When we think of cyber attacks, we generally picture a lone wolf hacker or Anonymous-type organization. But foreign governments are also formidable threats. Take a moment to scan the headlines and you’ll see that articles about cyber hacks on Sony Pictures Entertainment and the Democratic National Committee—among many others—have been attributed to North Korea and Russia.
Air gapping is a security measure that isolates a computer or a network so it cannot be accessed or hacked by an external entity. It's a useful technique that adds a security layer for companies and government agencies, especially those handling classified, confidential information often susceptible to hacking attempts. Although air-gapping systems offer extra security, recent malware-based attacks and other threats have created a new set of risks that organizations must manage in unique ways.
The number of ways a federal bidder can lose a contract award on an otherwise winning proposal is mind boggling. The Government Accountability Office (GAO) has sustained hundreds of protests on issues such as late proposals, proposals sent to the wrong location, proposals missing required attachments, proposals failing to acknowledge amendments, unsigned proposals, proposals containing typographical errors and others.
In World War I, the U.S. Army used lumbering GMC trucks for the first time in combat—revolutionary for its time. Today, these vehicles would be considered slow, cumbersome and archaic in comparison to today's fast, powerful and, most of all, constantly connected warfighting machines.
In fact, thanks to the Internet of Things (IoT), just about everything that can be connected—from tanks to smartwatches—is connected. The Defense Department’s whole work force depends on thousands of devices that work off of disparate operating systems. The net result is a security risk nightmare for those who must secure government IT networks.
OK, I admit it—on any scale—I am an analytic dinosaur. When I started as an intelligence analyst in the (yes) 1980s—it was truly a lifetime of technology ago. Pong was cool. Wang was cutting edge. All the analysts I worked with had amazing colored charts on the wall, big “scrapbooks,” stacks and file cabinets of message traffic a foot high that came from the communications room. When I established one of the first computer databases that my analytic team had ever seen they thought I had gone rogue.
Those of us with the privilege of providing social services to veterans and those with significant needs face a similar challenge: Addressing many requests for help that come at us from so many different directions. Sometimes we get it right and provide the exact services clients seek. But far more often, it’s not an exact fit, and the door they walked in isn’t the right one.
Current technology trends such as the Internet of Things (IoT), bring your own device (BYOD) initiatives and the deployment of cloud-based applications all demand more and more bandwidth. One aspect of modernization that could be overlooked as we rush to implement emerging technologies is also the most important—the network backbone that will support it all.
Federal agencies clamor for industry best practices to implement findings resulting from last year’s 30-day “Cybersecurity Sprint,” part of the administration’s broader effort to bolster federal cybersecurity. A new mandatory directive for all civilian government agencies, the Cybersecurity Strategy Implementation Plan (CSIP), provides a series of actions to further secure federal information systems.
The United States' dependence on valuable space assets and the nation's critical need to maintain superiority in command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) disciplines have also made these fields somewhat of an Achilles' heel. The country had long held technological and capabilities advantages over the rest of the world. Those days are gone.
The Defense Department stands at a technological and financial crossroads, needing to accelerate the proliferation of new networks and applications while heeding budgetary concerns.
As such, department officials are looking carefully at software-defined networking (SDN) and the potential the method provides as a key foundation of the Joint Information Environment (JIE). SDN lets agencies build more flexible, consolidated and efficient networks, while spinning up new applications and tools faster.
“We have to embrace the software-defined mission of where we have to go with the networks,” Defense Department Chief Information Officer Terry Halvorsen said at the 2014 Federal Forum when discussing the JIE.
The time is quickly approaching when video analytics no longer will be an afterthought for supporting investigations or categorized as a nice-to-have. Brute force procedures traditionally used by law enforcement are not effective for handling massive amounts of video and images. In fact, the problem of daunting volumes of video handled by criminal justice organizations today is compounded by heightened public perception that digital evidence must be processed quickly, and increasingly, juries expect to see video presented during trials. Law enforcement executives jest that if a crime is not caught on video, as far as courts are concerned, it didn’t happen.
Over the past week, I have thought a lot about innovation. In part because I’m preparing for my upcoming panel discussion on innovation at the AFCEA/INSA Intelligence Summit next week, and in part because I’m troubled by the seemingly pervasive use of the word “innovation” as a solution to many of our intelligence collection and analysis challenges.
For now, the Iranian nuclear framework is just that—a midpoint in a process that will continue for several months. Already, however, we find apparent—and basic—disagreement between the principal negotiators on just what the framework is supposed to frame. Will sanctions be removed in their totality, on the completion of the accord? Or will they be removed incrementally as the inspection regime takes hold? And, for good measure, what about inspections of facilities collocated on military bases?
Almost four years ago, my company co-founder and I sat in a nondescript hotel in Maryland meeting with two senior technical executives from the National Security Agency (NSA) to discuss classified mobility. We initially focused on how to install a few specific apps onto classified phones, but as the meeting unfolded, it became obvious the government struggled with a broader challenge of securely managing all mobile apps across classified networks. In the news media, we read with interest about proposed options for the President’s next cellphone or devices used by the nation’s senior leadership. Despite all the commentary, very little of this speculation came to fruition.
It seems every week we read about a cyber breach that involves millions of records at risk of compromise. Why can’t the big boys get it right? After all, they have large information technology departments and many layers of protection. From the opposite perspective, what did you do today to protect personally identifiable information (PII)?
Do you have unique personal identification numbers (PINs) for all of your passwords? If you answered no, create a priority “to do” and investigate password vaults, accessible from your mobile devices and Web browser.
In December 2014, Stephen Hawking, the renowned theoretical physicist, warned the world that true artificial intelligence (AI) could mean the death of mankind. Well, that got my attention. His comments stirred up a maelstrom of support. Small wonder, but the AI argument has been ongoing since the late Isaac Asimov wrote the Foundation series.
Hawking’s statement did complement a blast by Elon Musk, Tesla CEO and a strong advocate of driverless cars, who two months prior at the MIT Aeronautics and Astronautics Department's 2014 Centennial Symposium responded to the discussion about AI by saying, “With artificial intelligence, we are summoning the demon.”
Is the U.S. Defense Department moving back toward requiring cost and pricing data for commercial item purchases? A recent series of memoranda and experiences show a backward march toward the department requesting cost data as a means to justify fair and reasonable pricing for commercial item purchases.
Every now and then a poll result pops up that surprises me. Results sometimes are counter-intuitive, or at least counter-narrative from what we're led to believe in major media coverage.
Case in point: An early 2015 poll shows that after nearly two years of a negative spotlight on the U.S. intelligence community, and particularly on the National Security Agency (NSA) and Central Intelligence Agency (CIA), the American people still have a positive view of the NSA and CIA. More startlingly, young Americans have more favorable views of NSA and CIA than older Americans!
In a recent GovExec article, Kellie Lunney raised a few perspectives regarding the average age of senior executives in government today—it is the mid to late 50s—and the limited compensation flexibility. And I realized that ever since I entered the Defense Intelligence Senior Executive Service (DISES) in early 2004 and was involved in the vetting and filling of more than 40 SES positions, I have been deeply concerned about the ability of government to continuously attract, recruit and enable top talent of all ages, educational and experiential backgrounds.
Data center consolidation has been a priority for federal information technology teams since 2010 when the government launched the Federal Data Center Consolidation Initiative (FDCCI). The goal was to close or consolidate 40 percent of government data centers by 2015 to combat server sprawl, centralize and standardize storage, and streamline application management and establish shared services across multiple agencies.
The FDCCI has changed many things about how federal information technology (IT) is set up and created many challenges for federal IT professionals, including: