Air Force turns to VR for suicide prevention training
The Air Force is turning to virtual reality technology to train its airmen to recognize and help others at risk of self-harm.
The service is using VR training to put airmen in life-like situations to practice how to get a distressed person help. With social distancing requirements, in-person training and face-to-face conversations pose a greater risk for COVID-19 transmission, a risk reduced by VR training with users communicating through a headset.
The Air Force has also embraced VR for other training, like flying and maintenance.
The rate of airmen dying by suicide has increased in the past few years, up from a 2018 rate of 18.5 per 100,000 to 25.1 per 100,000 in 2019, according to recent DOD data. Conclusive data on the rate in 2020 is not available, but initial reports indicate a further increase during the first months of the coronavirus pandemic.
“We are excited and highly motivated to be the catalyst for this innovative suicide prevention program,” Brig. Gen. Norman West, Air Mobility Command surgeon general, said in a release. “The VR scenario is very realistic and this is the type of training we need to save lives in the real world. One life lost to suicide is too many.”
The technology was recently used in a training session at Travis Air Force Base in California at the behest of the Air Mobility Command leader, Gen. Jacqueline Van Ovost. New modules were tested featuring clips of actors and on-screen prompts for what trainees should say, according to a video posted by the Air Force. Other modules are in development for instructors and other members of the Air Force working on suicide prevention.
The technology works by guiding airmen through a training session and then into a role-playing scenario where they speak directly with an actor who displays distress signs. A coach listens in on the session, and if trainees are not following procedures, they are reminded of specific questions they are supposed to ask, like “Do you have a gun in the house?” or “Are you thinking about harming yourself?”
“We believe this training will not only save lives but prepare our Airmen for tough conversations that will build a more resilient force,” said Victor Jones, AMC Suicide Prevention program manager.
Leaders overseeing the program are also using the tech to pick up on subtleties in how airmen interact with the VR experience.
“[W]hen someone needs to say something tough, they don’t say it as loud as the rest of what they say,” according to the release. That’s a data point trainers are using to encourage airmen to be confident in getting others help.
Spouses of airmen are also being offered the training and it is expected to continue as more modules are created by Moth and Flame, the VR studio contracted to make the content.
If you or someone you know needs help, call 1-800-273-8255 for the National Suicide Prevention Lifeline. You can also text HOME to 741-741 for free, 24-hour support from the Crisis Text Line.
Basic cybersecurity standards must start with procurements, experts say
Government must do a better job of setting minimum cybersecurity standards when buying IT to avoid more breaches like the ones agencies suffered after the SolarWinds hack, say cyber experts.
Large procurements, in particular, should be used to drive modern security architectures that better protect entire systems, said Jeanette Manfra, director of government security and compliance at Google and a former top official with the Cybersecurity and Infrastructure Security Agency.
If agencies consider the risks of introducing software like SolarWinds Orion to their networks during the procurement process, they’ll also avoid introducing vulnerabilities.
“The government is a very large consumer,” Manfra said during a Center for Strategic & International Studies event Friday. “They need to be driving what those security standards are that they want to see through their procurements.”
While the government should also establish minimum cybersecurity standards for the private sector, experts agreed they should be voluntary and not become a check-the-box activity for companies.
The SolarWinds software supply chain attack began in March and was massive in scale at nearly 18,000 intrusions. At least nine federal agencies were compromised, with the extent of the damage still being assessed.
While the hack was detected in December and widely reported to have been committed by Russia, the reality is that true attribution is ongoing, said retired Lt. Gen. Ed Cardon, senior counselor at the Cohen Group.
All of this points to gaps in information sharing between government and the private sector.
“Info sharing is a pretty broad term,” Cardon said. “Just simple things like worldwide collection of DNS logs, it’s amazing how if we would just do that we could do a lot with attribution. But often those are missing; they’re not collected.”
CISA, which Manfra left in November 2019, continues to make inroads with companies to determine who has the information it needs to avoid specific cyberattacks, she said.
The agency was established to be the central clearinghouse on the civilian side for threat information from the private sector, said Rep. Michael McCaul, R-Texas.
The ranking member on the House Foreign Affairs Committee said he’s planning to introduce legislation establishing a mandatory breach notification system. Breach data could be easily anonymized to protect the companies involved and liability protection ensured, so companies wouldn’t withhold information for fear of lawsuits, McCaul said.
“Some companies don’t report this at all,” McCaul said. “And it’s important we have that threat information to share it not only with the private sector, where 80% of this resides, but across all departments within the federal government.”
DISA’s Vice Adm. Norton retires
Vice Adm. Nancy Norton left one of the military’s top IT jobs Friday as she retired from her directorship of the Defense Information Systems Agency and command of Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN).
Lt. Gen. Robert Skinner of the Air Force replaced Norton at a change of command and directorship ceremony Friday.
Norton leaves at a critical time for DISA as it prepares to issue an $11 billion IT services contract, lead a major consolidation of support agency IT networks and continue investigating the SolarWinds hack. DISA will also maintain its own pivot to maximum telework and continue supporting DOD’s adoption of the Commercial Virtual Remote environment.
“We have done an amazing job,” she said during a virtual roundtable with reporters Thursday. “The thing that was most important, is how we have treated each other as people.”
Supporting the military’s shift to telework was not the first major crisis she steered DISA through. Under her watch, DISA was almost eliminated by Congress in 2018, a move she helped thwart. She said that “telling the DISA story” and increasing the transparency of the agency was what helped save it from the chopping block.
“It is pretty amazing if you think about what would have happened in 2020 if that had happened,” she said of the potential cutting of DISA’s funding.
Amid the response to a global pandemic, Norton also helped oversee the response to the recent SolarWinds breach. As commander of the Joint Forces Headquarters-Department of Defense Information Network, Norton leads the operation and protection of the military’s IT networks, which were targets of the suspected Russian hackers who led the larger cyberespionage campaign. DISA said it did not find any bad actors on DOD networks, but investigations remain ongoing.
Norton joined the Navy as an officer in 1986 and rose to become the first female director of DISA in 2018. While leading the DOD’s IT support agency, she pushed for more diversity and inclusion in the military technology community.
Network consolidation
DISA’s plan to make itself the single service provider for defense support agencies, dubbed the Fourth Estate network optimization initiative (4ENO), is a massive undertaking involving technical consolidation, personnel shifts and workforce restructuring. With Norton at the helm, DISA broadened its mission with the project.
The process is already underway with the Defense Technical Information Center already transitioning help desk and IT personnel into DISA, Norton said. More migration is expected to happen under Skinner’s directorship.
A part of the migration will be the award of the Defense Services Enclave (DES) contract for a single vendor to help with the technical integration of disparate networks — a deal that’s worth up to $11 billion.
The contract will be an indefinite-delivery, indefinite-quantity vehicle with task orders issued for specific work. The agency anticipates a 10-year work period, but the contract will have an initial four-year base with three optional two-year extensions.
“The concept of making DISA the single service provider is really something new,” Norton said. “That is really exciting.”
Pandemic pushed National Cancer Institute to commercial software for telemedicine, CIO says
Prior to the COVID-19 pandemic, the National Cancer Institute relied on “expensive and not user-friendly” custom systems for its telemedicine. But as the need to see patients remotely grew over the past year, the institute turned to commercial software that could more easily support its scaling needs, CIO Jeff Shilling said.
NCI began using Microsoft Teams to communicate with and administer telemedicine to patients in clinical trials. This let both the NCI doctors and researchers and the patients stay safe while continuing care.
People had their doubts about using commercial software for such a highly sensitive mission set. But it was a crisis, and NCI was forced to go into crisis mode to make the move.
“Never let a good crisis go to waste,” Shilling joked during an SNG Live session Thursday. But on a more serious note, he said of people’s concerns using Microsoft Teams for sensitive communications, “Listen, we’ve got to talk to these people. We have many people dying of cancer — many, many millions of people dying of cancer — we can’t worry about some of these things.”
NCI did work with Microsoft to “make sure that everything was encrypted properly, everything was a unique connector,” Shilling said, adding that Microsoft did everything “really well,” rising to the occasion because it too was in crisis mode.
At the end of the day, the new model was successful, Shilling said, because the commodity IT was ready to scale immediately and it was user-friendly from the start — and, perhaps more importantly, it was cheaper.
“The doctors don’t use special medical computers, they use Macs and PCs, just like everybody else,” he said. “So they have all the benefit of using these commodity tools. And so we think we can use these commodity tools in telemedicine as well. And that’ll extend past the patient, to radiology, to pathology, all these things that we can start to use the standard tools, it’ll make it just much, much more portable. And we need that. We need it because we need more medicine for more people. And the only way we can do it is to make it less expensive.”
Dr. James Gulley, director of the Medical Oncology Service at NCI, and his team were some of the first to make the move to Microsoft within the institute last spring. He said in an interview published by the National Institute of Health that his team “quickly got used to the platform, and it became our preferred means of communication between team members, other collaborators and patients.”
“This has opened up opportunities for us to communicate more effectively with patients at home,” Gulley said. “Phone conversation can get some of the information however much of communication is nonverbal. This also provides improved efficiency for patients and healthcare providers and decreases costs in both money, time and potential exposure to SARS-CoV2.”
How open technology and process help the public sector innovate
SBA adapting IT systems providing COVID-19 relief amid program changes
The Small Business Administration continues to adapt its IT systems processing COVID-19 relief applications to address changing program requirements.
The Biden administration announced a two-week window starting Wednesday where only small businesses with less than 20 employees may apply for Paycheck Protection Program (PPP) forgivable loans to keep their workforces employed during the pandemic.
As new legislation and executive mandates attempt to provide relief where it hasn’t yet been granted, SBA is scrambling to make changes to its E-Tran loan system and program portals.
“We’ve been obviously faced with a tremendous scaling challenge…in terms of the volume of transactions we are processing,” said Sanjay Gupta, chief technology officer at SBA, during an ATARC event Thursday. “But also more importantly the velocity at which we are processing this higher volume.”
Businesses went under because initial PPP loans dragged into the summer as SBA struggled to process requests for $400 billion in relief funds and adjust E-Tran to shifting rules for eligibility, financial institutions, terms and conditions, and transferring loans into grants.
SBA also responds to disasters, and President Biden declared Texas’ snowstorm a major disaster earlier this week. The declaration will mean a workload surge for SBA on top of dealing with PPP and Economic Injury Disaster Loans for the pandemic, Gupta said.
Fortunately, SBA’s cloud migration began in 2017, allowing it to scale with increased employees better than it would otherwise. But in March the agency accelerated implementation of a cloud-based secure connector, in lieu of its traditional virtual private network, to improve security and visibility into traffic and performance.
Conditional access — which throttles users’ access if they fail to meet certain conditions related to things like where they’re connecting to the network — has proven helpful during the pandemic. The same is true for geofencing, which took six hours to implement in March and took care of traffic from foreign countries trying to access pandemic loan portals, Gupta said.
SBA is relying on native capabilities more heavily when it comes to cybersecurity tools, anomaly detection and machine learning.
“We are automating these things,” Gupta said. “So a year from now you’ll see a higher resilience posture.”
Uniquely identifying virtual machines on SBA’s network continues to be a challenge however, Gupta said. He led SBA’s 90-day Continuous Diagnostics and Mitigation modernization effort in coordination with the Cybersecurity and Infrastructure Security Agency, and together they developed a model for identification.
Virtual machines are instantiated as needed and may need to be created and destroyed in microseconds. SBA’s model attempts to track and manages those machines in a cloud environment and was published in a report, but the CDM team has yet to release guidance.
“I’m sure it’s in the works,” Gupta said.
NSA issues zero trust guidance, urging DOD and contractors to adopt model
The National Security Agency issued a cybersecurity information sheet Thursday with instructions for defense agencies and contractors on how to set up a zero-trust network architecture.
In it, NSA urges the entirety of the Department of Defense and its contractors to implement zero trust for sensitive systems to better prevent data exfiltration.
“NSA strongly recommends that a Zero Trust security model be considered for critical networks to include National Security Systems (NSS), Department of Defense (DoD) networks, and Defense Industrial Base (DIB) systems,” according to the cybersecurity information document.
The push to zero trust — where compromise is assumed and users are asked to verify their identity as they move around a network — has grown stronger after the discovery of the massive SolarWinds hack last year. The penetration of sensitive network components by suspected Russian hackers in the breach was another dire example of cybercriminals gaining wide access to information once in a network.
“Adopting the Zero Trust mindset and leveraging Zero Trust principles will enable systems administrators to control how users, processes, and devices engage with data,” NSA said in a release. “These principles can prevent the abuse of compromised user credentials, remote exploitation, or insider threats, and even mitigate effects of supply chain malicious activity.”
The seven-page document is just the beginning of the reference architecture the NSA plans to release to help contractors and DOD components move to a zero-trust model. The agency teased late last year a reference guide it has been working on in partnership with the Defense Information Systems Agency that it plans to release in 2021.
The document includes the pitfalls and challenges associated with its implementation. A lack of commitment by leadership to enterprise wide adoption is primary among those challenges listed in the document.
“With the pervasive need for Zero Trust concepts to be applied throughout the environment, scalability of the capabilities is essential,” the document states.
DIU sees another year of growth in spending, tech transition
The Department of Defense’s Silicon Valley outpost continues to award cash to companies looking to break into the defense market, growing its number of prototype contracts and transitioned technologies in 2020, according to its annual report.
In 2020 the Defense Innovation Unit transitioned 11 programs into full production, meaning it turned a prototype deal into a follow-on contract awarded by a military department or agency.
While an increase from the nine technologies transitioned the year before, it is a small drop in the massive bucket of tech programs run across the DOD.
DIU increased metrics across the board, including new programs started, some of which were launched to contain the spread of the coronavirus in service members. 2020 was DIU’s fifth year of existence, a milestone that was not guaranteed since it was set up as an experiment by then-Secretary of Defense Ash Carter.
The DIU has been the darling of some technology innovation advocates, with its former director calling for a “10x” multiplication of its budget in a congressional hearing. But the challenge for offices like DIU is not necessarily getting companies to build prototypes but rather scaling innovation and disruptive technology use across the massive department. In its five years, DIU has only transitioned 26 technologies, according to the report.
“Now is the time to supercharge DOD access to innovation,” Raj Shah, the first DIU director said during a hearing for the House Armed Services Committee’s Future of Defense Task Force in 2019.
Another change to DIU’s operations this year was the breadth of programs it worked on. It launched 23 new programs, a 35 percent increase over 2019. It placed a large focus on tech that could enhance the DOD’s response to COVID-19. One program created wearables that could detect subtle changes in the wearer’s behavior to identify infected service members.
Another new program Blue sUAS found success outside of just the military, giving agencies options to purchase drones that meet security requirements. The program certified five drones that met cybersecurity and other standards for government use in the face of concerns over Chinese-made drones. Local government agencies also have access to the program.
Artificial intelligence-based technologies continue to be a priority for DIU, the report noted. DIU is not alone in its interest, with similar rapid acquisition offices like AFWERX prioritizing AI procurement as their largest budget area.
NIH advances COVID-19 health status reporting and contact tracing pilot with IBM
The National Institutes of Health moved its COVID-19 verifiable health status reporting and contact tracing pilot into a second phase, awardee IBM announced Thursday.
IBM will begin working with the Washington Suburban Sanitary Commission (WSSC Water) to deploy its Digital Health Pass to prove to NIH the platform will work with third-party organizations. The platform combines public health data like test results and onsite temperature scans with contract tracing technology and will inform the Maryland water utility’s pandemic decisions to bring employees back.
The pilot’s advancement marks a win for NIH‘s Digital Health Solutions for COVID-19 contract, awarded to seven organizations for a total of $22.8 million — assuming all awardees receive phase two funding.
“Emerging smarter from the COVID-19 pandemic requires adopting technologies to increase
resiliency,” said Andrew Fairbanks, U.S. federal sector leader at IBM, in the announcement. “As testing becomes more widespread and vaccines are distributed, it’s more important than ever to foster innovative thinking and develop solutions such as IBM Digital Health Pass, designed to support organizations in bringing people back to a physical location.”
The National Cancer Institute and National Institute of Biomedical Imaging and Bioengineering awarded the second phase of IBM’s contract, originally won in September, once it demonstrated Digital Health Pass’s feasibility.
NCI and NIBIB are interested in using the platform not just during the ongoing pandemic but for future public health preparedness and pandemic response.
Data collected by Digital Health Pass is anonymized and stored in NIH’s COVID-19 data hub made available to researchers while also allowing participants like WSSC Water to privately monitor employee vaccination and health status.
IBM has until September to continue working with WSSC Water, which serves 1.8 million Montgomery and Prince George’s county residents, at its Laurel, Maryland, headquarters and additional locations.
“Using a cloud-based tool, instead of multiple paper processes, will simplify our self-monitoring, reporting and contact tracing efforts — allowing our employees to spend more time focused on providing safe, seamless and satisfying water services to our customers,” said Carla Reid, general manager and CEO of WSSC Water.
The other organizations to win Phase 1 spots on NIH’s Digital Health Solutions for COVID-19 contract for their digital health solutions were: Evidation Health; iCrypto; physIQ; Shee Atiká Enterprises; the University of California, San Francisco; and Vibrent Health.
Machine learning speeding up patent classifications at USPTO
Machine learning is helping the U.S. Patent and Trademark Office shorten the time it takes to assign patent applications to examiners, instead of having to redo its entire classification process, according to CIO Jamie Holcombe.
USPTO sent its top engineers to Google on the East and West coasts to learn more about ML and TensorFlow application programming interfaces.
Now those engineers are using Python with TensorFlow to apply ML to patent classification, search and quality.
“We immersed them in the culture, and they got Googly,” Holcombe said during an ACT-IAC event Wednesday. “They got certified in TensorFlow, which is the open-source library for a lot of neural network feedback loops.”
USPTO has patent examiners use those feedback loops to rate how well ML algorithms are classifying patent applications to the art units and examiners that evaluate them, as well as search for algorithms in the system.
Despite having 250 years of historical data to train its algorithms with, USPTO relies primarily on daily feedback from examiners to ensure they’re working.
The agency is also hiring vendors to classify patent applications and comparing those classifications against its own algorithms. Having vendors and patent examiners working in tandem further refines the algorithms, Holcombe said.
“There always could be a black swan, and that’s what you’re trying to prevent in the curation of your data moving forward,” Holcombe said. “Black swans have to be cared for and handled and managed appropriately, or else it will break the system.”
USPTO remains in the early stages of ML use, in part because it’s still cleaning its data. While the agency uses robotic process automation (RPA) for clerical and administrative processes, it’s still getting used to the technology before applying it to patent and trademark workflows, Holcombe said.
Holcombe said he doesn’t believe AI yet exists, but there’s a spectrum of automation technologies with RPA at one end and more advanced neural networks at the other.