/
NIST Report Describes Creation of Enterprise Risk Profile
Published on
NIST Report Describes Creation of Enterprise Risk Profile

The National Institute of Standards and Technology has released a report that explores methods for combining cybersecurity risk management information to come up with an enterprise risk profile that could be used to inform enterprise risk management decision-making and other actions by agency officials and corporate executives.

The NIST Internal Report 8286C supports other reports in the 8286 series covering enterprise risk management and cybersecurity risk management, the agency said Wednesday.

This report describes how the CSRM Monitor, Evaluate, and Adjust (MEA) process supports enterprise risk management. This process also supports a repeatable and consistent use of terms, including an understanding of how the context of various terms can vary depending on the enterprise’s perspective,” the document reads.

The latest report discusses how enterprise risk strategy, tolerance, capacity, appetite and other risk governance elements direct risk performance and continues the discussion over CSRM results and priorities to improve understanding of enterprise impacts of cybersecurity risks on mission, reputation and financial considerations.

/
CISA, NSA Publish Report on Open RAN Security Considerations; Mona Harrington Quoted
Published on
CISA, NSA Publish Report on Open RAN Security Considerations; Mona Harrington Quoted

The Cybersecurity and Infrastructure Security Agency and the National Security Agency have issued a document outlining the security considerations when implementing a 5G open radio access network infrastructure.

Some of the security considerations discussed in the paper are multivendor management; Open Fronthaul security; rApps and xApps; artificial intelligence and machine learning; and other network considerations including open source software, distributed denial-of-service and virtualization and cloudification, CISA said Thursday.

Open RAN is an exciting concept, one that opens up several doors to innovation, improved network performance, and a more diverse and competitive cyber ecosystem,” said Mona Harrington, acting assistant director of CISA’s National Risk Management Center.

However, with those benefits come the potential for additional security concerns. As a community, we must work together to not only identify these concerns but also develop the practices and architecture to mitigate them,” Harrington added.

Since Open RAN is implementing technologies found in 5G core networks, organizations fielding Open RAN would benefit from adhering to best security practices applied to 5G operations and deployments, according to the report.

NSA and CISA published the paper through the Enduring Security Framework.

/
DISA Seeks Info on Technical, Engineering Support Sources for DEOS Cloud Program
Published on
DISA Seeks Info on Technical, Engineering Support Sources for DEOS Cloud Program

The Defense Information Systems Agency is soliciting information on potential industry sources of technical and engineering services in support of the Defense Enterprise Office Solution program.

DISA wants information on potential vendors that could support the integration of existing Department of Defense applications and infrastructure within a cloud environment and provide services in the areas of risk analysis and mitigation, cybersecurity policies and reports, service desk, configuration management and lifecycle cost analysis, according to a sources sought notice published Tuesday.

Potential offerors should have knowledge and experience in cloud computing infrastructure and information technology; integration, testing, sustainment and migration; infrastructure development and design; and voice, video, records management, productivity tools and collaboration services.

The needed support services will cover the department’s user base across secret and non-classified internet protocol router networks, denied environments and future domains.

DISA expects the performance period for the DEOS technical and engineering support requirement to kick off on June 7, 2023 and run through June 6, 2026.

According to the notice, Booz Allen Hamilton provides engineering, programmatic and technical services for DOD’s DEOS cloud adoption effort under a sole-source contract.

Interested vendors should submit capability statements through Sept. 28.

/
NASA Extends ISS National Lab Management Contract With Nonprofit CASIS
Published on
NASA Extends ISS National Lab Management Contract With Nonprofit CASIS

The Center for the Advancement of Science in Space will continue to manage an International Space Station segment that operates as a U.S. national laboratory through 2027 under an extended cooperative agreement with NASA.

CASIS helps the agency maximize the space community’s access to the ISS National Laboratory and create new commercial destinations in low-Earth orbit, NASA said Thursday.

The nonprofit organization, located at the Kennedy Space Center’s Space Life Sciences Laboratory, started managing the lab in 2011 and signed a new agreement with NASA in 2017 to extend its services through 2024.

The ISS National Laboratory has sponsored space-based research and development projects that produced more than 150 peer-reviewed articles over the past decade.

“Extending our cooperative agreement through 2027 now is important to provide continuity for our user community while we look toward how this model should evolve as we begin the transition to commercial low-Earth orbit destinations later in the decade,” said Robyn Gatens, director of the ISS and NASA liaison to the ISS National Lab.

/
Verizon Establishes 5G-Powered Innovation Hub in Collaboration with University of South Carolina; Jennifer Artley Quoted
Published on
Verizon Establishes 5G-Powered Innovation Hub in Collaboration with University of South Carolina; Jennifer Artley Quoted

Verizon has teamed with the University of South Carolina to create a 5G-powered facility for experimentation in a variety of fields that serve the public good.

Located in the McNair Center in Columbia, South Carolina, the Innovation Experience Hub allows USC students to participate in study projects that examine manufacturing, healthcare and civil infrastructure and more, enabled by a Verizon 5G Ultra Wideband network, the New York City-based company said Friday.

“Working with the University of South Carolina, we have a great opportunity to collaborate with dozens of partners to ideate and develop new 5G-powered solutions leveraging the latest technologies, including large-scale IoT, artificial intelligence, computer vision and augmented reality,” commented Jennifer Artley, senior vice president of 5G acceleration at Verizon Business.

On the network, researchers are expected to work on enhancing manufacturing activities like quality sensing and defect identification. For healthcare purposes, they will examine the impacts of remote health monitoring on emergency response as well as determine how 5G can assist real-time analysis of patient vitals, in addition to hospital connected asset facilitation.

In the realm of civil infrastructure, Innovation Experience Hub participants will navigate the different ways 5G communications can be used to oversee the conditions of roads and bridges, report statistics about various structures and be harnessed for drone-based imagery of roads, bridges and buildings via AI computer vision.

The new USC facility is the latest in a growing list of 5G labs established by Verizon across the U.S. These destinations are consistently motivated by partnerships with clients throughout the public and private sectors — startup businesses, universities and government/military entities, among others — to see how 5G can change and expand industries.

Earlier this week, Verizon was tapped by the Department of Defense to build a private 5G network at Joint Base Pearl Harbor Hickham.

New FTC Rule Would Fortify Defenses Against Frauds, Scams; Samuel Levine Quoted
Published on
New FTC Rule Would Fortify Defenses Against Frauds, Scams; Samuel Levine Quoted

In order to counteract a spike in costly scam activity over the last several years, the U.S. Federal Trade Commission has put forward a potential new rule that would allow for financial justice to be served to fraudulent wrongdoers and their victims.

The legislation seeks to codify that acts wherein a criminal impersonates a government or business in order to extract money or identity is in violation with the FTC Act and would assist the FTC in taking action against scammers in the form of compensation or civil penalties, the FTC said Thursday.

Samuel Levine, director of the bureau of customer protection at the FTC, stated that the rule would necessarily strengthen the resources at the Commission’s disposal to fight back against this perpetuating and widespread problem.

“We look forward to comments from the public on our efforts to deter fraud, hold impersonators accountable, and secure redress for consumers,” Levine added.

The rule builds on an Advanced Notice of Proposed Rulemaking that was introduced in December 2021, which was received positively by the public in over 160 public comments in support of the action.

If accepted, the rule would deem unlawful perpetrators’ misuse of government seals or business logos; the imitation of government business emails and web addresses; and providing misleading and untrue information about one’s affiliation with a government agency or business via implication or outright lie.

The FTC’s proposed law is attempting to mitigate a problem that has reportedly been growing exponentially since 2017. The bad actors often impersonate a lottery official, government personnel or a staff member of a reputable business or charity, employing deceitful branding tactics and digital disguises to feign legitimacy. Scammers are ostensibly seeking personal information that can be invoked to commit identity fraud and are known to demand funds through wire transfer, gift cards or, in a recent surge of popularity, cryptocurrency.

In the recent case AMG Capital Management LLC v. FTC, the Supreme Court put constrictions on the Commission’s power to compensate and return funds to scammed citizens. Thus, the FTC sees the new rule as a way forward to try and regain a fortified defense against this wave of fraudulent behavior.

///
Verizon to Construct Private 5G Network at Pearl Harbor Hickham Under DoD Contract; Maggie Hallbach Quoted
Published on
Verizon to Construct Private 5G Network at Pearl Harbor Hickham Under DoD Contract; Maggie Hallbach Quoted

The U.S. Department of Defense has tapped Verizon to install and maintain a private 5G network located in an aircraft maintenance hangar at a joint military base in Hawaii.

The Tranche 2 contract award given to Verizon is worth $11.5 million. On the network constructed under the award, personnel stationed at Joint Base Pearl Harbor Hickham will be able to utilize high-speed, high-bandwidth and low-latency 5G benefits, the New York City-based company said Thursday.

“Verizon Public Sector is proud of its partnership with the U.S. Armed Forces and  excited about the digital transformation work already underway in a selected test area at Joint Base Pearl Harbor Hickam,” said Maggie Hallbach, senior vice president for Public Sector at Verizon.

Hallbach is referencing the company’s construction and implementation of a commercial 5G UW mmwave tower at JBPHH that began a few months back. Verizon has also been involved in 5G network installations for clients such as Virginia International Seaports, who contracted Verizon Business to build a 5G Ultra Wideband network in July.

For the 5G work at JBPHH, Verizon is set to team with Ericsson, leveraging the Ericsson Private 5G platform and its attendant core and radio access network features.

The technological upgrade is seen as a potential way to boost mission effectiveness for the base. Specifically, aircraft maintenance staff members are planning to use the network, in conjunction with the UW mmwave tower, to deploy foreign object detection technology as well as various airplane maintenance programs and a variety of user equipment devices. Testing these tools on 5G at JBPHH will be viewed as a trial run for expanding the capability to other bases.

///
ManTech Made Private Through Finalized Purchase by Carlyle; Chairman Kevin Phillips Quoted
Published on
ManTech Made Private Through Finalized Purchase by Carlyle; Chairman Kevin Phillips Quoted

National security technology developer ManTech International has finalized its $4.2 billion all-cash acquisition by investment firm Carlyle, which was first announced in May.

Now that the transaction is complete, ManTech will be a private entity—after being publicly listed for the last 20 years—thus, ending its tenure trading in the NASDAQ Global Select Market, the Herndon, Virginia-headquartered company said Thursday.

Kevin Phillips, CEO, chairman and president of ManTech, characterized the sale of the company as the start of a new and promising era and stated that Carlyle’s team of financial experts will add value to the company’s strategic direction and mission.

Phillips, a six-time recipient of the Wash100 Award, also said that this was one more step in the organization’s over five-decade timeline of continuous growth and evolution for its “portfolio of differentiated solutions.”

Along with their new home under the Carlyle umbrella, ManTech also acquired system engineering, software engineering and information technology provider Technical and Management Assistance Corporation in January along with digital and systems engineering company Gryphon Technologies in late December 2021.

ManTech anticipates that the same reliable and responsive dynamics with its customers will proliferate under its new ownership, as will the experience of its more than 9,800 employees. Additionally, it will continue to operate out of its home base in Herndon.

“We are pleased to complete the transaction and look forward to partnering with ManTech to advance the mission of its customers across the federal government,” commented Dayne Baird, managing director of aerospace and government services at Carlyle.

Now that ManTech common stock has stopped circulation in trade, $96 per share will be distributed to all stockholders in cash.

/
Senate Panel Questions TikTok on Chinese Ties, Access to US User Data
Published on
Senate Panel Questions TikTok on Chinese Ties, Access to US User Data

Senate Homeland Security and Governmental Affairs Committee members heard testimony from a TikTok executive on the mobile video sharing platform’s connection to China and access to data on U.S. users of the application, The Wall Street Journal reported Wednesday.

Vanessa Pappas, chief operating officer of TikTok, told lawmakers at a meeting Wednesday that the platform is working to address concerns by the government on potential national security risks of the entertainment app owned by Chinese technology company ByteDance.

Pappas said the video service provider will “go above and beyond” as it hopes to reach an agreement with the Committee on Foreign Investment in the U.S. regarding access and control.

In late June, Tiktok CEO Shou Zi Chew informed Republican senators in a letter about the company’s data security initiative dubbed Project Texas.

The platform also teamed up with software vendor Oracle to route U.S. user traffic via domestically hosted cloud infrastructure.

/
OCC Names Nina Chen as New Chief Climate Risk Officer
Published on
OCC Names Nina Chen as New Chief Climate Risk Officer

Nina Chen, a chemical engineer with experience working in the financial services sector, has been appointed to serve as the chief climate risk officer of the Office of the Comptroller of the Currency.

She will succeed Jonathan Fink, who assumed the climate risk duties in an acting capacity in March, and will report directly to Michael Hsu, acting comptroller of the currency, the OCC said Tuesday.

Chen most served as executive deputy superintendent of the climate division at the New York State Department of Financial Services. In this capacity, she was responsible for facilitating the adoption of climate-related financial risk management activities in the financial sector.

She also served as vice-chair of the Climate Risk Steering Group at the International Association of Insurance Supervisors and director of conservation investments at the Nature Conservancy.

“We are fortunate to have someone with her background and experience in both finance and climate-related financial risk to lead the agency’s risk management work in this area,” Hsu said.

1 728 729 730 731 732 2,617