FedTech Magazine - Technology Solutions That Drive Government https://fedtechmagazine.com/ en How Agencies Are Approaching Cybersecurity Automation https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/how-agencies-are-approaching-cybersecurity-automation%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>While <a href="https://fedtechmagazine.com/article/2020/09/nasa-flies-down-road-zero-trust-security" target="_blank">zero-trust cybersecurity</a> architectures are the trend <a href="https://fedtechmagazine.com/article/2020/06/state-federal-thinking-zero-trust" target="_blank">everyone in federal IT security seems to be glomming onto</a>, a key part of what underpins the move to zero trust is, in addition to granular access controls, automation.</p> <p>Increasingly, experts both inside and outside the government are advocating for accelerated adoption of cybersecurity automation. Automation tools can help detect whether a user is supposed to be accessing a network or a piece of data and can also automate a response and send alerts to analysts.</p> <p>Such a shift could save agencies time and money and allow cybersecurity analysts to focus on actually analyzing data and coming up with new security strategies as opposed to looking through log reports, for example.</p> <p>“We’ve got to get away from the mindset of ‘you can account for every alert.’ You’ve got to embrace orchestration and [security orchestration, automation, and response] technologies — artificial intelligence, machine learning. You have to embrace this,” Mike Witt, associate CIO for cybersecurity and privacy at NASA, <a href="https://www.actiac.org/events/simplifying-federal-cybersecurity-network-future" target="_blank">said during a recent webinar</a>, according <a href="https://gcn.com/articles/2020/08/31/beyond-security-comfort-zone.aspx" target="_blank">to <em>GCN</em></a>.</p> <p>“You have to take advantage of playbooks and push your teams to basically do a lot of these automated responses so that you can focus your limited analyst power … on some of the more interesting things.”</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/how-agencies-are-approaching-cybersecurity-automation%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Q&A: CISA’s Masterson on Election Security as November Approaches https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/qa-cisas-masterson-election-security-november-approaches%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>With just weeks to go before the November presidential election, the Department of Homeland Security’s <a href="https://www.cisa.gov/election-security" target="_blank">Cybersecurity and Infrastructure Security Agency</a> is on the job 24/7 to ensure that the vote is tallied without major incident. After the <a href="https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf" target="_blank">reported Russian interference</a> in the 2016 election, the federal government is on alert along with state and local election officials to prevent disruptions this year.</p> <p>“There’s more conversation about election administration right now than I’ve ever seen, and I’ve been doing this for more than a decade,” says CISA’s Matt Masterson, a senior cybersecurity adviser who specializes in election security. “That’s a positive. It means more information is out there for the public about the security of the process.”</p> <p><em>FedTech</em> spoke recently with Masterson about what’s being done to secure the 2020 election.</p> Elizabeth Neus https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/qa-cisas-masterson-election-security-november-approaches%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Navy Turns to the Cloud to Enhance Ship Maintenance https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/navy-turns-cloud-enhance-ship-maintenance%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>For the Navy, ship maintenance and improving shipyard performance is critical to maintaining the vessels that protect the United States. What’s clear is that there is room for an improvement — and a plan to boost ship maintenance through technology.</p> <p>For fiscal years 2015 through 2019, the Navy spent $2.8 billion in capital investments to address shipyard performance, among other things, <a href="http://gao.gov/assets/710/708907.pdf" target="_blank">according to an August Government Accountability Office report</a>. The report adds that in those years, 75 percent of planned maintenance periods for aircraft carriers and submarines were finished late.</p> <p>The Navy is using drones and artificial intelligence to survey and analyze ships to detect, and someday predict, problems like rusting. The service branch is partnering with <a href="https://www.cdw.com/content/cdw/en/brand/google-cloud.html" target="_blank">Google Cloud</a> on the project, and Google “will provide the underlying cloud platform and data storage for the thousands of images of ships used to develop a machine learning model,” <a href="https://www.fedscoop.com/ai-ship-rust-detection-navy-google/" target="_blank">FedScoop reports</a>. The project will also use drones and automated image analysis technology.</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/navy-turns-cloud-enhance-ship-maintenance%22%20hreflang%3D%22en%22%3Eview%3C/a%3E NOAA’s Challenge to Improve Weather Forecast Modeling https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/noaas-challenge-improve-weather-forecast-modeling%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>On Oct. 29, 2012, Hurricane Sandy took a sharp left turn over the Atlantic Ocean and slammed into New Jersey, bringing with it a powerful storm surge that struck the surrounding areas, including New York City. The storm flooded the city’s streets and subways and cut off power throughout the city. This devastating storm caused immense property damage and took the lives of 285 people.</p> <p>The toll likely would have been much worse had it not been for an eight-day advance warning to residents from the European Centre for Medium-Range Weather Forecasts. ECMWF had correctly predicted the surprising left hook that Sandy took, preventing greater loss of property and lives.</p> <p>On the American side of the Atlantic, the National Weather Service and National Hurricane Center confirmed Sandy’s trajectory only four days out from landfall. At the time, ECMWF’s technology made the difference, providing a more advanced forecast then NWS could provide. The criticism of U.S.-based weather modeling led to a drive to upgrade the technology and get the U.S. forecast system on par with the European model — and perhaps even better.</p> Alexander Slagg https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/noaas-challenge-improve-weather-forecast-modeling%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Marines Partner with Verizon on 5G ‘Living Lab’ https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/marines-partner-verizon-5g-living-lab%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Starting this month, Marine Corps Air Station Miramar near San Diego will become the latest proving ground in the military for 5G wireless innovation. The Marine Corps in July <a href="https://www.globenewswire.com/news-release/2020/07/22/2065893/0/en/MCAS-Miramar-is-the-first-U-S-Military-Base-to-test-Verizon-Marine%20Corps%20Air%20Station%20(MCAS)%20Miramar5G-Ultra-Wideband-Service.html" target="_blank">announced a partnership with Verizon</a> for the base to serve as a 5G “living lab,” and it is the first U.S. military base with access to Verizon’s 5G Ultra Wideband service.</p> <p>The base will be used to test 5G in the millimeter-wave wireless spectrum, which provides extremely high bandwidth but has a limited coverage range. Verizon and the Marine Corps say they will test the network technology for a variety of use cases, including edge computing, securing the base, autonomous vehicles and more.</p> <p>The announcement and experimentation comes after <a href="https://www.defense.gov/Newsroom/Releases/Release/Article/2206761/dod-names-seven-installations-as-sites-for-second-round-of-5g-technology-testin/" target="_blank">the Defense Department in June expanded</a> to 12 the number of bases it would use to conduct 5G testing. Those bases include Fort Hood and Joint Base San Antonio in Texas, Naval Station Norfolk in Virginia, Joint Base Pearl Harbor-Hickam in Hawaii, the National Training Center at Fort Irwin and Marine Corps Base Camp Pendleton in California, and Tinker Air Force Base in Oklahoma.</p> <p>The DOD’s <a href="https://www.cto.mil/wp-content/uploads/2020/05/DoD_5G_Strategy_May_2020.pdf" target="_blank">5G strategy</a> calls the newest generation of wireless a “critical strategic technology” that will “transform” the way militaries operate, noting that 5G promises “orders of magnitude improvements in multiple areas, including speed, connectivity and reduced latency.”</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/marines-partner-verizon-5g-living-lab%22%20hreflang%3D%22en%22%3Eview%3C/a%3E DOD Wants Remote Workers to Be Able to Access Classified Information https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/dod-wants-remote-workers-be-able-access-classified-information%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>The Defense Department is taking more steps to enable its remote workers to be able to access sensitive, classified information outside of the Pentagon’s secure environment.</p> <p>As of August, the Pentagon had expanded its remote work capabilities to about 1 million personnel through its <a href="https://www.cloud.mil/CVR/" target="_blank">Commercial Virtual Remote collaboration environment</a>, which, as <a href="https://www.nextgov.com/it-modernization/2020/08/pandemic-pushing-pentagon-toward-classified-telework/167824/" target="_blank">Nextgov reports</a>, “facilitates the exchange of low-risk, unclassified data and communications among users.” It’s been a critical tool as the DOD has enabled widespread telework during the coronavirus pandemic.</p> <p>However, DOD CIO Dana Deasy and other defense officials have indicated they are working to enable access to classified information through the CVR environment, which uses the cloud-based <a href="https://www.cdwg.com/content/cdwg/en/brand/microsoft/microsoft-teams.html" target="_blank">Microsoft Teams</a> collaboration tool.</p> <p>Deasy said in late July that his office was running “a lot of pilots” to improve the security of the CVR, <a href="https://www.fedscoop.com/dod-secure-teleworking-jedi-cloud-contracts/" target="_blank">FedScoop reports</a>. “We are confident we will rise to the challenge by leveraging our innovative ecosystem,” Deasy said at the time. He noted that the Pentagon and its users are continually facing cyberattacks. “When you move to cloud … the adversary is going to pivot and try to exploit,” he said.</p> <p>If the DOD were to enable such a shift widely across its enterprise, it would represent a sea change for the risk-averse Pentagon. “COVID-19 must be a wake-up call that to sustain this critical public-private partnership we must take a hard look at what really needs to be classified, who truly needs a clearance, and how we can maintain a nimble, skilled, and diverse national security workforce while still protecting our nation’s secrets,” Mark Testoni, CEO at SAP National Security Services, <a href="https://www.fedscoop.com/time-rethink-handle-view-work-classified-info-post-pandemic/" target="_blank">tells FedScoop</a>.</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/dod-wants-remote-workers-be-able-access-classified-information%22%20hreflang%3D%22en%22%3Eview%3C/a%3E NASA Flies Down the Road to Zero-Trust Security https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/nasa-flies-down-road-zero-trust-security%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>NASA has been <a href="https://www.meritalk.com/articles/nasa-planning-for-zero-trust-in-network-modernization/" target="_blank">signaling for months</a> that it intends to adopt <a href="https://fedtechmagazine.com/article/2020/07/fundamentals-zero-trust-security-government" target="_blank">a zero-trust architecture for its cybersecurity</a>. Now, the agency is starting to explain why it is doing so, and how. A zero-trust approach will help it enhance its security posture.</p> <p>Speaking late last month during <a href="https://www.actiac.org/events/simplifying-federal-cybersecurity-network-future" target="_blank">an American Council for Technology and Industry Advisory Council webinar</a>, Mike Witt, associate CIO for cybersecurity and privacy at NASA, explained how NASA has embraced automation as part of its cybersecurity response. The shift to telework as a result of the coronavirus pandemic is also accelerating its embrace of zero trust, which will be a multiyear process.</p> <p>“We’ve got to get away from the mindset of ‘you can account for every alert.’ You’ve got to embrace orchestration and [security orchestration, automation, and response] technologies — artificial intelligence, machine learning. You have to embrace this,” Witt said, <a href="https://gcn.com/articles/2020/08/31/beyond-security-comfort-zone.aspx" target="_blank">according to <em>GCN</em></a>. “You have to take advantage of playbooks and push your teams to basically do a lot of these automated responses so that you can focus your limited analyst power … on some of the more interesting things.”</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/nasa-flies-down-road-zero-trust-security%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Agencies Outline Their IT Modernization Visions https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/agencies-outline-their-it-modernization-visions%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>For the past decade, and certainly in the <a href="https://fedtechmagazine.com/article/2020/02/how-agencies-can-leave-legacy-it-systems" target="_blank">past</a> few <a href="https://fedtechmagazine.com/article/2017/12/how-mgt-act-will-spur-agencies-it-investments-2018-and-beyond" target="_blank">years</a>, IT modernization has been the major buzz when it comes to government technology. It is a constant topic of conversation and an ever-evolving picture as agencies <a href="https://fedtechmagazine.com/article/2020/08/how-think-through-costs-associated-cloud-migration" target="_blank">move services to the cloud</a>, <a href="https://fedtechmagazine.com/article/2020/01/assisted-intelligence-vs-augmented-intelligence-and-autonomous-intelligence-perfcon" target="_blank">adopt artificial intelligence</a> and more.</p> <p>However, aside from the occasional release of a strategic IT plan and regular hearings on agencies’ progress on fulfilling obligations of the Federal Information Technology Acquisition Reform Act, there are not many opportunities to get up-to-date glimpses into how agencies are doing when it comes to modernization. It’s especially important to understand how agencies are modernizing their systems, since the coronavirus pandemic has exposed some <a href="https://www.fedscoop.com/lawmakers-sba-loan-system-investments/" target="_blank">shortcomings in certain federal systems</a>.</p> <p>Thanks to Sen. Maggie Hassan, D-N.H., there’s a little bit more clarity. In June, Hassan <a href="https://www.hassan.senate.gov/imo/media/doc/Sen%20Hassan%20IT%20letters.pdf" target="_blank">sent letters</a> to 10 large federal agencies — the departments of Treasury, Homeland Security, Defense, Interior, Education, Health and Human Services, Transportation, the Office of Personnel Management, the Small Business Administration and the Social Security Administration — on how agencies are modernizing to prepare for another crisis.</p> <p><a href="https://fedtechmagazine.com/article/2020/05/technology-modernization-fund-provides-agencies-cash-improve-it" target="_blank"><em><strong>READ MORE: </strong>Find out how agencies have been using the Technology Modernization Fund. </em></a></p> <p>“I write to urge you to work together to modernize the [department’s] information technology systems in order to improve security, increase efficiency, and reduce wasteful spending associated with the maintenance of legacy IT systems,” she wrote in the letters. “As the amounts spent to operate and maintain existing systems increase each year, government-wide investment in major IT projects is declining.”</p> <p>Seven of the 10 agencies contacted had replied as of early August, <a href="https://www.nextgov.com/it-modernization/2020/08/7-10-agencies-respond-senators-request-it-modernization-plans/167883/" target="_blank">Nextgov reports</a>. Some of the agencies outlined their plans to upgrade legacy IT systems that the Government Accountability Office <a href="https://www.gao.gov/products/GAO-19-471" target="_blank">identified as most in need of modernization</a>. Others also detailed their network upgrade and cloud migration plans.</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/agencies-outline-their-it-modernization-visions%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Advancing Drone Technology Innovation in Government https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/advancing-drone-technology-innovation-government%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>For decades, government led the way on the development and use of new technologies. Everything from high-performance jet engines to GPS were <a href="https://fedtechmagazine.com/article/2016/04/5-most-amazing-technologies-darpa-helped-invent-besides-internet" target="_blank">spin-offs from the government into the commercial world</a>.</p> <p>Today, there is a similar emphasis on <a href="https://www2.deloitte.com/us/en/insights/industry/public-sector/government-venture-capital.html" target="_blank">government “spinning in”</a> commercial technologies to improve its own operations. However, the transformational benefits of new technologies may not come solely from either a spin-in or spin-off alone.</p> <p>Rather, “spinning on” may be the key — that is, adopting technologies that initially emerged from government before being refined and expanded in commercial industry and then brought back into government use.</p> <p><a href="https://fedtechmagazine.com/article/2019/03/5-ways-drone-technology-used-federal-it-perfcon">Drone and unmanned aerial systems</a> are a great example of the benefits possible from spin-on innovation. Today’s drones owe their lineage to <a href="https://www.darpa.mil/about-us/timeline/predator" target="_blank">work at the Defense Advanced Research Projects Agency in 1988</a> that produced the world’s first long-endurance drone. From that beginning in government, drones then spun out into the commercial world, assuming tasks ranging from package delivery to land surveying. In fact, according to Axios, the limitations on humans gathering during the coronavirus pandemic has led to a surge in commercial drone activity, with leading software platform DroneDeploy seeing a 90 percent increase in drone use among surveyors and a 56 percent increase in the construction industry.</p> <p>Those commercial uses combine drones with other technologies, push into new use cases and create value in ways that purely government investments would not have done. When those technologies then spin back into government, they can bring unexpected benefits with them.</p> Joe Mariani, Peter Liu https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/advancing-drone-technology-innovation-government%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Modernize Security with Zero Trust and Controlled Access Anywhere https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/modernize-security-zero-trust-and-controlled-access-anywhere%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Amid <a href="https://fedtechmagazine.com/article/2020/08/how-think-through-costs-associated-cloud-migration" target="_blank">cloud migration</a> and <a href="https://fedtechmagazine.com/article/2020/05/technology-modernization-fund-provides-agencies-cash-improve-it" target="_blank">modernization efforts</a>, the <a href="https://fedtechmagazine.com/article/2020/07/pivot-mass-remote-work-how-7-agencies-made-switch" target="_blank">remote workforce surge</a> and a continued <a href="https://fedtechmagazine.com/article/2020/07/us-cert-alerts-can-help-agency-prepare-cyberthreats" target="_blank">uptick in sophisticated cyberattacks</a>, federal agencies must keep their data and missions secure.</p> <p>In the old way of doing business, IT teams focused on securing the network perimeter. There was a widespread belief that if the network could be secured, so could users’ access to the applications.</p> <p>As we know, the world has changed dramatically. Users are more mobile and using both government-furnished equipment and personal devices. Applications are moving from our private data centers to the cloud.</p> <p>The old model simply doesn’t work. Both defense and civilian agencies <a href="https://fedtechmagazine.com/article/2020/06/state-federal-thinking-zero-trust">need a zero-trust architecture</a> to deploy and scale cloud services in the telework age while maintaining the highest levels of security.</p> Drew Schnabel https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/09/modernize-security-zero-trust-and-controlled-access-anywhere%22%20hreflang%3D%22en%22%3Eview%3C/a%3E