/
NIST’s National Cybersecurity CoE Issues Draft Reports on Hardware-Enabled Security, Trusted Cloud
Published on
NIST’s National Cybersecurity CoE Issues Draft Reports on Hardware-Enabled Security, Trusted Cloud

The National Cybersecurity Center of Excellence (NCCoE) is seeking public comments on three draft reports on trusted cloud and hardware-enabled security

Two of the draft reports focus on hardware-enabled security and the first one looks at security technologies and techniques that can enhance data protection and platform security for edge computing and cloud data centers, the National Institute of Standards and Technology said Wednesday. 

The second draft report discusses an approach for securing container deployments in multitenant cloud environments and “describes a prototype implementation of the approach intended to be a blueprint or template for the general security community,” the document’s abstract reads. 

The third draft report titled Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments seeks to build a trusted cloud platform that will demonstrate how trusted compute pools using hardware roots of trust can deliver the needed security capabilities.

Comments on the draft reports are due Dec. 6th. 

//
FedRAMP Plans to Apply CISA’s .govCAR Method to Other Authorization Aspects; Zach Baldwin Quoted
Published on
FedRAMP Plans to Apply CISA’s .govCAR Method to Other Authorization Aspects; Zach Baldwin Quoted

The Federal Risk and Authorization Management Program (FedRAMP) recently teamed up with the Cybersecurity and Infrastructure Security Agency (CISA) to apply CISA’s .govCAR methodology to score security controls of cloud service providers based on their capability to detect and respond to threats and now intends to use the framework to eight other aspects of the FedRAMP authorization process, FedScoop reported Thursday.

CISA uses the .govCAR method to perform threat-based assessments of cyber capabilities. 

FedRAMP now plans to integrate the methodology into annual reviews to focus on threat-based controls and use it in the agile authorization process. The program is also eyeing to use framework to help prioritize remediation initiatives, improve continuous monitoring of systems and facilitate the decision-making process with threat-based data. 

“FedRAMP is exploring how this data can be used to create a risk profile of each security capability in support of authorization decisions,” said Zach Baldwin, program manager for strategy, innovation and technology within FedRAMP’s program management office at the General Services Administration.

Baldwin noted that FedRAMP is performing control assessments and intends to issue updated risk scoring in an upcoming blog post.

//
NSA, CISA Release Guidance on 5G Cloud Security; Cyber Director Rob Joyce Quoted
Published on
NSA, CISA Release Guidance on 5G Cloud Security; Cyber Director Rob Joyce Quoted

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have jointly published new guidance to help organizations detect malicious cyber activity in the 5G cloud.

The Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement helps organizations address lateral movements made by cyber actors that have breached through a 5G cloud system, NSA said Thursday.

The document is the initial entry to a four-part series produced by the Enduring Security Framework public-private working group, which tackles high-priority cyber issues threatening U.S. infrastructure.

“This series exemplifies the national security benefits resulting from the joint efforts of ESF experts from CISA, NSA and industry,” said Rob Joyce, cybersecurity director at NSA.

NSA’s list of cybersecurity guidance can be found here.

//
Former DOE, DHS CIO Karen Evans Now Cyber Readiness Institute’s New Managing Director
Published on
Former DOE, DHS CIO Karen Evans Now Cyber Readiness Institute’s New Managing Director

Karen Evans, an over two-decade cybersecurity policy official, has joined Cyber Readiness Institute as the new managing director overseeing its day-to-day operations.

CRI said Wednesday that Evans will help it in providing free cybersecurity tools and resources to improve the cyber readiness of small and medium-sized enterprises around the world.

The newly appointed director previously served as a chief information officer for both departments of Energy and Homeland Security and an administrator for the Office of Management and Budget’s Office of Electronic Government and Information Technology.

She also founded the non-profit organization U.S. Cyber Challenge that delivers training for cybersecurity professionals with the help of partner universities.

“Karen’s extensive credentials and experience addressing cybersecurity issues from within government and the private sector distinguished her as the best person to help lead CRI to new heights,” explained Sam Palmisano, co-chair of CRI and chairman of The Center for Global Enterprise.

/
Jacobs JV Wins $8.3B DOE Contract for Oak Ridge Reservation Cleanup; Karen Wiemelt Quoted
Published on
Jacobs JV Wins $8.3B DOE Contract for Oak Ridge Reservation Cleanup; Karen Wiemelt Quoted

Jacobs has secured a potential ten-year, $8.3 billion Oak Ridge Reservation Cleanup Contract to perform environmental clean-up services in support of the Department of Energy’s mission.

The new indefinite-delivery/indefinite-quantity contract was awarded to United Cleanup Oak Ridge, a joint venture between Jacobs, Amentum and Honeywell, and it will replace the East Tennessee Technology Park contract Jacobs received in 2011, the company said Thursday.

Environmental clean-up work will be performed at Oak Ridge Reservation locations including the East Tennessee Technology Park, the Oak Ridge National Laboratory and the Y-12 National Security Complex.

Karen Wiemelt, senior vice president and general manager of energy, security and technology for Jacobs said the contract represents a continuation of the company’s long-standing relationship with the DOE and demonstrates Jacobs’ values of sustainability and positive community impact.

“Jacobs has supported the DOE’s Office of Environmental Management’s (EM) mission at Oak Ridge since 2003 to support the clean-up of the ORR and our commitment to creating and preserving more than 2,000 high-quality jobs in the area,” Wielemt explained.

Under the contract, UCOR and its team of pre-selected small businesses, which includes Environmental Alternatives, RSI EnTech, Strata-G and Longenecker & Associates, will perform clean-up support services such as designing, constructing and operating a new Environmental Management Disposal Facility as well as maintenance and operational activities at ORR sites.

Recently, Jacobs was also awarded a spot on a $1.14 billion Army Munition site cleanup contract to help the service branch address and mitigate munition-related environmental and public health risks.

//
Gen. John Hyten on Integrated Air and Missile Defense, China’s Hypersonic Weapon Test
Published on
Gen. John Hyten on Integrated Air and Missile Defense, China’s Hypersonic Weapon Test

Gen. John Hyten, vice chairman of the Joint Chiefs of Staff and a two-time Wash100 Award winner, said he was “probably” going to green-light “today or tomorrow” a new Integrated Air and Missile Defense (IAMD) requirement, Breaking Defense reported Thursday.

IAMD is one of the components of the Joint Warfighting Concept that is key to all-domain operations and emerged from a capability gap assessment that sought to inform the Missile Defense Review.

Hyten noted that China has conducted “hundreds” of hypersonic weapons tests in the past five years, while the U.S. has carried out nine of such tests.

He also shared his insights on challenges facing the Department of Defense when it comes to developing hypersonic weapons, missile defense technology and other defense platforms.

/
S2MARTS OTA Now Accommodates Both Research & Prototyping Projects
Published on
S2MARTS OTA Now Accommodates Both Research & Prototyping Projects

The Strategic and Spectrum Missions Advanced Resilient Trusted Systems (S2MARTS) contract vehicle now has the authority to execute research projects outside of an existing prototyping agreement.

The S2MARTS other transaction agreement can now accommodate both prototyping and basic, applied or advanced research projects through the 2371 authority, NSTXL, which manages the OTA, said Wednesday.

“Adding the 2371 authority is really exciting because this gives our clients the unique ability to advance from research to production all under one OTA vehicle,” said Brooke Pyne, director of S2MARTS.

Naval Surface Warfare Center Crane Division strategically consolidated research and prototyping into a single program to allow for a natural transition between the two phases.

NSTXL is offering free memberships under the S2MARTS research program to interested innovators, including new ones.

/
OMB Releases Memo on Financial Assistance Transparency Reporting Requirements
Published on
OMB Releases Memo on Financial Assistance Transparency Reporting Requirements

The Office of Management and Budget (OMB) has issued a memorandum outlining new reporting requirements meant to improve transparency of financial assistance data in compliance with the Federal Funding Accountability and Transparency Act.

Shalanda Young, acting director of OMB, wrote in the Tuesday memo that the document seeks to guide agencies on additional financial data that should be reported to and posted on USAspending.gov. 

For competitive discretionary grants and cooperative agreements, agencies must report to USAspending.gov the data element funding opportunity number and funding opportunity goals text, starting Oct. 1, 2023.

Starting April 4, 2022, agencies should also report the data element GRM indirect cost federal share amount for cooperative agreements and competitive discretionary grants.

OMB also directed agencies to report all assistance listings and related funding for each federal financial assistance award and report the revised period of the performance end date for cooperative agreements and grants. These two requirements took effect Oct. 1st.

/
DLA Uses Flexible Contracting Method to Meet Unique Customer Needs
Published on
DLA Uses Flexible Contracting Method to Meet Unique Customer Needs

The Defense Logistics Agency (DLA) is using specialized contracts to procure weapon system components, engineering and support services tailored specifically for the customer, DOD News reported Wednesday.

The captains of industry/supplier capabilities contracts (COI/SCCs) can accommodate various adjustments based on a customer’s unique needs. The agency can use COI/SCCs as umbrella contracts for multiple procurement models including direct delivery and performance-based logistics. 

COI/SCCs can apply various contract types and funding lines depending on customer requirements. This contracting approach addresses the U.S. Army’s need to streamline how the service buys blades for Chinook helicopters.

George Scheers, director of procurement operations at DLA Aviation, said the Army will transition from a performance-based logistics approach to the COI/SCC model following a collaboration between the agency and the service.

/
LMI’s Karen Britton Appointed to George C. Marshall International Center Board of Directors
Published on
LMI’s Karen Britton Appointed to George C. Marshall International Center Board of Directors

Karen Britton, chief digital officer and vice president of communications and marketing for LMI, has been appointed to the George C. Marshall International Center board of directors. LMI recently congratulated the new board member on her appointment in a LinkedIn post.

The George C. Marshall International Center is a Leesburg, Virginia-based non-profit organization which operates the historic house museum of Dodona Manor as part of its mission to develop visionary leaders on a global scale.

Britton, a certified Project Management Professional, joins the Center’s board with more than 25 years of experience delivering program management, customer relationships and strategic technology consulting services to organizations across public, private and non-profit sectors.

Prior to her role at LMI, Britton served as the White House chief information officer, under the Obama Administration, where she led a staff of 400 employees, oversaw a $46 million budget and spearheaded White House cybersecurity initiatives including Agile software development, cloud computing strategies and open-source approaches.

The newly appointed board member also previously served as deputy command information officer for Naval Sea Systems Command and taught as an adjunct faculty professor at the University of Maryland.

Additionally, Britton is a recipient of multiple recognitions including the Navy Meritorious Civilian Service Award as well as the National Women of Color in Technology Award.

1 969 970 971 972 973 2,626