Glavy nominated as top IT officer for US Marine Corps
The Biden administration has nominated Maj. Gen. Matthew Glavy as the next deputy commandant for information of the U.S. Marine Corps.
The deputy commandant post was created in 2017, and is the service’s equivalent of a uniformed CIO.
Glavy will replace Lt. Gen. Loretta “Lori” Reynolds, the current deputy commandant for information. Glavy, if confirmed by the Senate, will get his third star and rise to the rank of lieutenant general.
“Deputy Commandant for Information develops and supervises plans, policies, and strategy for operating in the Information Environment and identifies requirements in doctrine, manpower, training, education, and equipment in order to support Marine Air Ground Task Force operations in the Information Environment,” according to the Marine Corps website.
Glavy currently serves as the head of Marine Corps Forces Cyberspace Command at Fort Meade, Maryland. It is currently unclear who will replace Glavy at the Marine’s cyber component command.
The Marine Corps falls under the oversight of the Department of Navy, and Glavy would work with the top IT official in the department, CIO Aaron Weis. The Department has been working to upgrade its cybersecurity and implement a new “strategic vision” for its IT.
Air Force rolls out new software for flight planning using Cloud One
The Air Force unveiled Tuesday new software that it has been developing that it says will optimize flight planning using its internal cloud provider, Cloud One.
The software, dubbed Joint Open Mission Systems Core Mission Planning (JOMS CMP), is not billed for full deployment until 2027, but the development team at Hanscom Air Force in the interim will work to update the legacy system currently in place. The system being replaced is used to schedule when aircraft take off, get refueled in flight and their directions in the sky.
The software will “provide a more tailored planning session that integrates squadron and user preferences, which reduces workload and optimizes fuel usage,” Jeff Flowers, program manager at Hanscom AFB, said in a press release.
The new software is designed with Joint All Domain Command and Control (JADC2) in mind, the military’s strategy for making an internet-of-things connecting platforms across land, air, sea, space and cyberspace. The idea is that with a cloud-based, modernized software suite being used to plan flight patterns, that data will be more easily sharable. Linking data between machines is core to JADC2, which aims to use artificial intelligence to sift through all the data and be a decision making aid to commanders, and even let machines make some decision themselves.
The old software, Joint Mission Planning System (JMPS), does not provide the flexibility to plan missions in the type of coordinated way called for in the Joint Warfighting Construct that the JADC2 strategy and family of technologies was borne out of.
“We are working to modernize JMPS with a service-oriented architecture that will increase speed, automation, and improve user experience,” Emily Coppin, Airspace Mission Planning Division, program manager, said in the release. “By incorporating a process that is shaped by user feedback, we have been able to synthesize requirements four times faster and provide more flexible and efficient management of developer resources. Through this JMPS sustainment effort, we have been able to shift, even in that old architecture, to a far more agile approach to mission planning software development.”
The software team is also collaborating with the Navy’s Air Combat Command and other organizations in across he military. The idea is the more collaboration on the software, the more interoperable and aligned with the JADC2 technical infrastructures being developed by the Joint Staff it will be.
The Air Force has worked on similar tech in the relatively low-stakes world of flight scheduling, using the data-rich task to test the waters on new data-based tech. In 2019 it signed contracts for using machine learning platforms to optimize pilot training logging. Eventually, the Air Force wants to use machine learning, AI and cloud-based software in applications directly related to waging war.
Army awards L3Harris $3.3B contract for overseas radio equipment and services
L3Harris, the major tech and defense contractor, has been awarded a $3.3 billion contract for overseas radio equipment and communications services by the Army.
It is an indefinite delivery, indefinite quantity contract, and will allow foreign military partners to buy radios through the Army’s Communications-Electronics command.
L3Harris was the only company to bid on the contract, which was awarded by U.S. Army Contracting Command in Aberdeen Proving Ground, Maryland.
The Army manages the sale of certain equipment, such as radios and vehicle platforms, to foreign partners.
Delayed DHS biometrics system’s risk management issues persist
The Department of Homeland Security plans to replace the functionality of its 27-year-old biometrics system, the first increment of a program that was supposed to end this year, in December.
Part of the reason the $4.3 billion Homeland Advanced Recognition Technology (HART) system for fingerprint matching and facial recognition won’t be fully operational is that DHS considered the program low risk until it began updating its assessment process in May 2020.
The Government Accountability Office found DHS still hasn’t updated its policy associated with assessments, so that other high-risk IT programs are aware of the new requirements, and that HART still has three risk management best practices to fully implement, according to a report released Tuesday.
GAO’s report comes a little more than a year after the DHS Privacy Office found partial and unmitigated privacy risks, like those posed by deepfakes and unintended sharing of sensitive information, to HART in an assessment.
The HART program has yet to fully maintain a risk management strategy, develop a risk mitigation plan based off that strategy, or periodically monitor the status of all risks to mitigate them.
As a result, DHS’s existing Automated Biometric Identification System (IDENT) — used to store digital fingerprints and iris scans on foreign nationals for travel, trade and immigration screening by the U.S. and its allies — remains in place. IDENT has data capacity, accuracy and assurance issues known since 2011, and can’t fully support agencies attempting to match biometrics against their data repositories.
Begun in 2016, HART was expected to cost $5.8 billion all told and provide additional biometric services, a web portal, and analysis and reporting tools by 2021. Now the DHS Office of Biometric Identity Management projects that Increment 2 won’t be finished until 2022 and Increments 3 and 4 until 2024.
Once Increment 1 is complete, all agencies will move from IDENT to HART.
Increment 2 will see the addition of multiple matching operations, like using two forms of biometric data to identify someone, while improving accuracy and potentially storage. Development is underway.
Increment 3 covers new tools boosting human examination of biometric data; the web portal; and addition of DNA, palm, voice, scar and tattoo data.
The final increment includes analyses and reporting based on Increment 2 data storage, a holistic view of identities, even more data, mobile access, and elimination of duplicate and inaccurate data.
Neither of the last two increments have been started.
“OBIM’s reliance on an overextended, 27-year-old biometric identity management system to support national security, law enforcement and immigration decisions emphasizes the critical need for OBIM to ensure that further delays, cost overruns, and performance issues with the HART program are avoided,” reads GAO’s report.
The prospect remains difficult because the HART program has also struggled with IT acquisition best practices, introducing more risks to the program.
According to GAO, program officials must: fully review contractor work, monitor all program costs, monitor stakeholder involvement, and maintain bidirectional traceability requirements.
Without this. HART will face further delays, cost overruns and won’t meet agencies needs, according to the oversight body.
GAO recommended DHS address the seven partially implemented best practices it flagged, and DHS concurred — responding that all would be completed between June 30 and December 31.
“DHS remains committed to incorporating feedback to improve its program management and oversight processes,” wrote R.D. Alles, deputy under secretary for management, in the response. “The department will continue to provide its stakeholders with current and accurate cost and funding data through existing mechanisms and will continue to address the IT Dashboard.”
White House launches artificial intelligence task force
The White House Office of Science and Technology Policy (OSTP) and the National Science Foundation (NSF) on Thursday announced the launch of a National Artificial Intelligence Research Resource Task Force.
The new task force will lay out a road map for expanding critical resources and educational tools that the Biden Administration says it hopes will spur innovation and economic prosperity across the U.S. Its launch comes amid heightened scrutiny of the U.S.’s competitive position in research and development, and follows a bill that was last week passed by the Senate to limit the technology influence of China.
The new task force will act as an advisory committee and is tasked with ensuring that AI researchers and students across all scientific disciplines receive the computational resources, high quality data, educational tools and other user support. It will submit two reports to Congress that present a comprehensive AI strategy and implementation plan: an interim report in May 2022, and a final report in November 2022.
Lynne Parker, who is director of the National AI Initiative Office at the White House Office of Science and Technology Policy, will co-chair the committee, along with Erwin Gianchandani from the National Science Foundation.
Other members of the committee include experts from the universities of New York and Standard, as well as a representative from Google.
Frederick Streitz from the Department of Energy and Elham Tabassi from the National Institute of Standards and Technnology are also on the committee.
Commenting on the launch of the committee, Science Advisor to the president and OSTP director Eric Lander, said: “America’s economic prosperity hinges on foundational investments in our technological leadership.”
“The National AI Research Resource will expand access to the resources and tools that fuel AI research and development, opening opportunities for bright minds from across America to pursue the next breakthroughs in science and technology,” he added.
NSF Director Sethuraman Panchanathan said: “NSF is delighted to co-chair the National AI Research Resource Task Force, which has the essential role of envisioning the research infrastructure that will drive future innovations in AI.
“By bringing together the nation’s foremost experts from academia, industry, and government, we will be able to chart an exciting and compelling path forward, ensuring long-term U.S. competitiveness in all fields of science and engineering and all sectors of our economy,” he added.
Return to work guidance says agencies should consider embracing a distributed workforce
Agencies should consider embracing a distributed workforce where possible, according to new guidance issued on Thursday by the Office of Management and Budget, Office of Personnel Management and the General Services Administration.
In a joint memorandum sent to all major agencies, the three oversight agencies said that such a move should be taken “where possible and appropriate,” and could help to benefit equity, inclusion and the delivery of missions.
“Distributing work nationwide has the potential to advance equity and inclusion in the federal work environment to the benefit of Federal agency missions, allowing agencies to recruit from a larger talent pool reflecting the talents of individuals all across America, and allowing employees to choose to live where it best suits them,” the guidance said.
The intervention comes as agencies including DHS and the Department of Defense look at new ways to attract top technology talent to federal departments, despite an often large pay differential between the public sector and private sector. Federal government jobs have conventionally required staff to be located at the agency’s headquarters or a key operational hub, which compares unfavorably with flexible working policies in industry.
Other key aspects of the memorandum include guidance that some employees who teleworked during the pandemic may prefer to continue working remotely, and that this should be a key factor in how agencies apply their return to work policies.
It states also that federal agencies should increase the use of flexible and alternative work schedules, as compared to before the pandemic. Specifically, the missive advocates the continued use of maxiflex work schedules — work schedules that allow staff to complete their eight-hour work day any time within a 24-hour period — and says that where possible these should continue to be offered.
According to the joint memorandum, the federal government’s official operating status remains at “open with maximum telework flexibilities to all current telework eligible employees, pursuant to direction from agency heads.”
It says also that previously-established pandemic occupancy limits for federal buildings are no longer in effect, although adds that agencies may establish occupancy limits for specific workplaces as a means of ensuring physical distancing between unvaccinated individuals.
Agencies that have taken steps during the pandemic to allow greater workforce autonomy include the Department of Defense. The DOD is just days away from launching its high-security version of Microsoft Office365, dubbed DOD365, which is designed to replace the current telework system.
Space Force has also outlined plans to become the first digital service, and said in a May memo, that it intends its guardians to be “digital nomads”.
Earlier this month, the OMB wrote to agencies across federal government to give them a final deadline of July 19 to finalize plans for bringing staff back to work.
All departments are required to have previously submitted draft return to work policies by June 18, and will then receive feedback on their submissions.
The return of federal agency staff to the office is being led by the Safer Federal Workforce Task Force, which was established Jan. 20, 2021 in one of President Joe Biden’s first executive orders.
Hack the Army event yields 102 critical security gaps
The annual Hack The Army event found 238 vulnerabilities, 102 being critical security gaps that needed immediate fixing, event organizers disclosed Thursday.
This year’s “Hack The Army 3.0,” organized in January 2021 for six week, involved 40 “top-tier” security researcher from both military and civilian backgrounds, testing a range of assets to find security flaws. It is the 11th Hack the Army event, which is a bug bounty program modeled off a practice common in the private sector of paying security researchers when they find vulnerabilities. The Army paid out more than $150,000 to civilians that participated.
For the third time, the service partnered with HackerOne, a bug bounty platform that won Federal Risk and Access Management Program (FedRAMP) approval in May 2020.
Hack the Army is part of Hack the Pentagon, which is a series of bug bounty challenges for varying assets and branches of the military run by the Defense Digital Service.
“By inviting skilled hackers to test the US military’s digital assets, the DDS and the US Army demonstrate that hacker-powered security has become a mainstream best practice for organizations requiring continuous security testing,” Alex Rice, HackerOne’s co-founder and chief technology officer, said in a statement. “It’s been an exciting journey to chart the successes of the three Hack The Army initiatives and watching the hacking community help strengthen the nation’s cybersecurity defenses.”
The goal is find security gaps by replicating adversary activity against a network or other part of their domain. The federal government has previously struggled to form close bonds with the so-called “white hat” hackers only mimicking adversaries and prove hackers won’t face any legal jeopardy for their work and they can share their work. DDS also recently expanded their policy on what hackers could do their worst on.Thank
HackerOne and similar platforms act as an intermediary where they host the parts of an organization’s network that are acceptable for hackers to target, so that over-ambitious security researches do not compromise live systems. The use of services such as HackerOne helps to mitigate suspicion in the security community of working with the government.
“We are trying to first be a valuable member of the community,” former assistant secretary of the Air Force for acquisition, technology and logistics, Will Roper, said in May 2020 about the military’s place in the hacker community. To do that, the department will be putting “meaningful activity on the table.”
HackerOne has been trying to capitalize on requirements in 2020 that agencies develop vulnerability disclosure programs. The Cybersecurity and Infrastructure Security Agency (CISA) launched its own bug bounty platform Tuesday.
Renewed Palantir contract could expand disease surveillance to other CDC centers
The Centers for Disease Control and Prevention’s latest contract with Palantir Technologies allows the agency to extend a non-COVID-19 disease surveillance solution to any of its centers.
The one-year, $7.4 million contract renewal covers the modernization of the Data Collation and Integration for Public Health Event Response (DCIPHER) environment, based on the Palantir Foundry platform.
While the National Center for Emerging and Zoonotic Infectious Diseases has used DCIPHER to better manage food-borne outbreaks since 2010, the COVID-19 pandemic showed other CDC centers the benefits of using scalable, interoperable cloud solutions.
“We’ve learned from the pandemic just how important it is to modernize surveillance to have that situational awareness for any public health issue,” Dr. Bill Kassler, chief medical officer at Palantir, told FedScoop.
DCIPHER collects epidemiological, surveillance and laboratory data from various sources so CDC centers and their partners can make informed decisions around outbreaks.
Within NCEZID, both the System for Enteric Disease Response, Investigation, and Coordination (SEDRIC) and the National Wastewater Surveillance System use DCIPHER.
More recently other centers have requested similar cloud infrastructure to assist with surveilling the flu and HIV and the Center for Global Health.
The pandemic made CDC centers recognize the need for earlier situational awareness on social determinants of health, to plan a more equitable response, and supply chain instability, to get personal protective equipment and other resources where they’re needed, Kassler said.
Unfortunately many CDC systems are legacy systems that can’t be scaled for more compute or storage in a crisis to handle hundreds of necessary data sources. Systems like that can take contractors two to four months to recode for collection of new data fields pertaining to novel outbreaks.
DCIPHER’s usefulness extends beyond outbreaks though as new data sources on genomics, social needs, behavior from wearables, and clinical records help monitor conditions like heart disease and stroke.
“We think there are huge opportunities across the federal government to bring disparate, multimodal data together to help to visualize that data and to make it into a form that advanced analytics such as machine learning and predictive modeling [can use],” Kassler said.
The Department of Health and Human Services awarded Palantir several contracts early in the pandemic that were not competed citing the “unusual and compelling urgency” of the crisis. Those contracts supported the development of HHS Protect, which informs the White House on COVID-19’s spread and comprises most of Palantir’s work around the pandemic.
Palantir also supplies the analytics platform behind the National Institutes of Health‘s National COVID Cohort Collaborative (N3C) Data Enclave, used by researchers to better understand the coronavirus.
VHA acting Under Secretary Stone to step down
Acting Under Secretary of the Veterans Health Administration Richard Stone is set to leave the agency in mid-July.
In a press release on Thursday, the agency announced the departure, adding that his replacement as leader of the Veterans Health Administration has yet to be confirmed by the U.S. Senate.
Stone oversaw the agency’s program to modernize its sprawling legacy electronic health record system, migrating to a cloud-based Cerner EHR platform. Over the last year he also led the VA’s response to the Covid-19 crisis.
Stone was appointed Principal Deputy Undersecretary for Health at the VHA for the second time, after previously serving in the role between 2016 and 2017. Between 2018 and 2021 he was executive in charge at the Veterans Health Administration, and before that had a short spell in the private sector as a Vice President for military health at Booz Allen Hamilton in Washington D.C.
Stone is a medical doctor, and during his period of Army service was Deputy Surgeon General and Deputy Commanding General of Support for the US Army Medical Command.
Commenting on Stone’s departure, Secretary of Veterans Affairs Denis McDonough, said “We owe Dr. Stone an immense debt of gratitude for his leadership, especially during the pandemic.
“When COVID-19 first began to spread, Dr. Stone was among the first people Veterans and their families heard from, delivering a simple and urgent message: ‘We are going to be here [for you] just like we have been for the last 100 years.’
“As much as I hate to see Dr. Stone go, I am grateful to him for staying through mid-July, during which time I will continue to lean on him and learn from him.
“I’m proud to call Dr. Stone a friend and I thank him for his decades of service. Our nation is safer, and our Veterans are healthier because of his work,” he added.
OPM rules federal agencies can rehire staff at higher pay grades
The Office of Personnel Management has issued a new regulation that will allow federal agencies to rehire staff at a higher pay grade.
The measure is intended to broaden the choice of talent available to agencies and to provide a route for former federal employees to re-enter government in a position with an analogous skill level, after a spell working in the private sector.
It comes as government departments continue to look for new ways to hire technology talent into senior positions.
OPM says that the guidance will also increase knowledge-sharing between private enterprise and government agencies. The new regulation was published on Tuesday in the Federal Register as a final rule document.
However, some agencies and unions have raised concerns, saying it may be abused and potentially erode the bargaining power of staff.
In its Federal Register entry, OPM said seven individuals, two federal agencies, and the Federal Employees’ Union had submitted evidence to say that the hiring authority may be abused, and questioned the fairness of allowing former federal employees to re-enter the workforce in this way.
Two individuals and three federal agencies also questioned OPM’s assertion that former employees would actually acquire skills or experience in the private sector that would qualify them for such an appointment.
According to OPM, seven individuals, four federal agencies, one professional organization, and the Federal Employees’ Union also in evidence said that the proposal is contrary to merit system principles and would deprive certain employees to their collectively bargained right to first consideration.
In 2019, the Trump Administration gave a final ruling on direct-hire authority for key IT positions, which gave agency leaders the authority to sidestep typically long federal hiring processes, if there is a shortage of applicants or critical need.
That direct-hire rule gave agencies permission to hire IT professionals for limited terms of up to four years, with an option to extend those measures for another four.