By now, federal agencies universally recognize that data is an asset with seemingly limitless value as they seek to reduce costs, boost productivity, expand capabilities and find better ways to support their mission and serve the public.
A mushroom cloud explosion in the New Mexico desert on July 16, 1945 forever changed the nature of warfare. Science had given birth to weapons so powerful they could end humanity. To survive, the United States had to develop new strategies and policies that responsibly limited nuclear weapon proliferation and use. Warfare is again changing as modern militaries integrate autonomous and semiautonomous weapon systems into their arsenals. The United States must act swiftly to maximize the potential of these new technologies or risk losing its dominance.
By 2030, artificial intelligence (AI) is projected to add $13 trillion to the global economic output. In government, AI applications promise to strengthen the federal workforce, safeguard our nation against bad actors, serve citizens more effectively and provide our warfighters the advantage on the battlefield. But this success will require collaboration and advancements from government and industry.
It’s easy to forget that in the midst of a catastrophe, physical safety isn’t the only thing that’s important. As technology’s role in disaster response and relief becomes more and more prevalent, cybersecurity becomes an essential part of the process. Here’s why.
Few people are more vulnerable than those impacted by a crisis. Whether a man-made attack or a natural disaster, the widespread destruction created by a large-scale emergency can leave countless individuals both destitute and in need of medical attention. Protecting these men, women and children requires more than a coordinated emergency response.
Last year was a banner year for cyber fraud. In just the first six months of 2019, more than 3,800 breaches exposed 4.1 billion records, with 3.2 billion of those records exposed by just eight breaches. The scale of last year’s data breaches underscores the fact that identity has become the currency of the digital world and data is the fuel that powers the digital economy. What’s also clear looking back on 2019 is that digital identities are continually being compromised on multiple levels.
There are certainly similarities between network resilience and cyber resilience. The foundation for both is the ability to maintain business or mission capabilities during an event, such as a backhoe cutting your fiber cables or a nation-state actively exploiting your network. But there are also significant differences.
Supply chain security has been of concern to government leaders for decades, but with attacks now originating in industrial control systems (ICS) from supply chain vulnerabilities and with an increasing reliance on the Internet of Things (IoT), Congress is stepping up its involvement. For example, legislators have promised that more stringent standards will soon be enforced.
Government agencies face similar challenges when it comes to understanding—and gaining intelligence from— foreign language content. They need to process, manage and gain insight from large volumes of content locked away in different formats, often across multiple languages. And they need to do all of this as quickly as possible. It’s no mean feat when you consider the mindboggling amounts of content being generated: 90% of the world’s content was created over the past two years alone.
When it comes to artificial intelligence (AI), the Department of Defense (DOD) has put a firm stake in the ground. The department’s AI strategy clearly calls for the DOD “to accelerate the adoption of AI and the creation of a force fit for our time.”
Anyone who has worked in the Pentagon or on almost any military installation can attest to wireless connectivity problems. Whether dealing with a dearth of cellular service, inadequate Wi-Fi or security blockers, service members and civilians have felt the frustration of not being able to access information or communicate effectively.
In every recent discussion I have had with government and defense leaders around IT modernization, the conversation quickly leads to cloud and its role in enabling agile ways of working for government. Many agencies have already developed cloud migration targets and are looking at how they can accelerate cloud adoption.
The U.S. Army is leading the charge on the military’s multidomain battle concept—but will federal IT networks enable this initiative, or inhibit it?
The network is critical to the Army’s vision of combining the defense domains of land, air, sea, space and cyberspace to protect and defend against adversaries on all fronts. As Gen. Stephen Townsend, USA, remarked to AFCEA conference attendees earlier this year, the Army is readying for a future reliant on telemedicine, 3D printing and other technologies that will prove integral to multidomain operations. “The network needs to enable all that,” said Townsend.
The response to the Chief of Naval Operations (CNO) Adm. John Richardson’s repeated request to “pick up the pace” of developing and implementing breakthrough technologies for our warfighters has gone, in my opinion, largely unheeded.
This is not the result of a lack of innovative solutions. A myriad of research and development programs exists to support the development of new technologies or to adapt existing commercial technologies to defense applications. Rather, it’s the result of an arcane acquisition process that is burdensome, expensive and lacking vision. Acquisition reform is where we need to pick up the pace!
When the Department of Defense (DOD) launched its Everything Over IP initiative nearly 10 years ago the focus was to bring traditional telecommunications technology—phone calls, streaming video and even faxes—to the digital world.
At that time, unified communications (UC), especially in the government workplace, was a relatively new concept. Remember, this was a time when voice over Internet Protocol (VoIP) phones were still seen as cutting edge. Now, though, UC has become not just a business tool, but a strategic offering that can connect employees in disparate locations, including the frontlines.
More than a year has passed since the Modernizing Government Technology (MGT) Act was signed into law, cementing the establishment of a capital fund for agencies to support their special IT projects. The MGT Act prompted defense and intelligence agencies to accelerate the replacement of legacy systems with innovative and automated technologies, especially as they explore new ways to mitigate security risks like those experienced all too often by their private sector counterparts.
The military continues to focus its efforts on developing the most sophisticated technologies and capabilities needed to sustain tactical advantage and achieve mission objectives. But the most critical component to success on the battlefield continues to lie with the warfighter.
Open source containers, which isolate applications from the host system, appear to be gaining traction with IT professionals in the U.S. defense community. But for all their benefits, security remains a notable Achilles’ heel for a couple of reasons.
First, containers are still fairly nascent, and many administrators are not yet completely familiar with their capabilities. It’s difficult to secure something you don’t completely understand. Second, containers are designed in a way that hampers visibility. This lack of visibility can make securing containers extremely taxing.
Layers upon layers
The U.S. defense industrial supply chain is vast, complex and vulnerable. Organic components, large-scale integrators, myriad commercial service providers, and tens of thousands of private companies sustain the Defense Department. According to the SANS Institute, the percentage of cyber breaches that originate in the supply chain could be as high as 80 percent.
Implementing a new system can be an exciting time, but the nagging questions and doubts about the fate of data you’ve literally spent years collecting, organizing and storing can dampen this excitement.
This legacy data often comes from a variety of sources in different formats maintained by a succession of people. Somehow, all the data must converge in a uniform fashion, resulting in its utility in the new solution. Yes, it is hard work and no, it is not quick. Fortunately, this scrubbing and normalization does not have to be a chaotic process replete with multiple failures and rework.
It comes as no surprise that U.S. adversaries continue to target and successfully exploit the security weaknesses of small-business contractors. A successful intrusion campaign can drastically reduce or even eliminate research, development, test and evaluation (RDT&E) costs for a foreign adversary. Digital espionage also levels the playing field for nation-states that do not have the resources of their more sophisticated competitors. To bypass the robust security controls that the government and large contractors have in place, malicious actors have put significant manpower into compromising small- and medium-sized businesses (SMBs).