Recently at the AFCEA International Cyber Security Summit in Bethesda, MD, Army Maj. Gen. John A. Davis, Senior Military Advisor for Cyber to the Under Secretary of Defense, said “Cyber partnerships such as those with the National Security Agency and the Defense Intelligence Agency and external partnerships such as those with industry, international allies and academia represent a transformation in the way DOD approaches cybersecurity.”
For years, the U.S. Defense Department, not surprisingly, took a “do it alone” posture when it came to sharing information and protecting its networks and communication infrastructures from security attacks.
The latest Incoming column from Lt. Ben Kohlmann, USN, titled “Link Warfighters to Technologists at the Lowest Possible Level” (SIGNAL Magazine, April 2013), resonated with observations I’ve made and conclusions I’ve reached over the years. I’ve been involved with the research and development and acquisition communities for a long time, including serving as the Air Force chief scientist from 1999 to 2001. Perhaps my adding to Lt. Kohlmann’s advice will help it gain additional traction, and stimulate further discussion and activity.
The current driving force in the military and defense environment is to keep legacy systems operating longer, or the replacement of legacy systems with new systems that emulate one or more legacy systems with commercial-off-the-shelf (COTS) technology. However, there is insufficient budget to fund development of these COTS systems, and the burden of development falls upon private industry. The current sequestration environment adds another burden on industry to perform to the needs of the military, but without the benefit of nonrecurring engineering (NRE) costs being reimbursed.
The Regional Information Sharing Systems (RISS) Program recently implemented a simplified sign-on capability that enables federal, state and local law enforcement to collaborate. The flexible environment is based on the Federal Identity, Credential and Access Management guidance and facilitates the use of Common Access Cards and Personal Identity Verification cards for use across organizational boundaries. RISS is working with several state law enforcement agencies to provide them with federated identification for access to resources within their state that are hosted on the Regional Information Sharing Systems Law Enforcement Cloud (RISSNET).
In May, the White House issued the Digital Government Strategy to improve the way government uses new technologies and to speed up the adoption of technical tools that can significantly improve operational efficiencies and productivity. From a technology perspective, one thing is clear – data center consolidation is a critical milestone in the execution of the White House’s vision for technological innovation and improved citizen services. Now, agencies have a new perspective on how to benchmark their progress to achieving the goals of the 25 Point Implementation Plan.
The Air Force Chief of Staff had but three critical requirements for the Joint Direct Attack Munition (JDAM): "It should work; it should hit the target; and it should cost under $40,000 each." The former Undersecretary of Defense for Acquisition, Technology and Logistics, Jacques Gansler held on to this handwritten request, as reported in "Aligning Acquisition Strategies With the Times," written earlier this year by SIGNAL defense editor Max Cacas. Could such a simplified approach possibly lead to developing an effective new capability?
I always look forward to Memorial Day just for the fact that we get to celebrate those who have made the ultimate sacrifice for our country and not to mention, it always falls on my birthday or the day after. For those who have lost their lives and for the Wounded Warriors that now have long roads to recovery, we owe them the homage and the support they ultimately deserve. As we all get ready to bust out our grills, head to the pools and begin our shopping sprees, we should all take a moment and thank those who have given us the freedom to do these activities. Today I am greatly appreciative of the opportunity I have to help our Wounded Warriors and their families.
"Water, water everywhere and not a drop to drink."
-Rime of the Ancient Mariner by Samuel Coleridge
From securing the cloud to unwrapping new architecture compliance requirements, 2011 was a busy year for the tech public sector. In the New Year's spirit of renewal and rededication, here are five resolutions federal agencies should make. 1. Leverage IT to meet budget requirements The government fiscal landscape changed radically in the last year with budget cuts across the majority of federal agencies. The Obama's Administration fiscal 2012 budget proposal calls for a five-year discretionary spending freeze along with $33 billion in additional cuts. Yet, there is a reason why federal IT spending to commercial contractors is expected to grow five percent annually.
Earlier this year, detailed information about the bomb resistance of a new Department of Defense (DoD) building in Virginia was compromised. Reuters broadcast the information worldwide. The news organization did not obtain the document by hacking network systems, but rather accessed the "official use only" document on the Army Corps of Engineers website. This incident is just one example of the thousands of data breaches that occur as a result of internal information leakage rather than an outside attack. In their 2011 Information Security Report, the U.S. Government Accountability Office (GAO) shed light on why internal leaks are so prevalent.
"Let's do lunch?" is a phrase many mock; others use it as much as possible to gain invaluable insight from personal experiences and get feedback about present actions and future aspirations. As an intern, I have a limited perspective of the Department of Defense and rely heavily on the guidance of others when contemplating different career ideas, experience opportunities and developmental paths or programs to pursue. I sincerely appreciate the time, experience, and resources which are shared to develop my knowledge, skills, and abilities. The mentoring process is an ongoing give-and-take relationship where participants share much more than a meal; the primary knowledge that's available is calorie-free richness, at that!
We presently are experiencing intense pressure not to raise the debt ceiling, prophecies about the downfall of government IT, more legislators considering reducing the once-sacred defense budget, and prophecies of gloom and doom relating to government programs in general. Despite this, a number of leaders and real change agents both in government and outside government offer us some real hope and shining examples.
By Elaine Rogers Today, as our country celebrates its independence, let us also celebrate our service men and women and their families who stand ready to protect the freedoms that make this country remarkable. For 235 years military families have endured tremendous sacrifice to ensure our freedom and security. In the past ten years, with the wars in Iraq and Afghanistan, our troops have regularly deployed to the far reaches of the world while their families remained in our communities eagerly awaiting their return.
The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It's not just money at risk for government networks, however.
The Air Force has the lead for the Next Generation Airspace and lead for the Department of Defense. Arlington County, which collaborates extensively with the department on many levels, has undertaken continuous monitoring and risk analysis and is currently evaluating its supervisory control and data acquisition (SCADA) systems.
Individuals, communities, industry, and governments often neglect to plan for secure normal and contingency operations until a disaster strikes. Rather than planning them separately, why not plan normal operations, physical and cyber security, emergency preparedness and disaster recovery, and integrating renewable energy resources? Military and civilian operations on every level and every nation can benefit both before and after an emergency strikes from adopting industry and government best practices and available technologies available around the world today.
Our cyber adversaries threaten us as individuals, communities, nations and members of the global community. We risk ruined credit, emptied bank accounts, government privacy information held hostage or destroyed, disabled defense systems and destruction to our infrastructure. Many recognize that our existing organizational and acquisition models can't respond quickly enough to meet the cyber challenge. Why not establish a neutral entity to act as an impartial system integrator that collaborates global efforts and resources to anticipate and defend against our cyber adversaries?
For decades, the military and specially trained civilian amateur radio operators of the Military Auxiliary Radio System (MARS) have provided reliable zero-cost back-up communications to the U.S. Defense Department and armed forces. This civilian-military partnership has served the nation well.
Blake Hall is a man on a mission: to help U.S. military personnel use "Web 2.0" Internet technologies to help one another and themselves. Hall's no stranger to demanding missions. A decorated former U.S. Army Captain and Airborne Ranger who led a scout platoon in Iraq, he relates how the first time he ever led a combat mission, his battalion commander laid his hand on his shoulder and said ominously, "Hall, don't screw it up." And based on the overwhelmingly positive, initial response to his and his co-founders' new, veteran-owned web venture, TroopSwap.com, an online community and marketplace for active duty U.S. military, reservists, veterans and their families, that battalion commander would be more than proud.
Part 2 of 2
Defense Department IT budgets are now fully mortgaged to support ongoing operations and maintenance, while most large development funds are still paying for continuation of programs that were started years ago. With regard to the concerns I've raised in my previous post, here are some ideas on what should be done:
First of two parts.
According to Air Force LTG William Lord, 85 percent of cyberoperations are in defense. That being the case, How should the Defense Department protect its network and computer assets? A 2009 RAND Corporation report on cyberdeterrence asserts "...most of the effort to defend systems is inevitably the ambit of everyday system administrators and with the reinforcement of user vigilance." The report also states "...the nuts and bolts of cyberdefense are reasonably well understood."