VA creating new digital platform to modernize GI Bill benefits
The Department of Veterans Affairs is building a new platform to centralize GI Bill-related benefits processing, a long-desired modernization effort to help veterans receive the higher education benefits they’re entitled to.
The VA awarded a contract to Accenture Federal Services on March 11 to start building the “Digital GI Bill” platform as a means to ease communications between veterans, schools and the government.
The idea of modernizing the VA’s benefits system been talked about for years following the passage of legislation in 2017 requiring an update to the way veterans can receive tuition and other benefits for higher education. Those changes, though, caused glitches in the existing system, which led to years of working on a long-term fix.
Momentum picked up modernizing the program last fall when the department asked Congress to reprogram COVID-stimulus funding for the IT project and made meaningful progress updating outdated systems and processes as required by the 2017 law.
Introduced under landmark legislation during World War II, the GI Bill allows veterans to earn funding to cover their education after service and has seen several updated laws to tweak its administration.
“[T]his platform will enable VA to call, email, text and chat with GI Bill beneficiaries, grant the Veterans Benefits Administration (VBA) immediate access to beneficiary records and respond to questions from colleges and universities instantaneously,” according to a press release. It described the platform as “an end-to-end systems management perspective to ensure proper compliance and oversight of GI Bill programs, and the use of data and business intelligence tools to track, monitor and measure school and student outcomes.”
It is yet another digital modernization push in the VA, which has faced challenges in modernizing some of its other major programs like electronic health records modernization.
The platform will be a product of both the VBA and the Office of Information Technology, according to the VA. The two will be using $243 million of reallocated money from the CARES Act, the initial round of stimulus passed by Congress in March of 2020.
Air Force updates Digital University with new career tracks
The Air Force‘s platform to upskill its workforce got some major new additions, with new career pathways and course designs to organize users’ learnings around specific technical skill sets.
The Digital University platform’s initial launch in summer opened up thousands of lessons from contractors Udemy, Pluralsight and Udacity without much direction for the learner. The latest updates push the platform closer to what many companies in the private sector have embraced to keep their workforces sharp on the latest technology skills, with specific career paths and customizable tracks for particular skills.
“Technical training typically isn’t done well in the Air Force, so there is a demand to upskill our technical airmen for the jobs we need. DU was built to be that central hub,” said 1st Lt. Peyton Cleveland, who built much of the backend of the new course paths.
Digital University is managed by the Air Force’s Business and Enterprise Systems Product Innovation office (BESPIN). The team told FedScoop in September that it plans to “constantly [update] digital training” on the DU platform, made evident by the new pathways and customization available in the latest release.
“The goal was to completely transform the way we think about digital training,” Cleveland said about DU.
The first Digital University users were cybersecurity specialists and technical professionals looking to stay up-to-date on the latest coding techniques — the type of tech professionals who might already know what lessons to look for in the library. From there, DU leaders hope to expand the user base to curious airmen and Space Force guardians who recognize the benefits of technical skills in their roles but would need more guidance on where to begin — hence the newly coded career paths.
Some hope that senior leaders will also jump on the platform, just like Chief of Space Operations Gen. Jay Raymond said he has done. Raymond also said previously that digital literacy will be a requirement for new Space Force members, who can take Digital U coursework and other tech training to develop new skills.
So far, the platform seems to have taken hold, DU officials say.
“A lot of the feedback has been really positive,” Cleveland told FedScoop. “People love what we are doing and want more of it.” Even the Army is jumping onboard with a pilot of the platform, Cleveland said.
Digital University has been praised by Air Force and technology leaders as a way to help turn the greater Department of Defense into a more-digital organization. With the decades it takes for young, tech-native people to rise through the ranks of the military, Digital University’s leaders hope the program can start to turn those already in senior roles into leaders who recognize the value of digital skills in the modern military.
HHS data collection and sharing continues to evolve with the pandemic
COVID-19 data collection and sharing has changed throughout the pandemic at the Department of Health and Human Services to meet the needs of agencies, hospitals, industry and the public, said Kevin Duvall, acting chief data officer, Thursday.
The Office of the Assistant Secretary for Preparedness and Response supports hospitals with personal protective equipment like masks and medicine. So when it had issues distributing the drug remdesivir in July, HHS began asking hospitals to report their supply.
HHS further made its COVID-19 Community Profile Report, an internal tool originally, available to the public in December as a “highly consumable” PDF, as well as an .xlsx file for deeper analysis, said Duvall, who was instrumental in the effort.
“The data had to evolve with how the government was responding to the pandemic,” Duvall said. “Over time, as we got more comfortable with datasets and felt that the quality of the data was good and sound, there was more and more release of open data.”
HealthData.gov‘s look changed in the past week as HHS migrated it to a new platform with additional capabilities — namely machine-readable, API-accessible interfaces for every dataset to assist researchers, companies and journalists.
The separate HHS Protect Public Data Hub and Centers for Disease Control and Prevention COVID Data Tracker represent a year of work.
The hub includes hospital use reporting and data on what therapeutics like Lilly and Regeneron they’ve received. The tracker meanwhile combines CDC guidance with data and links to HealthData.gov.
The downloadable COVID-19 Community Profile Report on HealthData.gov is updated daily. And the PDF contains data on case positivity, deaths and hospital admissions, while the .xlsx breaks things down by states, regions and counties.
Search analytics revealed state data was particularly popular, so HHS now offers a state profile view as well.
Before opening datasets up HHS has to consider the legality, for which general counsel is consulted, and the potential effect on hospitals.
“What is the appropriate level of granularity into what’s going on [without] show[ing] too much that would then be detrimental to hospitals, as well as the patients that are in the facility,” Duvall said. “That’s a hard challenge for the pandemic.”
DDS 2.0: The Pentagon digital team’s journey from startup to full-fledged firefighter
When the Pentagon chartered its digital services team — the Defense Digital Service — in 2015 as a branch of the White House’s U.S. Digital Service, the mission was simple: Embed the nation’s top tech talent within the Department of Defense for a brief tour of duty to rectify the military’s tech woes with an innovative and agile mindset.
While that core formula — calling on the nation’s brightest to serve and bring the Pentagon’s IT into the 21st century — is still there, in the five years since, DDS has matured and transformed. Today, DDS exists as more of a digital first-response force, often working hand-in-hand with service members on the operations side when the department faces a “fire” that requires tech help — these days, pretty much any major challenge in the national security space.
Perhaps the best and freshest example of this is the team’s many supporting roles during DOD’s response to COVID-19. It started with aiding the USS Teddy Roosevelt in Guam when the aircraft carrier experienced a widespread outbreak of the coronavirus and was ordered to stop its movement. The team created a symptom tracking app for the sailors on board to keep tabs on who had the virus and who had been exposed to stop the spread.
And more recently, the service assisted Operation Warp Speed — the federal vaccine delivery effort — working in tandem with the NSA to secure critical data and systems involved.
In between those “sentinel” efforts, as DDS Director Brett Goldstein described them, the team stayed busy with COVID-19 expanding the symptom tracking app department-wide, improving virtual hiring and onboarding during the pandemic, and supporting Navy medical ships by detecting and guarding against drones flying in their airspace.
“That’s when I realized that we had taken this team from being a generator of good ideas and good feedback to rapid response solution delivery — this vision of a SWAT team of nerds, but a SWAT team of nerds that delivers left and right,” Goldstein told FedScoop.
But it wasn’t always that way. When Goldstein arrived as director of DDS in early 2019, he was handed an organization still in its “early stages” that hadn’t figured out how to sustain its growth — it hadn’t figured out yet how to deliver outcomes.
“I saw lots and lots of good ideas,” he said. “But we hadn’t really conquered the sustainable piece, or ensuring the outcome, or the commitment to stay with something when it went from sexy and shiny to kind of boring but still critical.”
Shortly thereafter, an old friend and colleague in Katie Olson joined him as deputy director of DDS, and the two began to consciously “sit down and…start to rethink where should this organization go,” he said. The two worked together for the City of Chicago about a decade ago.
Olson saw it too: “I think part of what we both immediately recognized is the stage DDS was in, it was a sort of a startup trying to move into steady-state operations.”
One thing was missing. Goldstein said he’d hear it over and over again when he joined during his initial meet and greets with DDS’s partners. “A theme that kept on coming up was, ‘You folks will come in for a tiny period of time, we’d hear about all the things that we’re doing wrong. But then wouldn’t know how to get to a better outcome.'” he said. “And this is something that really resonated with me because I don’t want to go around just telling people you’re doing it wrong. I want us to get it right.”
Leapfrogs and fires
It’s not always immediately apparent what constitutes a project fit for today’s Defense Digital Service. It’s really an amalgamation of things, centering on a couple common threads. Most often, the team is called upon when “something horrible happens, like some critical system breaks, and no one else can fix it,” Goldstein said.
“I really do love the example of the USS Teddy Roosevelt [COVID-19 response]. Literally, it started with a phone call in my house,” he continued. “And 24 hours later we were delivering. I don’t know anyone else, any other technical component that can deliver like that.”
In addition to putting out those “fires,” DDS wants to be the team that thinks big, initiating “leapfrog” projects — things that dramatically move a technology or concept forward in a quick and actionable way.
“I think where we’ve landed in terms of the type of work we’ll do is we should be doing things that are giant leapfrogs, you know, things like [counter-unmanned aircraft systems],” said Olson. “On the other hand, we are there to be the department’s kind of crisis management group and to be solving fires.”
Cybersecurity is a leapfrog that keeps Goldstein up at night.
“Every night, I wake up in the middle of the night worried about cybersecurity, cyber capability, and our national security,” he said. “I am not interested in talking about 10-year plans. I’m interested in what are the things we can do to leapfrog a capability in that space and accelerate change and the application of that?”
So, DDS has expanded its cybersecurity work, beyond just the bug bounty success it’s had with Hack the Pentagon to take a more holistic approach to “help the department think about their cyber hygiene,” said Olson. Also, the team has created tools like Clone Wars that scans “see if any of our code is leaked out” and Crossfeed, a continuous monitoring tool that scans DOD’s public-facing assets for vulnerabilities.
Peppered between the leapfrogs and fires, DDS also takes on pilot projects, starting small with modern tech concepts that could be of great benefit to the wider department.
“We have moved to repeatable processes and projects that we can test out, instead of saying, you know, let’s get the entire department on one cloud,” Olson told FedScoop. “Looking at something like [what] the Air Force is doing with Cloud One or Platform One. Let’s shift people into this idea of developing and cloud architecture and scale up from there.”
This is a marked difference from the DDS of the past — the one that was responsible for developing the concept behind the Pentagon’s controversy-ridden $10 billion Joint Enterprise Defense Infrastructure (JEDI) contract to acquire a single, end-to-end cloud solution.
Ownership of JEDI was transferred to DOD’s Office of the CIO in 2018, and while this gave DDS more time to focus its attention on new projects, it also marked a natural point for some original team members, done with their work on this all-consuming program, to plan their exits.
New team, new DDS
Within a year after the transfer of JEDI, founding DDS Director Chris Lynch departed to start his own company, Rebellion Defense. Many of the Defense Digital Service’s early members followed Lynch to Rebellion, leaving the team with a slimmed-down staff when Goldstein arrived in mid-2019.
Around this time, DDS also gained independence from USDS. “Going back to the original conceptions behind USDS, the idea was to create organizations within the agencies that could be sustainable on their own,” Goldstein said. “So DDS has accomplished that.”
These moments together birthed an opportunity for Goldstein and Olson to build a hand-picked team from near-scratch.
“A lot of people were, I think, done with their time with DDS, either because their terms expired or they just had worked really hard on JEDI” and saw that as a natural conclusion, Olson said. “We had to immediately start rebuilding the team.”
But because of the fresh start, “we could recruit the skill sets that we felt were needed or missing,” she said, adding that more than 60 members have been brought on since then.
Typically, USDS led recruiting and hiring for DDS. But now the two were split, and it was up to DDS on its own to rebuild. Goldstein and Olson took the lead, and because of that, “I know everyone’s name. I know everyone’s story. I know their capability. I can say that Katie and I have screened every single person and can attest to their skills and their abilities,” Goldstein said. For this reason, he never wants the team to be much bigger than it is now at roughly 80 members.
They brought on new skillsets and a more diverse team focused on security engineering and data science, as those were strategic areas DDS hoped to expand its work in, Olson said. They also doubled down on “engineers, designers, and product managers, and what we used to call bureaucracy hackers, you know, people who are in the front office, who know their way around acquisitions and legal and communications and all of these important skillsets to help the team function.”
Even during the pandemic, DDS continued hiring when many DOD teams struggled to traverse the need to do so remotely. The team took the lessons learned from that and passed them on across the department in a toolkit for how to hire digital talent in this new environment, helping answer questions like “what was the experience like for people when they finally did start…making sure everybody had delivered laptops all over the country, and making sure that we still had good cyber hygiene.”
“The majority of the team at this point has onboarded in or around the pandemic,” Olson said. “There’s a good percentage of the team I’ve never met in person. It’s kind of wild.”
Goldstein doesn’t see this changing. DDS will continue to hire talent where it is, pandemic or not, he said, “because we go where the work is, and where the need is, and so on.”
The future of DDS
Under a new administration with a new secretary of Defense, the Defense Digital Service will undoubtedly continue to evolve. Likely, that will mean new focus areas in line with the DOD’s similarly evolving mission set.
Olson pointed to things like continued support in cybersecurity, public health response and, perhaps, climate change as areas the DOD could look to DDS for help.
“We have a lot of real estate and a lot of bases,” Olson said of the military’s role in climate change. “And it’s kind of interesting to think about bases being like small cities, and how can you pilot some things like renewables. But then we’re also a huge consumer of energy. And so I think there’s potential to make different choices to make a dent in that.”
For Goldstein, it’s all about staying in lockstep with Pentagon leadership “on what are the things that keep them up at night? What are the evolving threats that are exhibited in the [National Defense Strategy] and how do we ensure that we’re that technical component that is able to step in immediately, not with a one-year plan, not with a big vision, but there’s a need and we go and execute.”
He also values staying in lockstep with his deputy in Olson.
“At DDS, the way we structured it from day one is more of a partnership than the director and the deputy,” Goldstein said. “And that’s allowed us to grow and scale in ways that were potentially harder. She and I share critical decisions, we develop strategy together. And the beauty behind that is, when one of us is off on an operation out of the country, any of those pieces, the other is able to step in. I think this relationship has been critical to allowing us to double the organization in size, but also take on really, really critical missions. I think that’s been a cornerstone in our successful growth. And I’m really happy that she and I were able to collaborate again.”
Regardless of what the future might bring for DDS, one thing remains essential to the team’s mission, Goldstein said. “There’s been a bit of acceptance that technology is going to be behind in government or this concept of ‘good enough for government work.’ None of that is acceptable to me. And none of that should be acceptable going forward. So as we go into the future, we need to bring the very best in technical talent, technical delivery, technical capability into our national security and into the fight.”
Improve data security and interoperability for public health agencies
The healthcare industry continues to look for better ways to share information to improve the quality of patient care. However, implementing patient portal systems — and the processes behind them — presents several technical challenges when information needs to pass across different organizations, including health agencies in government.
Read the full report.
“Health care agencies need to consider [the use cases] for each of their main user populations — patients, partners, and government employees — and how identity and access management can help them excel,” say experts in a recent whitepaper from Okta.
The whitepaper explores some of the principal challenges surrounding data security and user access and how a modern identity and access solution can help public health organizations improve interoperability of patient and health data.
Low patient portal adoption
Value-based care is a model that seeks to provide patients with the highest quality of care possible. That advent of portals was intended to help improve the ongoing relationship between patient and provider.
The report, however, indicates a number of barriers are slowing the adoption of portals, including lack of trust, poor user experience and portal overload. The report cites a brief from the Office of the National Coordinator (ONC) for Health Information Technology that “found that 25% of patients who do not access their online medical records do so because of security or privacy concerns.”
But modern identity and access management tools, which incorporate automation and API capabilities, can improve the experiences of health partners and patients and close security gaps without burdening the IT department.
“Automation can authenticate any individual needing to access records, ensuring that person is who he says he is, and then authorize which specific information can be accessed and how it may be used,” says the report.
Identity as the foundation for patient portal engagement
Earning user trust in portals requires striking the right balance between robust security and positive user experience, according to the report.
“A single sign-on (SSO) process removes friction by allowing patients to use one set of credentials to securely access all their health-related resources,” the report says.
“Choosing an identity solution with customizable, out-of-the-box functionality can help healthcare organizations create a modern onboarding experience without extensive time or resources from their IT team. An identity provider who is able to unify web, mobile and omni-channel experiences will also further decrease friction and enhance the user experience for patients.”
Interoperability of care when multiple organizations are involved
With organizations all using their own portal system, overcoming the challenge to provide access to information, while ensuring security and data privacy, has proven particularly difficult.
A modern identity and access management system, like Okta’s platform, uses an interoperable healthcare API standard called SMART on FHIR (Fast Healthcare Interoperability Resources) to enable different applications to access health records in a secure way.
“A cancer patient’s primary care physician would need access to the information maintained by the NCI on the clinical trial, for example, and would probably also want to be able to upload routine patient information such as blood work,” the report notes.
The report goes on to explain how Okta’s platform is designed to be the foundation for a modern zero-trust security architecture — a necessity for the healthcare industry — and how it further helps customers maintain and prove adherence to healthcare security regulations like HIPAA and EPCS.
Learn more about how a modern identity and access solution can help public health organizations modernize patient care.
This article was produced by FedScoop for, and sponsored by, Okta.
New VA secretary to review EHR modernization program after troubling reports
New Secretary of Veterans Affairs Denis McDonough announced a “strategic review” of his department’s electronic health record modernization program Friday, a move welcomed by lawmakers.
The review comes after the VA previously rejected a call from the Government Accountability Office to pause the system’s rollout to fix critical issues and a congresswoman sent a letter this week to VA leadership detailing medical issues caused by the transition.
The recent reports of issues with the program stem from the October go-live of the EHR system at the Mann-Grandstaff VA Medical Center in Spokane, Washington, the first center to launch the new Cerner-built EHR system.
“A successful EHR deployment is essential in the delivery of lifetime, world-class health care for our Veterans,” McDonough said in a release. “After a rigorous review of our most-recent deployment at Mann-Grandstaff VA Medical Center, it is apparent that a strategic review is necessary. VA remains committed to the Cerner Millennium solution, and we must get this right for Veterans.”
The plan to next roll out the system in Columbus, Ohio, is still on track, but schedule changes are on the table following the review, the VA announced. It’s unclear what else might change after the 12-week review, but the recent GAO report pointed to several technical issues that need to be tested and addressed.
With new scrutiny of the $16 billion, 10-year modernization program developed during the Trump administration, some members of Congress are questioning the continuation of the contract with Cerner Millennium.
“It is more important for VA to get EHRM right than to rush it and put veterans’ health at risk,” House Veterans Affairs Committee Chairman Mark Takano, D-Calif., said in a statement. “This strategic review comes at a critical time, and I’m hopeful that it will ensure Secretary McDonough has an opportunity to examine the prior administration’s handling of the project and course correct if necessary.”
Republicans also welcomed the review while questioning the entire continued existence of the program. Rep. Cathy McMorris Rodgers, a Republican congresswoman from Spokane, Washington, described staffing shortfalls and issues with prescription refills as “dangerous and unacceptable” in a letter to McDonough Wednesday.
The top Republican on the committee’s Technology Modernization Subcommittee echoed a similar sentiment.
“It is not too much to ask that the Cerner electronic health record pass a simple test, that proves it will help doctors and nurses deliver quality and timely care to veterans, before it can be deployed anywhere else,” Rep. Matt Rosendale, R-Mt., said in a statement. “If it cannot do that, we should not continue to spend on the contract.”
New VA EHR causing ‘dangerous and unacceptable’ patient issues, lawmaker says
The Department of Veterans Affairs continues to face issues as it rolls out its modernized electronic health record (EHR) system, with veterans allegedly bearing the brunt for the changes, according to one concerned lawmaker.
In a letter sent to newly confirmed VA Secretary Dennis McDonough, Rep. Cathy McMorris Rodgers, R-Wash., alleges she has received reports of “dangerous and unacceptable” delays in medical services, particularly around prescription-filling.
The allegations come after the VA was warned by the Government Accountability Office instructed the VA to stop the rollout beyond the initial launch site in Spokane, Washington, and warned of system failure without fixes.
“I am hearing an increasing number of complaints and pleas for help coming into my Spokane and Coalville offices,” McMorris Rodgers, who represents the district where the first EHR iteration was launched at the Mann-Grandstaff VA hospital. “I am getting reports of veterans not receiving their prescriptions when needed or receiving the wrong prescriptions.”
The EHR modernization project falls under a $16 billion program to migrate veterans’ medical records to a Cerner-built cloud system and launch all-new user and patient interfaces. Several GAO and inspector general reports have warned about issues in the system’s rollout, which was twice paused before launching in October. The goal is to eventually link the system with the military’s similar modernized platform to allow for a smooth transition for retiring service members.
The VA says it is aware of the issues raised by Rep. Rodgers and says it has already begun to address the issues.
“VA was aware of the issues raised by the Congresswoman,” the VA told FedScoop. “For example, VA identified areas where Veterans in the Greater Spokane area needed additional education and communication resources to successfully use their new patient portal.”
McMorris Rodgers says one issue is patients’ difficulty using the Cerner patient portal, claiming that it only runs on Microsoft browsers and is leading to confusion. She said patients would rather use the My HealtheVet app, which she said is discontinued. The VA, though, said My HealtheVet was “not disabled,” but for those looking to fill prescriptions at the Mann-Grandstaff hospital, they need to use a new patient care portal called My VA Health.
The VA said that 12,844 veterans have signed up for the new My VA Health patient portal, completing requests for over 29,000 medication refills. The VA told FedScoop it set up educational resources for veterans confused by the transition, “which included internal call scripts, a most frequently asked questions website with step-by-step instructions, multiple Veteran emails and other educational resources.”
“The combined efforts of VA and Cerner Corp. are focused on improving the new portal, making it more Veteran-friendly and easy to access,” the VA said in a statement.
The congresswoman’s letter also cites staff shortfalls and a lack of support. Even though the VA surged additional staffing to the Mann-Grandstaff hospital to help as nurses and doctors learned the new system, the additional personnel has “all but evaporated,” she wrote. The result has been nurses “driven to tears because software, which was intended to be an improvement, makes their jobs more difficult.” The stress has driven a spike in turnover, reaching 60 percent in 2020, the letter claims.
CISA shifting focus to monitoring the insides of networks for cyberthreats
Agencies need to supplement the perimeter security that intrusion detection systems like EINSTEIN provide with capabilities that monitor the insides of networks ahead of future supply chain attacks, according to the head of the federal government’s lead cybersecurity agency.
EINSTEIN is the Cybersecurity and Infrastructure Security Agency‘s $6 billion program designed to examine internet traffic coming from outside of networks. But no intrusion detection system is capable of preventing a cyberattack like the SolarWinds hack, Brandon Wales, acting director of CISA, told senators during a Homeland Security Committee hearing Thursday.
CISA will use some of the $650 million in funding it received in the American Rescue Plan (ARP) Act to keep the parts of EINSTEIN that work and transition the rest to different programs, as it prioritizes detecting anomalous activity on unencrypted workstations and servers to respond to supply chain attacks faster, Wales said.
“There’s a lot that we need to do through the federal contracting process to ensure that the vendors providing IT products and services for the federal government have the appropriate level of cybersecurity in place, based upon the information and their place within the networks that they are supporting,” he said.
CISA is working with the Office of Management and Budget on that and spending ARP funds to develop better endpoint detection and response tools to block anomalous behavior before it moves broadly into a network, Wales said.
At the same time, CISA is attempting to fully implement its Continuous Diagnostics and Mitigation program after some agencies reported issues identifying and monitoring all devices on their networks.
“After the SolarWinds hack, likely perpetrated by the Russian government, our agencies were asked to self-analyze and review the effects of the attack, when many did not have the capability to do so,” said Sen. Gary Peters, D- Mich., chairman of the committee. “This haphazard approach made it extremely clear that our ability to respond did not match the severity of the crisis.”
Wales assured senators only a “small number” of agencies had issues deploying some CDM tools for asset, software and device management, and configuration and patch management.
Almost all parts of every agency have achieved a common CDM baseline as CISA aims to close out Phases 1 and 2 of the program in 2021, Wales said.
When CDM started, only agencies themselves had visibility into the devices on their networks. CISA did not.
“I think we are now seeing the limitation that poses on our ability to have a comprehensive understanding of the cyber risk picture of the .gov,” Wales said. “And we are hopeful that new guidance will come out of the administration soon that will move us toward CISA having broader and deeper insights into that level of detail and allow us to have the right level of visibility to execute our role when it comes to securing the .gov.”
In the immediate aftermath of the SolarWinds hack’s discovery in December, CISA provided agencies with cloud-based forensics to help them determine if their cloud environments had been compromised. The CISA Hunt and Incident Response Program (CHIRP) is a multi-function forensic scanning tool for detecting threat actor activity on vulnerable SolarWinds devices.
More recently CISA has used ARP funding to launch an informational website on best practices for remediating compromised systems with at least nine agencies compromised in the SolarWinds hack. Earlier this week CISA released detailed guidance for compromised agencies on evicting the adversary, thought to be Russia, from their networks.
“Our work is tailored for each agency depending on the types of support and requirements they have,” Wales said.
Congress shows interest in boosting unmanned systems in Navy
A key congressional subcommittee has a message for skeptics: Contrary to what some believe, unmanned systems are actually popular among some lawmakers.
This came from the chairman of the House Seapower And Projection Forces Subcommittee and was backed up by several members during a Thursday hearing — a signal that the Navy seems to have a receptive audience to its unmanned system plans.
“I want to dispel any narrative that has taken hold in some quarters that Congress and this committee in particular are universally opposed to unmanned systems and platforms,” Chairman Rep. Joe Courtney, D-Conn., said in his opening remarks of a hearing on unmanned systems. “In fact, some of our most reliable and well-known unmanned platforms…were a result of direct congressional action despite reservations from the department.”
The Navy is currently in the midst of strategizing its force design and looking for ways to replace its aging systems with newer technology-driven solutions. The result could be a mix of manned and unmanned systems that will likely impact the rest of the military as the Navy is seen as the critical force in competition with China.
The service also appears less reserved with how much it wants to use unmanned platforms in the future. It recently completed a test sending a “ghost fleet” autonomous ship from the Gulf of Mexico to San Diego. The Navy plans to launch more field tests to further refine the tech, officials told Congress.
The Navy plans to invest not just in sea-based unmanned systems but in those for the air, like the MQ-25 for refueling and MQ-9 for network linkage and data passage. Undersea autonomous vessels add “another degree of difficulty,” but are also of interest, Vice Adm. James Kilby, deputy chief of naval operations for warfighting capabilities and requirements, told lawmakers Thursday.
“We are looking to pivot to this different force architecture,” Kilby said.
Leaders have said that to get autonomous vessels to work, Congress will need to authorize further investments in the connectivity of ships and other technology that will ensure the ability of vessels to maneuver while facing electronic interference or cyberattack.
“Certainly we need to focus on reliability,” Kilby said. He later added: “We need to be very vigorous in our introspection on our security.”
But still, not all lawmakers are sold on the idea of unmanned systems. Virginia Democrat and former Navy officer Elaine Luria said she is concerned about reliance on technology that is vulnerable to cyberattack and GPS denial.
“You can assume in a conflict with China you are operating in a GPS-denied environment, so if you are going to have an unmanned vessel and it doesn’t have GSP capability and you also have other restrictions of communicating with it directly…how is it useful? How is it going to be operated remotely?” Luria said separately Thursday during a Hudson virtual event on the future of the Navy.
Luria said that beyond Thursday’s hearing, she is expecting further briefings and documentation from the Navy on its unmanned systems plans, so her skepticism may wane with more information. But currently, she is unconvinced.
“I am not alone as a member of Congress who really don’t understand where the Navy is going with this,” she said.
In the Thursday hearing, the Navy said it will rely on Project Overmatch — its project to build a network of networks to connect across warfighting domains — for cyber resilience of its unmanned systems. Overmatch is the Navy’s take on the Joint All Domain Command and Control (JADC2) operational construct, where sensor data and systems operating across land, sea, air, space and cyber can seamlessly communicate, just like an Internet of Things.
IT Insights: Interview with AWS financial services expert Olivia Peterson
There are a vast number of federal agencies tasked with regulating and overseeing the nation’s financial markets and institutions to ensure they function effectively and efficiently. Whether it’s to protect consumers, support fair play among businesses or ensure lenders have the credit resources they need — these agencies play a vital role in preserving the health of the U.S. economy.
But as the world becomes more digitally driven, it’s essential for federal agencies to also have the data analytics tools to keep up.
As a former Freddie Mac director and international financial services expert — and now Head of U.S. Federal Financial Services at AWS — Olivia Peterson has a unique perspective on how federal financial agencies and regulators are adapting to this fast-changing environment.
In this exclusive FedScoop interview, Peterson talks about the primary challenges federal financial officials face; and how advances in cloud computing offer more powerful tools to oversee financial markets.
FedScoop: What primary IT challenges have you seen federal financial agencies facing to meet their missions in today’s rapidly evolving digital marketplace?
FedScoop: What key steps have you seen agencies take to modernize their IT?
FedScoop: What were some of the agency outcomes or advances that have impressed you and your colleagues at AWS? And what key take-aways might be applied at other financial agencies and regulators?
This video interview was produced by FedScoop and underwritten by AWS.
Read more insights from AWS leaders on how agencies are using the power of the cloud to innovate.