The staff at AFCEA headquarters wishes everyone a safe and joyous holiday season. HQ offices will be closed on Monday and Tuesday, Dec. 26 and 27,  as well as on Monday, Jan. 2, 2012. See you next year!

By Dan Barber

From securing the cloud to unwrapping new architecture compliance requirements, 2011 was a busy year for the tech public sector. In the New Year’s spirit of renewal and rededication, here are five resolutions federal agencies should make.

1. Leverage IT to meet budget requirements
The government fiscal landscape changed radically in the last year with budget cuts across the majority of federal agencies. The Obama’s Administration fiscal 2012 budget proposal calls for a five-year discretionary spending freeze along with $33 billion in additional cuts.

Yet, there is a reason why federal IT spending to commercial contractors is expected to grow five percent annually. Dashboards, information collection systems, computing and business analysis programs will be key tools for agencies to meet increasingly demanding mission requirements with shrinking budgets in 2012. Needless to say, adoption will not move forward without security protocols and safeguards.

2. Secure the cloud
Steven Van Roekel may be the new Federal CIO, but Vivek Kundra’s “cloud-first” legacy will carry on into 2012. Over the long term, the cloud will save agencies some of the cost of purchasing, designing and installing IT infrastructures. According to a Brookings Institute study, the cloud could help agencies save up to 50 percent in IT costs.

However, satisfying mission-critical government system requirements and truly securing public, community, and private clouds will be a major undertaking for agencies in 2012. It will require targeted investments, strong project management, systems engineering, and hard-to-find expertise.

The move to the cloud is happening–Renub Research estimates the federal IT budget devoted to cloud computing spending to reach nearly $1 billion by 2014–and agencies should resolve to lead rather than trail the pack.

3. Move toward a secure mobile workplace
As tablets and smartphones take hold in our personal lives, the benefits of a mobile workforce have become apparent across the federal government and in particular to agencies like the Federal Emergency Management Agency (FEMA) and the United States Census Bureau. The 2011 5.8 magnitude D.C. earthquake also underscored the need for agencies to develop reliable remote access policies and solutions for continuity of operations. Agencies will need to adapt to working with new protocols and technologies that enable remote collaboration.

In establishing remote access frameworks, agencies should resolve to: build management support, define essentials to demonstrating ROI, measure productivity, and supply secure, and affordable telework technology.

While supporting a large number of mobile devices is not without a fair share of challenges, a Bring Your Own Device (BYOD) policy could increase employee satisfaction, provide technical advances and lower costs. BYOD is not without its challenges, but several organizations are running pilots to work through those challenges sooner rather than later.

4. Continuously monitor cyber defenses
In 2012, government agencies will not only battle rogue individuals trying to “brute force” a firewall password or hack into a single perimeter system, but a long-term sustained attack by organized cyber criminals.

With advanced persistent threats becoming more and more sophisticated, government agencies should resolve to continuously monitor, track, and analyze cyber attacks with proactive training engagements including frequent penetration testing and simulated cyber and social engineering attacks.

5. Bridge disparate systems
One of the challenges of the nation’s cyber defense is that agencies rely heavily on disparate networks and systems, which in turn increases their vulnerability.

As federal CIOs look to consolidate and bridge disparate systems in 2012, it will be important not to overlook the human factor. Coordinating a wide array of stakeholders involved in the process will require well-defined policies and programs and collaboration.

Daniel Barber serves as Program Director for the Homeland Security Group within Dynamics Research Corporation (DRC). In his role, Mr. Barber works closely with some of the largest government agencies to implement information security strategies and policies that align with the mission goals of the federal government.

The views expressed by our guest bloggers are their own and do not necessarily reflect the views of AFCEA International or SIGNAL Magazine.

Earlier this year, detailed information about the bomb resistance of a new Department of Defense (DoD) building in Virginia was compromised. Reuters broadcast the information worldwide. The news organization did not obtain the document by hacking network systems, but rather accessed the “official use only” document on the Army Corps of Engineers website. This incident is just one example of the thousands of data breaches that occur as a result of internal information leakage rather than an outside attack.

In their 2011 Information Security Report, the U.S. Government Accountability Office (GAO) shed light on why internal leaks are so prevalent. The report’s survey of 24 major federal agencies found that employees with significant responsibilities are not properly trained on security measures. To that end, there is a critical need to further educate government personnel on how to keep sensitive information secure.

With tightening budgets and increasingly demanding performance requirements, agencies must resist the temptation to be compliance-driven and exclusively rely on quick fixes. A holistic approach bringing together people, processes, and technology into an enterprise-wide solution and a strong risk management framework is a viable and effective strategy for improving cybersecurity.

The U.S. Military engages in full simulations and digital war games to train for battle, and these methods and best practices can be repurposed for the cyber battlefield. Government workforce education and training that is regularly practiced and put in action will help prevent data leakage and save budget dollars.

Frequent penetration testing, simulated cyber and social engineering attacks, or even something as simple as a pop-up tip of the day on an employee’s computer will help make agencies more secure inside and out. After all, policies are only as effective as the people enforcing and enacting them.

Benjamin Franklin once said, “A small leak can sink a great ship.” Investing in the education of the government workforce, utilizing proactive training methods, and aligning policy, technology, and people can ensure smooth sailing.

Prenston Gale is the lead internal Subject Matter Expert for Information Security within Dynamics Research Corporation (DRC). He also serves as a solutions architect for emerging government requirements, building new frameworks and customized methodologies that are deployed in service of government clients. 

The views expressed by our guest bloggers are their own and do not necessarily reflect the views of AFCEA International or SIGNAL Magazine.

AFCEA International wishes everyone  a safe and happy Thanksgiving. Our U.S. office will be closed Thursday and Friday in observance of the holiday. What are you thankful for today?

At a time when the European Union and the United States are both facing moderate to severe austerity in the years ahead, it’s more important than ever to do more with less.

Claude-France Arnould, chief executive of the European Defense Agency (EDA), told the European Institute’s Transatlantic Roundtable on Defense and Security Affairs that the effects of the financial crisis in most EU nations has begun to hit “full force,” and the defense ministries of many EU members are experiencing cuts of between 15 and 25 percent in some cases.

Arnould, who is in the midst of a weeklong visit to Washington to consult with officials from the departments of Defense, State and Commerce, told a luncheon at the Cosmos Club in Washington that “the military priorities of the European Union are mirrored in those of NATO.”

EDA’s top priority, Arnould says, is helping EU member states in the area of “pooling and sharing,” the ability of the military to work jointly, sharing key resources like supplies and logistics. Such pooling and sharing, she adds, is more important than ever at a time when monetary resources for weapons systems are becoming scarce.

She spoke in advance of informal talks among EU defense ministers later this week in Poland, and added that pooling and sharing will also be a key topic at a more formal meeting of defense officials at the end of November.

Arnould sees her agency’s role as that of a “facilitator,” attempting to help the EU define the agenda and priorities for pooling and sharing.

As an example of the kind of collaborative work her agency does, she points to a new forensic laboratory that the EDA recently built in Spain to perform investigations of improvised explosive devices, which injure and kill more coalition troops in Iraq and Afghanistan than any other weapon.  The lab, she says, is a “good example of the capability within EDA.”

In addition, Arnould says her agency has helped coordinate a training program for helicopter crews, which fly choppers provided by NATO. So far, she says the EDA program has trained 150 crews, of which half are currently deployed to Afghanistan.

Arnould also reports EDA is working in areas that include space, satellites and cyberdefense, stressing the need to continue to coordinate with NATO on efforts to protect IT infrastructure.

She says that in general, one of the most important lessons learned of pooling and sharing, no matter what the venue, is for EU forces to always be aware of whether a military capability is available when it is needed.  For example, she says it’s important that the European Air Transport Command always be prepared with information on what aircraft it has available to support military missions.

“Let’s do lunch?” is a phrase many mock; others use it as much as possible to gain invaluable insight from personal experiences and get feedback about present actions and future aspirations. As an intern, I have a limited perspective of the Department of Defense and rely heavily on the guidance of others when contemplating different career ideas, experience opportunities and developmental paths or programs to pursue. I sincerely appreciate the time, experience, and resources which are shared to develop my knowledge, skills, and abilities.

The mentoring process is an ongoing give-and-take relationship where participants share much more than a meal; the primary knowledge that’s available is calorie-free richness, at that! The generosity of a mentor’s time coupled with a mentee’s attention is a perfect demonstration of organic sharing. Among the benefits of that kind of sharing are the amount of personal detail conveyed and off-the-record insights. During these exchanges it is crucial to remain respectful, receptive and resourceful to adequately nurture and enhance the resulting relationship.

A few great places to start include:
• The SAF/FM Mentoring Community of Practice (https://afkm.wpafb.af.mil/community/views/home.aspx?Filter=OO-FM-PA-01),
• The Palace Acquire Professional Forum (https://afkm.wpafb.af.mil/community/views/home.aspx?Filter=OO-FM-PA-01),
• and your local professional associations including your local AFCEA Chapter.

Some of the things I’ve seen at work in my current situation include my digital continuity book. This tool allows me to keep precise notes and get feedback in one place, with two advantages: First, I’ve communicated a value for another person’s time and they recognized my genuine efforts. Second, both parties will not spend time creating a duplication of the same lesson because my digital continuity book is easily shared among a limitless number of seekers. From this practice, I demonstrate a value for minimizing waste, advocacy for education of the masses, and support of the effort for a paperless Air Force.

We should not take one-size-fits-all approach to on-the-job training, either. Sometimes the relationship is less formal. When transitioning to Maxwell AFB, I was assigned a sponsor who has turned out to be a wonderful friend. We began with simple tips about the area, which greatly reduced the stress surrounding relocation. Now we are frequently working together sharing resources, networks, and maintaining our professional competition levels.

Mentoring programs and on-the-job training are just two points of a successful knowledge sharing system, however. The most subjective, and possibly the most important, is the ability within these systems to express appreciation. Senior leaders like Major General Flowers frequently cite the power a simple ‘Thank you” holds. Merely saying friendly phrases is not enough though; he allows his sincerity to radiate with the recipient(s) of his message.

Work culture is changing to embrace this mindset, as well. A growing trend is seeing work areas designed in open circular patterns rather than in cubicles, which confine workers physically and mentally. Another work culture change that involves sharing is the 360 degree appraisal process, where all involved are able to share those valuable traits, needs improvement areas, and points the entire team of identifiers will be able to assist with during positive progression. These few changes can empower those around you regardless of rank and encouraging a collaborative or shared environment.

Ms. Jennifer Miller is a 2nd year Financial Management Specialist, Palace Acquire Federal Career Intern of the United States Air Force at Maxwell Air Force Base, Montgomery, AL.

We presently are experiencing intense pressure not to raise the debt ceiling, prophecies about the downfall of government IT, more legislators considering reducing the once-sacred defense budget, and prophecies of gloom and doom relating to government programs in general. Despite this, a number of leaders and real change agents both in government and outside government offer us some real hope and shining examples.

A number of senior government and former government leaders are helping lead the Citizen Enabling Open Government initiative intended to make government responsive to the citizens who know what they need from government. Among its advisors are Dennis Wisnosky, DoD Chief Technology Officer and Chief Architect of the DoD Business Mission Area, and Mark Forman, co-founder of Government Transaction Services and the first Federal Chief Information Officer. Mike Dunham, chair of the Enterprise Architecture Shared Interest Group of the American Council of Technology and Industry Advisory Council, has made the observation that these leaders “have really taken the bull by the horns.”

Some people’s eyes glaze over when you mention the term Enterprise Architecture (EA), may have misconceptions about what it truly means, and others think it is a colossal waste of money that produces negligible results. EA, regardless of whether it is the Federal Enterprise Architecture, the Department of Defense (DoD) Architecture Framework, or some other model, provides frameworks within which experts working with business and technology leaders and other specialists can categorize, inventory, and prioritize a current state of existing lines of business functions along with those technologies and programs that support them, then develop a future state.

Mark Forman was recently interviewed on EmeraldPlanet; the show ran on a Northern Virginia public access cable channel in June and is now available as a webcast. One of the foremost advocates of the Citizen Enabling Open Government initiative, Forman titled his segment “An Alternative Approach for Reorganizing the Federal Government.” He stated early on that “Government exists to service the people,” and over the longer term, “government must change structures and accelerate its responsiveness … over the last 30 years, this has gone the other direction.” He also added that it was important to engage the public because programs and the federal Government are so complex, and because citizens know what they need from government.

Forman advocated that the “real redundancy is in the programs and not the IT,” explaining that GAO found that 45-50 programs may be providing the same services under different agencies. A GAO report states, “eight of cabinet departments are involved in water resource management.” Forman said that people involved in EA have proven EA’s value through consolidation. “We know currently government is unaffordable; we need to refocus government efforts, streamline and focus and do that in a way that changes the traditional deficit reduction focus,” he said. “We must match up cutbacks in funding with improvements in performance” such as by using cloud computing.

During the same program, Dennis Wisnosky described how the DoD is looking for different ways in which to conduct its business, especially since 51 percent of its money spent on managing backroom operations such as how to pay soldiers and logistics. Wisnosky has championed defining business process and technology components into their simplest form and creating patterns of usage to save money and modernize the DoD. The DoD is, he said, “supporting the troops by not inventing new technologies”–but instead using other capabilities. The DoD is creating a common language, interoperability between systems, a Service Oriented Architecture, and using cloud computing to reduce costs and increase efficiency. As a result, the DoD Business Mission Area and DoD have a successful track record in modernizing business functions.

The Citizen Enabling Open Government initiative intends to make government more responsible to citizens. To that end, your participation personally and professionally would be welcome through the American Council of Technology and Industry Advisory Council and the LinkedIn CEOG group.

Christine Robinson is president of Christine Robinson & Associates, LLC; an enterprise architect with a security background; advisor to Arlington County; and advisory board member to EmeraldPlanet and its global television show. Robinson writes extensively and speaks about security to audiences worldwide.

The views expressed by our guest bloggers are their own and do not necessarily reflect the views of AFCEA International or SIGNAL Magazine.

By Elaine Rogers

Today, as our country celebrates its independence, let us also celebrate our service men and women and their families who stand ready to protect the freedoms that make this country remarkable. For 235 years military families have endured tremendous sacrifice to ensure our freedom and security. In the past ten years, with the wars in Iraq and Afghanistan, our troops have regularly deployed to the far reaches of the world while their families remained in our communities eagerly awaiting their return.

President Obama recently announced that 33,000 troops will return home from Afghanistan over the next year. The Metropolitan Washington area is home to one of the largest military populations in the world. They are our neighbors; their spouses are our teachers, colleagues and business owners. As a community we will celebrate many homecomings – opportunities to express our gratitude to our troops and their family members for the decade they have spent at war on our behalf.

As military families ready for the return of a loved one, the USO of Metropolitan Washington will be there to support them throughout what can sometimes be a difficult transition. The USO’s role is to lift the spirits of our military and their families and do the little things to boost morale and let them know they are supported and appreciated. We need your help to do that. Celebrating its 70th year, the USO is the way for the local communities – you – to support the troops and their families. Throughout its history, the USO has developed new and innovative programs to meet the ever-changing needs of service members and their families while holding true to its original mission. With state of the art facilities and simple acts of kindness, the USO is a “home away from home” for those who sacrifice to ensure our freedom and security.

This Fourth of July, take a moment to honor our heroes in uniform as well as our heroes on the home front. As we head into our 235th year as an independent nation, we must stand ready to welcome our heroes home and support military families. This is how America will continue to salute the finest our nation has to offer.

Elaine Rogers is the president and CEO of the USO of Metropolitan Washington. USO-Metro is a private, nonprofit 501(c)(3) organization chartered by Congress and dedicated to “Serving those who serve, and their families” in Washington, D.C., Maryland and Northern Virginia. For more information please visit www.usometro.org.

The SIGNAL staff wishes all our readers a safe and happy 4th of July. Share your tributes to or plans to honor the military here or at www.facebook.com/homefronthelp.

The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It’s not just money at risk for government networks, however.

The Air Force has the lead for the Next Generation Airspace and lead for the Department of Defense. Arlington County, which collaborates extensively with the department on many levels, has undertaken continuous monitoring and risk analysis and is currently evaluating its supervisory control and data acquisition (SCADA) systems.

Maj. Gen. Edward L. Bolton Jr., USAF, director of cyber and space operations, office of the DCS for ops, plans and requirements, led a discussion with B.G. Ranck Jr., director of warfighter systems integration at the office of the Secretary of the Air Force, and Mark Orndorff, PEO for Information Assurance and NETOPS for DISA at the AFCEA D.C. chapter’s cyber security luncheon on May 20 describing the Air Force’s approach.

Gen. Bolton asked everyone in the audience to say at what level they thought we should protect. The audience answered that we should protect “every link at every level.”

He also suggested that Air Force’s biggest issue with communications is the “lack of transportability” of the equipment and parts driven by its inability to interoperate between stovepiped systems. He described a soldier as having to carry a pack with three computers, multiple batteries, and multiple wires in order to communicate.

According to Bolton, the Air Force will focus on three main areas: capabilities, employment, and people. He also stated that the Air Force will change the discussion from aircraft allocation to “what information do I need vs. how many airplanes do I have in the air?” It also maintains that, “every airman must have a certain understanding of cyber.”

The Defense Department envisions a joint architecture and joint services information-sharing requirement that is not specific to a particular agency that promotes interoperability and information sharing across previously discrete domains. In keeping with this vision, the Air Force will migrate away from the plethora of often proprietary and stove-piped systems and transition to a single standards-based network. These systems often do not interoperate with other systems both in and outside of the Air Force. The Air Force will channel the resulting savings into building operational capability.

Gen. Bolton also asked the defense contracting community to help the Air Force by not perpetuating proprietary and controlled environments and boxing the Air Force into a technology or proprietary solution.

Though the panel focused primarily on the network and interoperable systems, it did not address the issue of SCADA systems, which are an integral part of Air Force and Defense Department infrastructure. We often don’t realize that our traffic lights, transportation systems, bridges, dams, power systems, water treatment plants and other systems contain digital information vulnerable to attack and theft even though they are not a part of other network systems.

Arlington County has undertaken an initiative to evaluate its SCADA systems and mitigate any risks found. In a public forum, Chief Information Security Officer David Jordan mentioned an article that described how U.S. officials who initially were going to conduct a public forum to discuss the risk of SCADA systems quietly decided the risk was too great to bring it to the public’s attention and cancelled the forum. “We started with the critical infrastructure systems; those connected to the network and are conducting other evaluations according to priority. SCADA systems are vital in the support of day-to-day life in a city,” Jordan stated.

But there are other important systems not directly under the control of the jurisdiction or the Federal Government; such as local phone switching center operating systems, cable, and wireless broadband operating systems and their related command and control networks, he continued.

The Defense Department would do well to conduct similar analyses across the Defense Department, if these are not already under way.

Through the Department of Defense National Survey of Employers, the department hopes to better understand the benefits and challenges of employing members of the National Guard and Reserve. Now that the survey has reached its halfway point, the defense department would like all employers who received the survey to respond, as their feedback is needed to develop future Guard and Reserve policies.

According to the Employer Support of the Guard and Reserve (ESGR), a Department of Defense agency, who is administering the survey, Guard and Reserve members comprise nearly half of the military’s total strength. The nation has relied heavily on Guard and Reserve service members in the almost 10 years since the September 11 attacks, frequently calling them away from their civilian jobs for military operations and humanitarian efforts around the world, including the 2004 tsunami in southern Asia, 2010 earthquake in Haiti and ongoing relief efforts in Japan. Their service and the support of employers are critically important. “If we are going to sustain their participation, we need to sustain the support of the employers,” said Dennis McCarthy, Assistant Secretary of Defense for Reserve Affairs. “Finding out what we need to do to get that support is of vital national interest.”

ESGR sent the survey to 80,000 randomly selected employers in the mail. The sample includes employers of every size and industry, from all across America. Survey participants should visit ESGR.mil and click on the survey link to provide their feedback on employing members of the Guard and Reserve. More information is available here.