Good cyber hygiene is essential to the sustainability of the space environment amid the efforts of competitors and adversaries to build capabilities that could impact space system operations, MITRE said in a white paper published on Friday.
The document is MITRE’s response to a Department of State notice seeking public sector input on the implementation of the 21 long-term sustainability guidelines for outer space activities.
According to the organization, implementing robust cyber hygiene practices should be prioritized on the same level as debris mitigation efforts.
The paper also highlighted the company’s efforts that directly align with the long-term sustainability guidelines, including the development of the Sensor Network Autonomous Resilient Extensible system, which uses permissioned blockchain to record orbital element sets from space sensors, and the decentralized Space Information Sharing Ecosystems; its collaboration with the Space Information Sharing and Analysis Center; and the implementation of Mitre’s International Space Strategy aimed at balancing efforts across defense, preservation and sustainability and organizational and policy components of space use.
CISA said Friday that the recently-released analysis and an accompanying infographic discuss the details of and findings from the 143 RVAs performed across multiple critical infrastructure—or CI—sectors.
The RVA were carried out to assess the network capabilities and defenses of an organization against known threats with the ultimate aim of formulating strategies to bolster cybersecurity.
CISA performed RVAs on select state, local, tribal, and territorial, or SLTT, organizations; the federal civilian executive branch; and private and public sector CI operators. For its part, the Coast Guard performed RVAs on maritime CI operated by private sector organizations as well as SLTTs.
Based on the analysis, the most successful attacks conducted by the RVA assessors involved the use of common methods, tools and techniques. The assessors also exploited common system vulnerabilities seen among many CI sector organizations.
To counter such threats, the analysis offered several recommendations, including the implementation of enhanced protection mechanisms in addition to strong credential policies.
“CISA encourages system owners and administrators to share this guidance with leadership and apply relevant changes tailored to their specific environments,” the document said, adding, “Analysis of this nature can effectively prioritize the identification and mitigation of high-level vulnerabilities across multiple sectors and entities.”
Hear from various speakers to learn more about the security concerns facing the U.S. and what’s being done to address them at the Potomac Officers Club’s 2024 Homeland Security Summit, which will take place on Nov. 13. Register now to attend this important event!
The Space Security and Defense Program, which operates under the Department of the Air Force, is seeking input for space domain awareness capabilities and services to address threats in a dynamic and increasingly crowded space environment.
Interested contractors should submit concepts that address key focus areas—particularly, support to fires, surveillance of man-made objects, intelligence and reconnaissance, and environmental monitoring, according to a request for information notice posted on Sam.gov Wednesday.
In addition, the SSDP is looking for concepts that would enable military forces to plan, integrate, execute and assess space operations. They should have one or more of these features: high sensibility to detect small objects across a wide area of space, the ability to reduce solar, earth and lunar exclusion zones and the capability to process collected data quickly.
The concepts should also be capable of detecting, tracking and identifying resident space objects, characterizing or determining strategies, intent and activities of threats, predicting and assessing potential and actual threats and integrating and utilizing multi-source data for dynamic decision-making.
Interested parties may send their responses to the RFI no later than Nov. 14.
U.S. Cyber Command has introduced a roadmap for integrating artificial intelligence into military cyber operations as part of efforts to scale operations and improve its analytic capabilities and ability to disrupt adversaries.
USCYBERCOM said Friday the roadmap focuses on working with the National Security Agency to advance AI and computing capabilities and outlines over 100 activities across national defense, contested logistics, security and other mission areas.
“The integration of AI is a strategic necessity,” said Michael Clark, the command’s deputy director of plans and policy.
“Our roadmap will incorporate AI into all aspects of our operations to better address cyber threats,” Clark added.
A new task force within the Cyber National Mission Force will oversee the plan’s implementation and address challenges associated with infrastructure development, policy constraints and talent acquisition.
According to USCYBERCOM, the roadmap will include the execution of over 60 pilot projects and 26 new AI integration initiatives, improve industry partnerships and advance sustainable tech development efforts.
While the federal government has harbored a decades-long concern about recruiting more young talent, some intelligence agencies a balancing a more nuanced, if still competitive, human capital battle.
“The quality of new talent that we are getting is phenomenal,” said Kimberly King, career service manager for analysis within the Defense Intelligence Agency’s Office of Human Resources. “We’ve got more talent than we can possibly onboard. And they come in such interesting backgrounds already, having done the internships, having done cross-disciplinary programs, speaking a language, doing engineering plus math, it’s phenomenal.”
But, like the rest of government, while the IC can attract talent with the draw of incredible mission, it still has the challenge of retaining them in an environment where agencies are competing with a higher-paying private sector for highly sought-after skills.
Speaking at a second Intelligence and National Security Foundation webinar Monday focused on the development of the intelligence community’s workforce, King and former Defense Department chief information officer John Sherman, now dean of The Bush School of Government and Public Service at Texas A&M University, said that the IC must also evolve its career development practices to ensure it can capitalize on today’s talent environment.
“If your career development feels like it’s from the 1990s, it probably is,” said Sherman. “And by that, I mean there’s career services and a lot of thoughtfulness being put across the agencies into this, but it still feels very government. And I think from a generation that is super creative, if they are going to experience inflexibility, yes, they’ll do the mission…but the highly laddered, structured, ‘because we said so,’ and ‘this is what you must do to get from pay band four to pay band five,’ it can be suffocating.”
Sherman said that from starting his civilian career as an imagery analyst at the National Geospatial Intelligence Agency to becoming DOD CIO, he had to “swim against the tide” of an often-inflexible career development bureaucracy, despite having creative and gifted mentors.
“More often than not, the mid-level was trying to hang on and not allow [change],” he said. “If you feel like that is happening in your agency, that’s going to kill retention as fast as anything, and you will lose them because they are so talented.”
King said DIA has taken steps like rolling out a new pay model to attract college students from certain technical fields to fill science, technology, engineering and mathematics, or STEM, roles. That is combined with active recruitment at colleges and universities, encompassing internships, agency open houses and the deployment of career development officers to provide more insight into different careers.
To help retain and develop the existing workforce, King said that DIA has been active in trying to address things like pay, representation and leveraging data to better understand their trends in attrition and the reason behind it.
The agency is also proactive in upskilling its workforce through joint duty assignments that send employees to temporarily work with other agencies, embedding with private sector partners and in academia. DIA also pays for technical training, senior service schools and offers specialized skills training to earn what King called microbadges.
Both King and Sherman touted the federal government’s move toward skills-based hiring — which focuses on technical training, certification and competency rather than rigid academic requirements — as a way to bring even more talent to bear.
The Department of Defense’s Future Generation Wireless Technology Office is preparing DOD for its transition to the next generation of wireless telecommunications, called 6G, and one of its top priorities is advancing centralized unit, distributed unit, or CUDU, Defense News reported Friday.
The CUDU project seeks to implement an open software model for 6G that meets the requirements of DOD, industry and the research community.
The FutureG office is looking at how the military could advance 6G for sensing and monitoring initiatives like the Integrated Sensing and Communications project, or ISAC.
According to the report, ISAC gathers information on different environments using wireless signals, a capability that could help the military gather intelligence and track drone networks.
Though ISAC technology could strengthen the Pentagon’s intelligence, surveillance and reconnaissance systems, potential commercialization could lead to adversary countries using the technology against the U.S.
“We’re looking at this as a real opportunity for dramatic growth and interest in new, novel technologies for both commercial industry and defense needs,” Thomas Rondeau, principal director for DOD’s FutureG office, told the publication in an interview.
“But also, the threat space that it opens up for us is potentially pretty dramatic, so we need to be on top of this,” he added.
Rondeau noted that initiatives that resulted from the department’s 5G Challenges have informed DOD’s 6G vision and strategy.
Vice President and Democratic presidential nominee Kamala Harris said at a campaign rally on Friday that as president, she would “get rid of the unnecessary degree requirements for federal jobs to increase jobs for folks without a four-year degree.”
“Requiring a certain degree does not necessarily talk about one’s skills,” she said. “And I will challenge the private sector to do the same.”
The federal government has been working to revise educational requirements for government employment across multiple administrations. The Trump administration issued an executive order in 2020 directing federal agencies to evaluate the skills of job applicants rather than rely on degrees as a proxy, except for positions that still require advanced degrees and professional licensing, like certain medical or legal occupations.
The Biden administration has continued to implement skills-based hiring policies. Some lawmakers are also interested in moving away from degree requirements.
“I will also make sure good paying jobs are available to all Americans, not just those with college degrees,” Harris said Friday, casting herself as a supporter of the middle class. “For far too long, our nation has encouraged only one path to success, a four year college degree. Our nation needs to recognize the value of other paths, additional paths, such as apprenticeships and technical programs.”
The current Republican platform does not mention skills-based hiring, although it does include support for “the creation of additional, drastically more affordable alternatives to a traditional four-year college degree.”
The push during the Biden administration to rely on competencies for hiring rather than education has included a special focus on cyber and tech jobs.
In the cyber field, “the perception that a four-year degree is required for most roles in tech and cybersecurity” has been a “roadblock” for some qualified candidates, Camille Stewart Gloster — who formerly worked at the White House’s Office of the National Cyber Director on cybersecurity workforce issues and now runs a consulting firm — told Nextgov/FCW over email.
“Shifting to skills-based hiring makes it easier for employers and candidates to find alignment between needs and capabilities,” said Stewart Gloster. “This effort will empower job seekers at all levels and across sectors.”
“This may seem like an easy shift, but legacy infrastructure like old job descriptions artificially limit applicants and recruiters by anchoring hiring decisions on outdated and limiting archetypes of successful candidates,” she wrote.
In April, the administration announced that it is rewriting the fundamental classification, qualification and assessment requirements for the government’s tech-focused 2210 job series to align with skills-based hiring.
The Trump executive order directed the Office of Personnel Management to review all classification and qualification requirements in the government’s competitive service and only use education requirements when they are legally required for job duties.
Rewiring these baselines is a move that some experts have said is necessary to truly move away from relying on college degrees, as these requirements set standards like years of experience or educational attainment necessary to be qualified for a given government job.
Kemba Walden, former acting national cyber director, told Nextgov/FCW via email that “filling jobs based on skills not only improves the security of our digital economy, but expands it.”
The administration has supported cybersecurity apprenticeships and included skills-based hiring in its National Cyber Workforce and Education Strategy, Walden noted. The administration has also focused on removing four-year degree requirements for federal cybersecurity contractors.
In his new role, Parekh will work closely with the Department of Commerce’s Office of Chief Counsel for Industry and Security and the Department of Justice to progress major corporate investigations, the BIS said Thursday.
Assistant Secretary of Commerce for Export Enforcement Matthew Axelrod said in a statement that Parekh’s appointment is an important step forward in efforts to bolster the U.S. administrative enforcement program.
A seasoned lawyer, the new appointee most recently served as a U.S. attorney in Virginia, where he supervised over 300 federal prosecutors, civil litigators and support personnel.
Recognized as the highest-ranking non-political official in the Eastern District of Virginia, Parekh’s career boasts more than 40 cases brought to verdict.
His previous work experience includes stints at the Justice Department, the U.S. Attorney’s Office for the District of Columbia and the CIA as well as IBM and an international law firm.
Parekh joins the BIS following its implementation of revised rules concerning voluntary self-disclosures and penalty guidelines, which encourage companies to report violations in exchange for incentives or reduced fines.
The White House and members of the private sector have come together again to secure a new set of voluntary commitments to halt the proliferation of sexually abusive content aided by artificial intelligence.
Announced on Thursday, Adobe, Anthropic, Cohere, Common Crawl, Microsoft, and OpenAI signed various commitments promising to prevent the usage of their generative AI systems in creating sexually abusive content. This includes committing to responsibly sourcing datasets to train models, incorporating feedback loops and stress-testing to prevent AI systems from learning sexually abusive prompts, and removing explicit content from AI training datasets.
“Today’s commitments represent a step forward across industry to reduce the risk that AI tools will generate abusive images,” the release said. “They are part of a broader ecosystem of private sector, academic, and civil society organizations’ efforts to identify and reduce the harms of non-consensual intimate images and child sexual abuse material.”
The Biden administration has positioned itself to actively work with private sector leaders to help prevent the widespread misuse of generative AI systems, debuting a preceding series of voluntary commitments in the summer of 2023 to promote the “Safe by Design” AI posture the administration is championing.
Leadership at the White House’s Office of Science and Technology Policy previously called for action to prevent the use of advanced AI systems to create sexually abusive material, as per President Joe Biden’s October 2023 executive order on AI and the 2022 Violence Against Women Act Reauthorization.
Payment companies have also agreed to join the fight to stop sexually abusive synthetic content. Cash App and Square both agreed to monitor and curb payments related to producing or publishing image-based sexual abuse, as well as expand participation in initiatives to detect sextortion schemes.
Google additionally agreed to begin adjusting its search engine results to combat non-consensual images, and Microsoft, GitHub and Meta have all made individual commitments to remove content that contains sexually abusive material, as well as strengthen their internal reporting systems.
Civil society groups, which signed commitments to help public and private sector entities monitor the results of such efforts, include the Center for Democracy and Technology, the Cyber Civil Rights Initiative and the National Network to End Domestic Violence.
“Through a multi-stakeholder working group, they will continue to identify interventions to prevent and mitigate the harms caused by the creation, spread, and monetization of image-based sexual abuse,” the White House said.
Winston Beauchamp has taken on the role of director of security, special program oversight and information protection at U.S. Department of the Air Force.
The DAF official announced his new job on LinkedIn, where he also expressed gratitude to colleagues and partners from industry, with whom he had worked while serving as DAF deputy chief information officer, a position he held for nearly four years.
Beauchamp said he was especially thankful to former DAF CIO and past Wash100 winner Lauren Knausenberger and current DAF CIO Venice Goodwine, whom he described as “the exact leaders the DAF needed at the time.”
Beauchamp has held other roles within the Air Force, including enterprise IT director within the Office of the Deputy CIO. He has also been part of the Office of the Director of National Intelligence, the National Geospatial-Intelligence Agency, Lockheed Martin and GE Aerospace.
