owners and operators and the industry vendors that support them.

/
Navy Issues Inaugural Blueprint to Implement Modernized Information Ecosystem; Scott St. Pierre Quoted
Published on
Navy Issues Inaugural Blueprint to Implement Modernized Information Ecosystem; Scott St. Pierre Quoted

The U.S. Navy has released a blueprint outlining the service branch’s holistic approach to modernizing its enterprise information systems, processes and technologies.

Jennifer Edgin, assistant deputy chief of naval operations for information warfare and acting deputy chief information officer at the Department of the Navy, issued the inaugural Navy Blueprint for a Modern Enterprise Information Ecosystem, the service said Monday.

According to the document, the blueprint seeks to inform the Navy’s investments in enterprise information technology and establish a common lexicon for IT modernization.

“It will, among other things, define the architectural characteristics that will support the future operating environment leveraging delivery of emerging technologies, standardize terminology to improve communication between stakeholders, and define methodologies that help identify capability gaps, and prioritize innovation,” Scott St. Pierre, director of enterprise networks and cybersecurity in the Office of the Deputy Chief of Naval Operations for Information Warfare, said of the Navy Blueprint.

The blueprint listed three strategic priorities: information system modernization, zero trust implementation and cyber ready transformation.

Shifting to a modern information ecosystem calls for the service to implement several capabilities, including cloud migration, network modernization and data center consolidation.

The document also includes information on the enterprise information system reference architecture, enterprise data model, microservices model and information governance.

“We’ll follow this release with enterprise implementation plans that will be developed via technical design meetings, data analysis, and focus groups,” added St. Pierre.

/
J&J Worldwide Services Secures USACE Contract for Military Health Facility Support; Steve Kelly Quoted
Published on
J&J Worldwide Services Secures USACE Contract for Military Health Facility Support; Steve Kelly Quoted

J&J Worldwide Services has received a four-year contract from the U.S. Army Corps of Engineers Mobile District to take over operations and maintenance services for a military health facility.

Under the contract, J&J will support Ireland Army Health Clinic in Fort Knox, Kentucky as well as related outlying areas, other facilities and incidental ancillary services, the Austin, Texas-based company shared with ExecutiveGov in an email sent last week.

“J&J is excited to add Ireland Army Health Clinic to our project portfolio and honored to have the opportunity to serve the Ft. Knox healthcare community,” said J&J CEO and President Steve Kelley.

The organization, said Kelly, is “very proud” of its performance track record and is “committed to providing an exceptional level of service.”

J&J has recently secured multiple contracts to provide operations and maintenance services for military health facilities. The first of these awards is intended to support Blanchfield Army Community Hospital in Fort Campbell, Kentucky, which the company has supported for more than 35 years. The company also booked a contract to assist the Fox Army Health Center in Redstone Arsenal, Alabama, extending a 25-year partnership with the institution.

“It is humbling to be a part of the legacy our team has built at Campbell and Redstone Arsenal over the years. We look forward to establishing another lasting partnership with the Ft. Knox facility customer,” Kelly said.

In May, J&J won a spot on another healthcare-focused contract. The potential 10-year, $75 billion Department of Health and Human Services award is intended to provide the department with management services for influx care facilities.

J&J Worldwide Services Secures USACE Contract for Military Health Facility Support; Steve Kelly Quoted

For a deep dive into the ways the U.S. government is working to improve healthcare operations, the Potomac Officers Club will host its 2023 Healthcare Summit on Dec. 6. At the event, experts from both the public and private sectors will come together to discuss the challenges and priorities in federal healthcare. To learn more and register to attend the event, click here.

Tadgh Smith: Deputy Assistant Director For The LESA At ICE
Published on
Tadgh Smith: Deputy Assistant Director For The LESA At ICE

With over three decades of experience, Tadgh Smith is definitely a seasoned leader in the government industry. He has led several projects and taken part in several acquisitions of the company he’s been with.

 

Learn more about Tadgh Smith’s priorities as the Deputy Assistant Director for the LESA At ICE and his leadership history.

 

Who is Tadgh Smith?

Tadgh Smith
Image from Tadgh Smith LinkedIn

Tadgh Smith is the current Deputy Assistant Director at U.S. Immigration and Customs Enforcement’s (ICE) Law Enforcement Systems and Analysis (LESA) division. He has been in the position for over 12 years, delivering innovation transformation throughout the national agencies.

 

Mr. Smith has worked with ICE since 2007 as a Senior Information Technology Specialist. He soon became the Unit Chief for Business transformation in 2008. Tadgh is a bachelor’s degree holder from the University of Wisconsin-Madison in 1988.

 

Leadership Timeline

Tadgh Smith spent most of his career at U.S. Immigration and Customs Enforcement with several positions. Before his current role at ICE, Mr. Smith had a long history of serving in prominent companies, such as IBM and Science Applications International Corporation, or SAIC. Here is the list of Tadgh’s history of leadership. 

 

  • 1991 – 1996: Senior System Network Administrator at Mattel (previously Pleasant Company)
  • 1999 – 2000: Director of Information Systems at Georgetown University 
  • 2000 – 2003: Assistant Vice President at SAIC
  • 2003 – 2006: Senior Consultant at IBM
  • 2006 – 2007: Supervisory Information Technology Specialist at the U.S. Department of the Treasury
  • 2007 – 2008: Senior Information Technology Specialist at ICE
  • 2008 – 2011: Unit Chief, Business Transformation at ICE
  • 2011 – Present: Deputy Assistant Director at ICE

 

2023 Homeland Security Summit Speaker

2023 Homeland Security Summit

 

Tadgh Smith is one of the invited speakers of the upcoming 2023 Homeland Security Summit hosted by the Potomac Officers Club. Guest speakers will discuss the current and potential concerns of military and national security. It includes how the U.S. government prioritizes protecting the homeland from dynamic and growing global threats. 

 

We invite you to join the 2023 Homeland Security Summit and witness Tadgh Smith speak about his insights into U.S. Homeland Security. Register here.

 

Find out the nation’s top security challenges and the measures being taken to address them. Learn more about how the respected leaders of Homeland Security are supporting next-generation technological initiatives for national interests. 

 

The event venue will be in The Westin Tysons Corner on November 15, 2023 (Wednesday), 7:00 a.m. – 2:15 p.m. We hope to see you there!

 

Tadgh Smith: Priorities as Deputy Assistant Director

In 2011, Tadgh Smith became the Deputy Assistant Director, contributing to achieving organizational goals. He also oversees large teams and multinational investments in technology. 

 

Under Mr. Smith’s purview is the development of Enforcement and Removal Operations (ERO). He ensures the ERO’s operational efficiency and mission effectiveness by integrating advanced methods and strategies.

 

Contributions and Accomplishments to the Industry

One of his notable accomplishments is a cross-government modernization program that implemented federal biometric information-sharing technologies influencing national security, law enforcement, and public safety worldwide. 

 

Some of his other contributions to the industry during his stay on ICE include the following:

 

  • Successfully implemented digital transformation across numerous federal departments 
  • Handled a $100 million budget and a workforce of hundreds from around the world
  • Implemented federal biometric information sharing for national security and law enforcement
  • Helped leaders and subordinates negotiate with unions, government, and county officials

 

During Tadgh’s tenure at SAIC, he led a 10-year, multi-agency effort valued at $34 million. He oversees the design and centralization of a multi-agency, online repository of federal telephone listings. This telephone listing project is now the U.S. Blue Pages. 

 

Mr. Smith is also an essential part of IBM’s bid for the GWAC with a $50 billion opportunity. He also built partnerships and technical strategies for acquiring new IT business opportunities.

 

NNSA Releases Final Site-Wide Environmental Impact Statement for Continued LLNL Operations
Published on
NNSA Releases Final Site-Wide Environmental Impact Statement for Continued LLNL Operations

The Department of Energy’s National Nuclear Security Administration has released a final report analyzing the potential environmental impacts of two alternatives for continuing the operations of the Lawrence Livermore National Laboratory.

A notice published Friday in the Federal Register states that the final LLNL site-wide environmental impact statement analyzes two alternatives: the no-action alternative, which will continue current LLNL operations supporting assigned missions, and the proposed action, which will include foreseeable new operations and facilities for the next 15 years.

The second alternative includes 75 new projects and 20 types of modernization, upgrade and utility efforts to address aging infrastructure concerns at LLNL.

Under the proposed action, NNSA will also decontaminate, decommission and demolish 150 facilities at the laboratory.

DOE will issue a record of decision based on the final LLNL SWEIS after Dec. 4.

/
NOAA Seeks Info on Licensing System for Commercial Remote Sensing Regulatory Affairs
Published on
NOAA Seeks Info on Licensing System for Commercial Remote Sensing Regulatory Affairs

The National Oceanic and Atmospheric Administration has begun soliciting information on a new licensing system for the Office of Space Commerce’s Commercial Remote Sensing Regulatory Affairs, a.k.a. CRSRA, as part of efforts to automate workflows and improve communication security with licensed entities.

CRSRA issues licenses for the operation of space-based remote sensing systems and monitors licensees’ compliance with the terms of their licenses, laws and other regulations.

According to a request for information published Friday, CRSRA wants input on industry concepts of a licensing system that combines automated or semi-automated licensing process workflows and self-service capabilities with records management and analysis functions.

Interested vendors are encouraged to provide a description of their software architecture and recommended platforms that could meet the five envisioned functions of the licensing system: licensing process automation, licensee self-service, records management, records analysis and system governance.

CRSRA has asked stakeholders to describe how their proposed architecture could meet each of the eight notional architecture properties outlined in the RFI: data centric; modular; well-defined application programming interfaces; containerized or containerizable components; open source software; cloud-based system that is provider-agnostic; monitoring and managing system component interactions; and controlled access.

Responses to the RFI are due Nov. 17.

/
NASA Reports Progress on Upper Stage Component for Artemis IV Space Launch System
Published on
NASA Reports Progress on Upper Stage Component for Artemis IV Space Launch System

NASA technicians have completed a portion of the fifth weld confidence article to be installed on the Space Launch System rocket.

The weld confidence article was built at the Michoud Assembly Facility in New Orleans, and will be part of the advanced upper stage of the SLS Block 1B configuration for the Artemis IV Moon mission, the agency said Friday.

The component belongs to the upper stage’s liquid oxygen tank to verify structural integrity. Before arriving at Michoud, the article’s dome was welded to the tank’s structural ring at the Marshall Space Flight Center in Alabama. Engineers from the Michoud and Marshall centers performed simultaneous tests and analysis to validate the hardware’s welding parameters.

NASA is also working with lead SLS contractor Boeing to construct structural test articles and SLS hardware structures at the New Orleans and Alabama facilities.

House Bill Looks to Reauthorize National Quantum Initiative Act
Published on
House Bill Looks to Reauthorize National Quantum Initiative Act

Reps. Frank Lucas, R-Okla., and Zoe Lofgren, D-Calif., have introduced a bipartisan bill to reauthorize the National Quantum Initiative Act to accelerate quantum research and development in the U.S.

The House Science, Space, and Technology Committee leaders said Friday the National Quantum Initiative Reauthorization Act would build on the accomplishments of the law enacted in 2018 to boost U.S. competitiveness against China and Russia.

The reauthorization bill requires the Office of Science and Technology Policy to develop a quantum research strategy; authorizes the National Institute of Science and Technology to establish three research centers focused on quantum sensing, measurement and engineering; and mandates that the National Science Foundation create a multidisciplinary coordination hub to create new workforce pipelines.

According to Lofgren, the 2018 National Quantum Initiative Act enabled significant progress in quantum information science and technology.

“We must now build upon these original investments to ensure the United States can remain the world leader in quantum—this bill will do that and more,” she continued.

/
Proposed Legislation Aims to Mandate Implementation of AI Risk Management Framework by Federal Agencies
Published on
Proposed Legislation Aims to Mandate Implementation of AI Risk Management Framework by Federal Agencies

Sens. Jerry Moran, R-Kan., and Mark Warner, D-Va., on Nov. 2 introduced the Federal Artificial Intelligence Risk Management Act with the aim of enabling the U.S. government to take advantage of the benefits of AI while mitigating risks.

The office of Sen. Moran said Thursday the proposed legislation will require federal agencies to incorporate into their AI management policies the AI Risk Management Framework, which was released by the National Institute of Standards and Technology earlier this year.

Sen. Warner said AI can facilitate innovation in industry but requires strong governance, adding: “It’s crucial that the federal government follow the reasonable guidelines already outlined by NIST when dealing with AI in order capitalize on the benefits while mitigating risks.”

Meanwhile, Sen. Moran issued that AI could positively impact government and private industry but noted that “it would be naive to ignore the risks” that come with the new technology.

“The sensible guidelines established by NIST are already being utilized in the private sector and should be applied to federal agencies to make certain we are protecting the American people as we apply this technology to government functions,” Warner said.

Companion legislation will be introduced in the House of Representatives by Rep. Ted Lieu.

1 418 419 420 421 422 2,609