The votes are in for the 2025 FedScoop.

See the winners!

Air Force launches S&T strategy led by new CTO position

The Air Force issued a strategy Wednesday for its science and technology efforts through 2030 “and beyond” with a focus on moving more quickly to adopt breakthrough technologies.

The plan serves as a new roadmap for the service’s use of science and technology to make sure it’s a step ahead of near-peer threats.

“This strategy isn’t just a list of technologies. Our approach will be to predict where adversaries cannot easily go and make sure the Air Force gets there first,” said Secretary Heather Wilson, who is leaving the job in May.

The strategy’s executive summary echoes that need for speed: “Rather than reacting to others’ advances, the Air Force will set an unmatched pace. Instead of looking at where potential adversaries are heading, the Air Force scientific and technical enterprise will predict where adversaries cannot easily go and then ensure the Air Force gets there first.”

Leading the effort will be a new chief technology officer who will “will guide strategic scientific and technical decisions, prioritize activities, and coordinate across the Service to effectively convert scientific and technical investments into new disruptive capabilities.”

The new role will be “analogous” to the type of CTO role seen in the commercial world, the plan says.

“A Chief Technology Officer would provide a strong voice within Air Force Headquarters and could prioritize and coordinate science and technology across the Service to support the mission, from early-stage research, through developing new concepts, through experimenting and prototyping, to transitioning mature technologies into the Air Force acquisition system,” it reads. “A unified voice at a senior level in the Service could ensure that technology investments produce transformational new capabilities and inform policy and doctrine to shape the missions ahead.”

The Air Force already has two CTO roles: Frank Konieczny, in the CIO’s Office, and Paul Antonik, in the Air Force Research Lab. It’s unclear how this new role might affect those positions, though Wilson has said Konieczny’s role is more specifically cyber-focused and that a “design agent” is working to tailor the role to the Air Force’s needs.

Overall, the report is broken down into three lines of effort:  Develop and Deliver Transformational Strategic Capabilities, Reform the Way Science and Technology Is Led and Managed, and Deepen and Expand the Scientific and Technical Enterprise.

Specifically, it highlights five capabilities the service will look to prioritize over the next decade on:

• Global persistent awareness which may include advances in “multimodal sensing” and developing new laser and multistatic radars.
• Resilient information sharing, which may include developing mesh networks and “agile systems with real-time spectrum awareness.”
• Rapid, effective decision-making which may include advances in artificial intelligence, machine learning and predictive data analytics.
• Complexity, unpredictability, and mass, which may include upgrades to multi-domain command and control, developing low-cost air and space platforms and other advances.
• Speed and reach of disruption and lethality, which may include hypersonic flight, scramjet propulsion and a new generation of smart munitions and tools for cyberwarfare.

There’s an added “emphasis on hard-to-crack efforts related to multi-domain warfare,” an Air Force release says. It also refocuses about 20 percent of S&T spending on “on path breaking ‘Vanguard’ projects.”

This plan advances a preceding strategy from the 1970s that called for S&T to drive “unprecedented force multiplication advantage to our military.”

“While force multiplication is still a key component of our technology advantage, the vision of this Strategy is an Air Force that dominates time, space, and complexity in future conflict across all operating domains to project power and defend the homeland,” it says. “This means that it operates at an unmatched pace of action, achieves unparalleled reach of awareness and effect, and harnesses the power of complexity to enhance resilience in contested environments and impart overwhelming confusion on adversaries. Air Force science and technology will drive the transformational operational capabilities that will make this vision a reality.”

New chief technology officer in at DHS

Brian Teeple has taken over as chief technology officer at the Department of Homeland Security.

He was previously acting deputy CIO for command, control, communications and computers and information infrastructure capabilities under the Department of Defense CIO. In that role, he advised on the integration of DOD communications and infrastructure programs and managed policy and strategy efforts around communications for nuclear and non-nuclear strategic strike and integrated missile defense.

Teeple has also served within the National Reconnaissance Office and the now-defunct Office of the Assistant Secretary of Defense for Networks and Information Integration, as well as worked at the Raytheon Company.

Kevin Wince had been serving as acting CTO of DHS since March 2018 but will end his tenure at the agency April 26 as deputy CTO and chief enterprise architect. Wince is leaving DHS to become the vice president of technology solutions and planning at Navy Federal Credit Union.

IARPA wants AI to keep its eye on that construction project

Data on construction projects can serve to tell countries and companies alike a lot about what’s happening in the world. But what if there’s just too much data?

The intelligence community’s Intelligence Advanced Research Projects Activity is looking to build automated tools that will keep proverbial “eyes” on construction projects across the globe.

The agency recently posted a draft of the broad agency announcement it plans to release for the Space-based Machine Automated Recognition Technique (SMART) project. The goal is to “develop tools and techniques to automatically and dynamically execute broad-area search (BAS) over diverse environments to detect construction… using time-series spectral imagery.”

“Over the coming decades, U.S. and foreign governments, and the commercial sector will continue to pioneer the use of space-based remote sensing to characterize, understand, and predict variability and trends on Earth’s surface for both research and applications,” the draft document reads. “To date, the volume of [geospatial intelligence data] continues to grow, while analysts struggle with the volume, variety, and velocity of space-based data to support local, regional, and national decision-making.”

SMART will help, IARPA imagines, by taking some of the burden off human analysts.

IARPA plans to run the SMART project over four years and in three phases — the first two being 18 months long each and the last being one year. The agency is very supportive of companies teaming up to combine expertise in a wide range of areas like high performance computing, AI, image processing, earth sciences and more — all of which could be useful in the development of SMART.

IARPA is accepting comments, questions and suggestions from industry interested in the draft broad agency announcement through May 10. The agency says it “does not anticipate” responding to these questions and comments publicly though.

Federal Cyber Reskilling Academy begins with plans to expand

The first cohort of the Federal Cyber Reskilling Academy has only just begun training, and already the government is looking at ways to expand.

More than 1,500 government employees applied for 25 spots to learn cyberdefense analysis skills full time, so the Federal CIO Council funded five additional virtual training spaces.

“We expect the virtual training will be a good alternative for agencies to offer their employees for future cohorts,” said a senior administration official.

On April 15 accepted students started a three-month, three-course training curriculum at no cost.

First up is CyberStart Essentials to build computer, hardware, network, and security fundamentals by discussing the interaction between CPU and memory, network protocols and core internet infrastructure. After that is SEC401 on security essentials and SEC504 on hacker tools, techniques, exploits and incident handling.

While the first cohort was restricted to federal employees without any IT experience, the second will be open to all feds, with applications made available in late spring.

Cybersecurity jobs aren’t guaranteed post-graduation, but graduates will be able to apply for cyber positions within federal agencies with help from the program team.

President Trump’s Management Agenda and more recently the Government Reform Plan both called for reskilling employees — whose functions have become less relevant due to automation — to fill cybersecurity jobs. The Office of Management and Budget, which partnered on the academy, and Department of Homeland Security were required to establish reskilling work plans by the first quarter of fiscal year 2019 and provide quarterly updates.

DIU seeks commercial solution for processing and distributing satellite data

The Department of Defense wants to be able to get important satellite data to warfighters on the battlefield in a format that is actually useful and actionable. So the Defense Innovation Unit (DIU) is calling on industry to help out.

In a current commercial solutions offering, DIU lays out the requirements for the ideal solution.

DIU wants the prototype to integrate with the Defense Advanced Research Project Agency’s Blackjack project, in which the DOD is aiming to augment its National Security Space presence by utilizing commercial low Earth orbit satellites. “Currently, there are no established gateways or processes to ingest data collected from DARPA’s BLACKJACK-capable spacecraft and distribute that data through a commercial gateway and seamlessly deliver it to a location in theater that needs it most on timescales that matter without significant human-machine interface and latency,” the commercial solutions offering reads.

So DIU is seeking companies that can help develop this capacity — both through ideas for the process and through the actual hardware and software systems needed to execute on it.

Interested companies have until April 22 to respond to the CSO. DIU encourages companies to team up if necessary to meet all the requirements of the opportunity.

DIU’s acquisitions process runs on other transaction agreements (OTAs) as a way to do iterative contracting. The OTA authority, which has existed for decades but was expanded in the 2016 National Defense Authorization Act, allows DIU to grant relatively small contracts for the development of prototypes and then follow on with an additional contract for production if and when the pilot is successful.

The innovation group also provides training for acquisition officials from other areas of the DOD on how to use OTAs through HACQer, a rapid acquisition training program. DIU recently chose its 2019 HACQer cohort.

Microsoft says it’s close to Secret-level cloud authorization

Microsoft is another step closer to being able to host the federal government’s Secret-level data in its Azure Government commercial cloud, a move that will make it a stronger competitor for some of the government’s highest-profile ongoing cloud procurements.

The company announced Wednesday that it has launched Azure Government Secret, an offering that meets Department of Defense Impact Level 6 cloud hosting capabilities. With an IL6 authorization, Microsoft would be able to work with some of DOD’s and the intelligence community’s most sensitive data up to a Secret level — something that, to this point, only Amazon Web Services has achieved.

But Microsoft isn’t completely there yet. Azure Government Secret is in what the company calls “private preview and pending accreditation.” Asked to elaborate that qualification, a Microsoft spokesperson said, “Private preview is evaluated on a case by case basis for existing Microsoft customers as Azure Government Secret is pending accreditation. At this time, we are working closely with our government partners to achieve accreditation.”

Microsoft didn’t detail the timeline of that accreditation. But until that time, it seems customers can only test the new offering in “private preview.” In October, the company said it would achieve IL6 by the end of the first quarter of 2019.

Azure Government Secret is built around two separate hosting regions 500 miles apart, “providing geographic resilience in disaster recovery (DR) scenarios and faster access to
services across the country,” Lily Kim, Azure Global general manager, wrote in a blog post.

“[T]he Azure Government Secret regions are built to maintain the security and integrity of classified workloads while enabling fast access to sensitive, mission-critical information,” the post says. “These dedicated datacenter regions are built with additional controls to meet the regulatory and compliance requirements for DoD Impact Level 6 (IL6) and Director of National Intelligence (DNI) Intelligence Community Directive (ICD 503) accreditation.”

Microsoft also announced the expansion of coverage up to DOD Impact Level 5 — for highly sensitive and controlled but unclassified information — to all of its Azure Government regions.

Microsoft’s progress in achieving IL6 authorization slightly narrows the lead AWS has as the only vendor able to provide Secret-level cloud capabilities to the DOD, intelligence agencies and others. It’s currently down to just Microsoft and AWS in the bidding for the Pentagon’s Joint Enterprise Defense Infrastructure (JEDI) cloud, a $10-billion contract that would require IL6  and Top Secret cloud offerings, the latter of which, again, only AWS currently is authorized to provide. There’s also DOD’s $8 billion Defense Enterprise Office Solution (DEOS) procurement for cloud-based communications and collaboration tools up to IL6, and the CIA is in the very stages of developing a contract a next-generation intelligence community cloud environment that will deal with Top Secret information.

Inside the National Guard’s annual ‘Cyber Shield’ drill

This story first appeared on CyberScoop

Prior to the 2018 midterm elections, multiple states activated their National Guard forces to protect the vote from cyberthreats. It was a big step for the Guard’s role in national cyberdefense, and an annual drill held by the Guard made it more effective.

In Illinois, for example, the National Guard’s participation in the cybersecurity drill meant that “when the midterm 2018 elections came around and it was time for us to work together, those relationships were already there,” said Brig. Gen. Richard Neely, the Illinois National Guard’s adjutant general.

That exercise, known as Cyber Shield, is now in its eighth year and taking place through April 20 at Camp Atterbury in Indiana. What started as a simple red-and-blue-team affair has grown into an 800-person event that reflects the greater role the Guard is playing in national cyberdefense.

In an earlier iteration of the exercise, “our offensive piece wasn’t very strong,” Col. Terry Williams, deputy commander of the Virginia Army National Guard’s 91st Cyber Brigade, said at a press briefing last week. “We would actually just drop the injects into the [cyber] range –  the blue teams couldn’t see how we got there.”

Now, the red-team participants have to “actually show the trail of how they got in [to a network] and what they are doing so that our defensive forces can do the forensics piece,” she said.

National Guard units from 40 states are participating this year, along with people from the private sector and federal agencies like the FBI and National Security Agency, according to Williams. Participants are tested on their ability to detect suspicious activity on a network, such as a rogue device beaconing out information, and lock down unauthorized access to that system.

“It’s a collective training event for us, so it will enhance our warfighting skills. And that’s very important to us,” said Brig. Gen. Jeffrey Burkett, vice director of domestic operations of the National Guard Bureau, told reporters.

The National Guard’s role in the digital domain has grown in the last few years as federal and state officials have thought more about maximizing available resources for cyberdefense. A 2016 report from a White House cybersecurity commission singled out the Guard for having “a talent pool that can be regularly trained, equipped, and called on” to defend against hacking.

The 2018 midterm elections proved to be an inflection point. In Washington State, for example, National Guard members who worked for Amazon or Microsoft by day were on call to help with election security.

The Guard is trying to build on that momentum with Cyber Shield. When not on federal orders, Guard units are at the disposal of states. That makes them well positioned to respond to breaches in their backyards, which is motivating them to hone their incident-response capabilities.

George Battistelli Jr., a cybersecurity program manager at the Army National Guard who also helped planned the drill, said the exercise scenario has tried to keep up with real-world events.

“The attacks tend to change,” he said. “We used to have attacks that were very noisy. Now we have attacks that are going over encrypted channels. So as the adversary changes their TTPs [tactics, techniques, and procedures], we change our TTPs.”

Asked for more information on the exercise scenario, Battistelli, Jr. declined to go into detail in an unclassified setting. “It is safe to stay that it emulates adversary behavior that you’ve probably seen in the news from other nation-states,” he said.

Military officials see Cyber Shield as a key piece of the digital maturation of the Guard, which expects to have more than 3,800 cybersecurity personnel by 2022.

“The National Guard is getting into the cyber business with the Department of Defense, and we’re trying to determine where it makes sense to place units and how we can partner with defense on the Air Force side and the Army side in growing cyber capability,” Burkett said.

Bidding begins on GSA’s COMET digital transformation effort

The General Services Administration posted a request for quotation on part one of its internal digital transformation effort.

The CIO Modernization and Enterprise Transformation, or COMET, initiative will replace the current backend systems GSA uses to support governmentwide procurement efforts—known as CIO Application Maintenance, Enhancements, and Operations, or CAMEO.

COMET is split into two procurements: an Architecture, Engineering, and Advisory (AEA) Support single-award task order and an App Maintenance, Enhancement, and Transformation Services multiple-award blanket purchase agreement.

On April 8, GSA opened the AEA task order to bids on its GSA eBuy acquisition tool through April 29.

GSA seeks approaches like lean and agile development to help with “transitioning from traditional monolithic system design and development to shared business services and capabilities,” according to a draft performance work statement released in December. The winner of the task order will be involved in software development management, cloud readiness and open source policy planning around GSA’s current application portfolio.

Only 8(a) Streamlined Technology Application Resource for Services II, Constellation II Governmentwide Acquisition Contract holders may apply — but those that do won’t be eligible to compete for the forthcoming BPA.

The COMET team is currently reviewing vendor responses to its market research “questions to industry” regarding the BPA with plans to use the vehicle “to provide task orders that can be easily ramped up and transitioned out based on ever-changing needs of the program,” according to the request for information.

Last August, talking about the transformation effort, Federal Acquisition Service Commissioner Alan Thomas described the development of COMET as a modernized, shared services-based IT system that can make FAS more efficient and agile as agencies governmentwide come to GSA to modernize their own IT infrastructures.

“The systems that we’re using to service all of that business and makes it possible to interact with all of those industry partners are really important,” he said. “I think sometimes we sort of focus on everybody else’s yard and you’ve got to make sure your yard is looking good. So this is the opportunity for us to do a little tending to our own yard.”

CAMEO was awarded in 2014 a handful of vendors for $400 million.

NASA Goddard struggles bringing tech to the commercial world, audit finds

From memory foam mattresses to the little upturned wing tips on airplanes and beyond, technology transfer from NASA’s labs has given commercial industry some iconic inventions.

But while the agency overall has some good policies and processes in place for encouraging this flow of ideas, NASA’s Goddard Space Flight Center in Greenbelt, Md., struggles. This is the takeaway of a recent audit by NASA’s inspector general, which found that compared to other NASA centers, lack of communication between Goddard’s Technology Transfer Office and its Office of Patent Counsel “hindered” the center’s tech transfer process.

The issues at Goddard led to delays in the processing of technology licensing agreements, the IG found — or, in some cases, no licensing at all.

“As a result, NASA lacks reasonable assurance that federally-funded, commercially-viable new technologies at Goddard are being effectively reviewed and disseminated to the widest extent practical to benefit the public and private sectors,” the report states.

The IG recommends that NASA’s tech transfer program executive look at site-specific practices that could be beneficially applied across the agency, and that Goddard’s director make changes to the center’s process or personnel to elicit better outcomes. NASA agreed with all the recommendations and has plans in place to address them.

Technology transfer is a key component of the Trump administration’s tech priorities. In fact, one of the cross-agency priority (CAP) goals the administration has set out as a way to operationalize the President’s Management Agenda seeks to “improve the transfer of technology from federally funded research and development to the private sector to promote U.S. economic growth and national security.”

“Tomorrow’s great new technologies come from today’s basic research,” White House Office of Science and Technology Policy Deputy CTO Michael Kratsios said at an event on tech transfer last year.

Judge lifts stay in JEDI protest, says award won’t come before July 19

As expected, the Court of Federal Claims judge overseeing Oracle’s protest of the Pentagon’s $10 billion JEDI cloud contract lifted the stay on the case, which had halted proceedings since February.

Judge Eric Bruggink issued the order Tuesday, also detailing a new proposed schedule that forbids the Department of Defense from awarding JEDI — short for Joint Enterprise Defense Infrastructure — sooner than July 19. Oracle is expected to continue protesting DOD’s plan to award JEDI to a single cloud provider.

All parties involved agreed to an ordered stay on the case in February as DOD investigated “new information” on conflicts on interest regarding the single-award strategy. Last week, DOD reported back that it found “no adverse impact on the integrity of the acquisition process.” It also announced that of the companies that bid on the contract, just Amazon Web Services and Microsoft met “competitive range” requirements — eliminating IBM and Oracle from contention, at least for now.

But don’t write off Oracle (and IBM) just yet. Beyond DOD’s decision to pursue a single-award acquisition strategy, Oracle also objected to its use of gate criteria, among other things. If Bruggink were to rule in favor of Oracle on one of the other parts of its complaint, the court could compel DOD to revise its acquisition strategy — potentially reopening the door for cloud providers to rebid on the contract with less stringent requirements.

Under the new schedule, it appears as if the court will give Oracle a chance to reevaluate where it stands after DOD’s conflict of interest investigation, asking the company to submit a supplemental complaint by April 26. Based on that, DOD and intervenor Amazon Web Services will have until May 2 to amend their stance in the administrative record.

After that, there will be a series of back-and-forth motions filed from each of the parties before, ultimately, the court will take oral arguments sometime during the week of July 8.