Category Archives: Environment and World Security

COVID – 19 Adversarial Capital Threat to Defense Industry Small Business

Standard
Image: Investors Business Daily

FCW

“Adversarial capital” is the latest buzz phrase used to describe the security problem that can occur when foreign rivals, especially China, take advantage of the relatively open U.S. investment marketplace.

“We simply cannot afford this period of economic uncertainty to lead to loss of American know-how on critical technologies,” – Jennifer Santos, DOD’s deputy assistant secretary of defense for industrial policy.”

______________________________________________________________________________

“The Defense Department is hoping steadily engaging small businesses will help shield them from shady foreign investments during the global COVID-19 crisis.

[At risk are] nascent technology firms whose work may have security applications but don’t yet fall under the aegis of the cross-agency Committee on Foreign Investment in the United States (CFIUS).

“We simply cannot afford this period of economic uncertainty to lead to loss of American know-how on critical technologies,” Santos said during an April 28 webinar on coronavirus supply chain challenges hosted by the Intelligence and National Security Alliance.

Additionally, DOD has been hosting teleconferences multiple times per week with industry trade associations and continued to host virtual Trusted Capital Marketplace events to help ensure companies have access to “clean capital” and avoid foreign investment conflicts.

Ellen Lord, DOD’s acquisition chief, warned in March that the defense industry base, their technology, and intellectual property were vulnerable to “nefarious” foreign investors.

As the coronavirus pandemic worsened, DOD has struggled with multiple plant closures — 93 out of 10,509 prime companies with 141 that closed and reopened and 427 out of 11,413 vendors, with 237 that have closed and reopened. Those closures have significantly affected aviation, shipbuilding and small space launch supply chains.

Santos said several companies in Mexico have “impacted our major primes” and DOD is working to identify those companies and work with the Mexican government supporting various technologies, including airframe production.

But foreign investment remains one of the more pressing priorities in defense acquisition, Santos said, adding that suspicious transactions in vulnerable areas are mitigated or blocked if a risk is found regardless of the pandemic.

That is an acute problem for small manufacturers, Lord said.

“Typically the most problematic areas we have now are some of the smaller manufacturers who, maybe from a dollar value, don’t do huge numbers but they are providing critical components across aircraft and naval applications. That’s where my biggest concern is; sort of the weakest link in the system,” Lord told reporters April 30.

The acquisition chief also worried some smaller companies “might end up with some significant financial fragility” and is looking across interagency and in the Trusted Capital Marketplace, a partnership that links private investors with defense companies, to keep those with “critical technology, talent, and facilities together with those investors.”

Lord’s concern extends overseas, as well, particularly in Europe, regarding what Lord called “nefarious” mergers and acquisition, where shell companies have known U.S. adversaries as beneficial owners. To protect against that, the Pentagon wants stronger foreign legislation from Congress to make the CFIUS process more stringent, Lord said.

In addition to pursuing stronger legislation, DOD has bolstered and expanded national security investment reviews, which can take 45 days and are reviewed by the Director of National Intelligence, and increased engagement with businesses using the newly stood up industrial base council.

Santos said the council helps address the industry base’s existing gaps and risks by aligning their priorities with DOD’s, identifying authorities that can be used to solve any issues, and drawing up policy as needed.

“We need to protect our industrial base from what could be adversarial capital and during COVID, we maintain the same due diligence,” Santos said, “It’s what keeps me up at night most nights.”

https://fcw.com/articles/2020/05/04/dod-adversarial-capital-williams.aspx?oly_enc_id=

Citizen-Soldiers Vs. Soldier-Citizens

Standard
Image Courtesy “Spike.com”

“THE PROJECT ON GOVERNMENT OVERSIGHT (POGO)”

The divide between America’s soldier-citizens and the society they serve has a significant impact on policy decisions and military budgets.

Exploring the differences between the citizen-soldier and the soldier-citizen in “Killing for the Republic” with  Dr. Steele Brand.”

__________________________________________________________________________

“The veneration of service members in the United States today manifests benignly in the refrain, “Thank you for your service,” and the much appreciated discounts at the local home improvement center, but this reverence can also have less benign effects. The number of retired flag officers serving in high government positions, sitting on the boards of defense contractors, and appearing as talking heads on television shapes policy, which in turn drives Pentagon budgets.

Dr. Steele Brand, a professor of history at The King’s College in New York City, explored the differences between the citizen-soldier and the soldier-citizen in his recent book, “Killing for the Republic.Republican Rome produced highly adaptive armies with farmers who would moonlight as effective soldiers during the campaigning season and then return to their families and plows—a practice that helped to remove the barriers between the military and the society it served, according to Brand. He says Rome’s part-time soldiers faced an uphill battle against enemy professionals, but that their ability to adapt meant they usually prevailed in the end. In this interview, Dr. Brand explains the differences between the Roman and American models of training soldiers and how those differences contribute to the civilian-military divide.”

https://www.pogo.org/podcast/citizen-soldiers-versus-soldier-citizens-with-dr-steele-brand/

A Neuroscientist On the “Optimism Bias” In The Human Brain

Standard
Image: optimism-ayesha-aziz.com

THE OBSERVER” – NEUROSCIENCE By Neuroscientist Tali Sharot

Human beings are inherently optimistic; therefor we believe the answer is out there and we will find it. We have all evolved as humans with an innate optimism. That optimism exists to a greater or lesser degree in us all.

The human mind has a terrific tendency to forget bad news and remember exactly the specific details of good news. That is so often the case with historical fact.

______________________________________________________________________________

“While the past few years have seen important advances in the neuroscience of optimism, one enduring puzzle remained. How is it that people maintain this rosy bias even when information challenging our upbeat forecasts is so readily available? Only recently have we been able to decipher this mystery, by scanning the brains of people as they process both positive and negative information about the future. The findings are striking: when people learn, their neurons faithfully encode desirable information that can enhance optimism but fail at incorporating unexpectedly undesirable information. When we hear a success story like Mark Zuckerberg’s, our brains take note of the possibility that we too may become immensely rich one day. But hearing that the odds of divorce are almost 1 in 2 tends not to make us think that our own marriages may be destined to fail.

Why would our brains be wired in this way? It is tempting to speculate that optimism was selected by evolution precisely because, on balance, positive expectations enhance the odds of survival. Research findings that optimists live longer and are healthier, plus the fact that most humans display optimistic biases — and emerging data that optimism is linked to specific genes — all strongly support this hypothesis. Yet optimism is also irrational and can lead to unwanted outcomes. The question then is, How can we remain hopeful — benefiting from the fruits of optimism — while at the same time guarding ourselves from its pitfalls?

I believe knowledge is key. We are not born with an innate understanding of our biases. The brain’s illusions have to be identified by careful scientific observation and controlled experiments and then communicated to the rest of us. Once we are made aware of our optimistic illusions, we can act to protect ourselves. The good news is that awareness rarely shatters the illusion. The glass remains half full. It is possible, then, to strike a balance, to believe we will stay healthy, but get medical insurance anyway; to be certain the sun will shine, but grab an umbrella on our way out — just in case.”

https://www.theguardian.com/science/2012/jan/01/tali-sharot-the-optimism-bias-extract

Tali Sharot, author of The Optimism Bias
 Neuroscientist Tali Sharot, author of The Optimism Bias, Photograph: Andy Hall/Observer New Review

Defense Industry Needs New Small Business Entrants During Crisis

Standard
Image: “Fundinggates.com

DEFENSE NEWSBy: Venture capital community leaders

How can the Pentagon best preserve its innovation base and develop the most competitive and advanced technologies? The answer is simple: Buy commercial. New and emerging defense startups — and our men and women in uniform — don’t need symbolic gestures.

What they need is concerted action to bring the latest and most advanced technologies — many of which are routinely used in industry — to dangerously antiquated defense weapons systems and internal IT infrastructure. This was true before COVID-19, it is true now and it will be true when the next crisis strikes.

__________________________________________________________________________

“The COVID-19 health crisis is quickly leading to an economic meltdown, throwing millions of Americans out of work and forcing strategic reevaluations across industries. The defense industry is no exception. We are praying for a swift end to the crisis, but its effects will linger, shaping the Pentagon’s priorities, organizational structure, military operations, logistics, supply chains and interactions with the defense-industrial base for years to come.

In the past few weeks, we have had numerous conversations with government officials about our venture and growth equity investments in the defense sector. These discussions have centered on the eligibility rules of the CARES Act’s Paycheck Protection Program and the risk of foreign capital seeking entry into defense technology startups desperate for investment in these trying times.

All too often the government has responded to crises by circling wagons around incumbent firms — the large prime contractors, whose political connections afford them bailouts in the name of “ensuring ongoing competition.” This process is already underway. After announcing its hope for a $60 billion relief package for the aerospace manufacturing industry, Boeing successfully lobbied for $17 billion worth of loans for firms “critical to maintaining national security.”

The CARES Act also announced provisions to streamline the Defense Department’s contracting process, which sounds promising, except for the fact that these provisions apply only to contracts worth over $100 million. This discriminates against smaller, more nimble innovators and providers of cutting-edge technology.

This isn’t how things have always been. After complaints about large horse dealers monopolizing military contracts during the Civil War, the government allowed quartermasters to purchase horses and mules from any dealer on the open market. In World War II, Congress created the Smaller War Plants Corporation, which awarded tens of thousands of contracts to small, competitive firms. Today, through innovative use of Small Business Innovation Research money, other transactional authorities, rapid work programs and the like, the Pentagon is certainly signaling interest in emerging technologies.

But let us be clear: We are not advocating continuing to invest larger dollar amounts into never-ending, short-term pilots and prototypes. The key to sustaining the innovation base through this crisis and any future crises is transitioning the best of these companies and products into real production contracts serving the day-to-day needs of the mission. Host tough, but fair competitions for new innovations, and then rapidly scale the winners.

America’s technological supremacy has afforded our country nearly a century of military hegemony, but it is not a law of nature. Sovereign states and peer competitors like Russia and China will quickly outpace us if we take our prowess for granted. We need new entrants into the defense industry more than ever, but without government support through crises like this one, the talent and capital simply won’t be there.

As the Department of Defense readily acknowledges, its mission is fundamentally changing. Breakthroughs in technological fields like artificial intelligence, autonomous systems, robotics, resilient networks and cyberwarfare mean that future conflicts will look nothing like those we have seen before. The DoD of tomorrow needs a fresh wave of technical expertise to understand and respond to these new kinds of threats.

That is not to say that legacy defense contractors are not needed; their expertise in large air and sea vehicles is currently unparalleled. But the expertise to build these new technologies resides in pockets of talent that the big and bureaucratic incumbents, who made their names with 20th century technology, lost access to decades ago.

The DoD has publicly exalted the importance of innovative defense startups for years. That is partly why we are so excited to invest capital into the defense sector at this moment in history. Silicon Valley has a chance to live up to its oft-ridiculed but sincere ambition to make the world a better place by investing in American national security.

However, we as venture capitalists and growth equity investors also have a duty to our limited partners who have entrusted us to invest and grow their capital. If we see the same old story of the government claiming to support small businesses but prioritizing its old incumbents, those investment dollars will disappear.

Times of rapid and unprecedented change, as COVID-19 has precipitated, also provide opportunities. The DoD and Congress can reshape budget priorities to put their money where their mouths have been and support innovative defense technologies. Each dollar awarded to a successful venture capital and growth equity-backed defense startup through a competitively awarded contract attracts several more dollars in private investment, providing the DoD significantly more leverage that if that same dollar was spent on a subsidy or loan to a large legacy contractor. This leverage of private capital means that every contract a startup receives accelerates by up to 10 times their ability to build technology and hire talent to support the DoD’s mission.

The bottom line is this: There’s no reason to let a health crisis today become a national security crisis tomorrow. The DoD has an opportunity to not only sustain but grow its innovation base, and give contracts, not lip service, to innovators. We, the undersigned, hope they do.”

The contributors to this commentary are: Steve Blank of Stanford University; Katherine Boyle of General Catalyst; James Cham of Bloomberg Beta; Ross Fubini of XYZ Capital; Antonio Gracias of Valor Equity Partners, who sits on the boards of Tesla and SpaceX; Joe Lonsdale of 8VC, who also co-founded Palantir; Raj Shah of Shield Capital, who is a former director of the U.S. Defense Innovation Unit; Trae Stephens of, Founders Fund; JD Vance of Narya Capital; Albert Wenger of Union Square Ventures; Josh Wolfe of Lux Capital; Hamlet Yousef of IronGate Capital; and Dan Gwak of Point72.

https://www.defensenews.com/opinion/commentary/2020/05/04/the-defense-industry-needs-new-entrants-and-a-supportive-government-during-crises/

Telework Security Checklist

Standard
Image: National Institute of Standards And Technology.gov

WASHINGTON TECHNOLOGY

“What are the compliance implications of mass telework? Six questions to ask (and answer) to help you stay compliant while your employees are working remotely”

______________________________________________________________________________

“Government and contractors were unprepared for COVID-19 to so abruptly push so many employees to remote work. Even now, as businesses start to contemplate how to reopen their offices, the continued need for social distancing means many employees will be choosing or required to continue remote work for the foreseeable future. It’s a fundamental change in how organizations operate, fraught with inconsistencies, challenges and distractions.

Yet, while the pandemic is causing modifications and deviations to contracts and regulations, it will not serve as a “Get Out of Jail FREE” card. Government contractors must still comply with their contracts and protect government information.

What are the compliance implications of mass telework? Here are six questions to ask (and answer) to help you stay compliant while your employees are working remotely:

  1. Are your telework policies and procedures up to date?

Resist the temptation to ignore telework policies that are suddenly impractical. In the absence of clear guidance, employees will be inconsistent in their behavior and performance. Take the guesswork out of the mix by updating and publishing revised policies. Provide clear, concise direction for what employees should do under current conditions (and new conditions, as government guidance evolves).

  1. Is your IT infrastructure ready and secure?

A cyber-secure IT infrastructure built to support thousands of employees from a few offices will have vastly different loads and threats when most workers are suddenly piping in remotely. Is your VPN set up for the additional traffic? Do your security models and controls need to be adapted for the increased number of employees working remotely? Consider allowing access into the system for extended hours, so employees with family obligations have flexibility about when to do their work. Be sure your team fully appreciates the risks of relaxing some security controls (such as reducing keystroke monitoring) to improve your system’s responsiveness.


  1. Do employees have the technology and guidelines to work securely from home?

Most employees will do their best to serve government customers and be productive, even if they don’t have the same technology at home as at work. But the bad guys in cyberspace are exploiting this crisis and are increasingly determined to test the security boundaries of governments, businesses and citizens. Some employee “best effort” behaviors could introduce unwanted compliance and security issues.

Remind employees of how to protect sensitive information at home. Re-publish policies about home network security, strong passwords, use of personal email accounts, unknown email attachments and other best practices. Consider home burn bags to store confidential papers until employees return to the office. Remind employees to disengage smart speakers in spaces where work-related conversations are happening. Use passwords and other added security measures for all video conferencing.

  1. How are you managing and monitoring the productivity of remote workers?

Even veteran teleworkers have been disrupted by the sudden appearance of a spouse, children and/or roommates who are all competing for space, time, attention and internet bandwidth. Employees who are teleworking for the first time may have a home environment that is more casual, less vigilant, and filled with more distractions than an office setting.

It’s important, though, to proactively manage and document the work employees are doing. Be sure employees understand policies about work hours, time tracking and status updates. Share tips and expectations for productive and professional telework. Task your managers to understand obstacles their employees are facing – and to communicate clearly about whether any temporary job accommodations are approved. Then, closely monitor performance to ensure that you’re delivering on your contracts and billing the government appropriately for the completed work.

  1. Are key employees cross-trained?

Anticipate that key personnel may become unavailable to perform mission-critical duties at some point in the pandemic. If you haven’t already, identify and cross-train employees who can step in should the need arise. Remember to obtain your customer’s approval of these key employees, so work can continue uninterrupted. Keep an updated and centralized list or database to consult as your situation changes.

  1. Are you monitoring your procedures and controls, especially the updated ones?

When so much is new and changing, monitoring your controls is a must to ensure timely corrective actions and prevent material non-compliances. Periodically test your company compliance hotlines to verify that they are accessible, appropriately staffed and supported. Keep your governance program (board of directors and executive committees) active, engaged, and available to address anything that might go awry.

COVID-19 has created a remote working scenario that most government contractors never could have envisioned. While it’s different from anything we’ve experienced before, the government will not consider these changes an excuse for significant noncompliance. It is more challenging, but with planning, creativity and vigilance, companies, employees, and customers will be well served. In fact, you may find that some changes you make to accommodate the pandemic ultimately improve your operations and should endure after the crisis has resolved.”

https://washingtontechnology.com/articles/2020/04/30/insights-telework-compliance-questions.aspx

How Pandemic Response Is Shifting federal IT

Standard
Image: London School of Economics and Politiacl Science

FCW”

The pandemic response has shown the traditional 12 to 36 month acquisition planning cycle is not how we need to do things“, says Harrison Smith, Deputy Chief Procurement Officer, at the IRS.

COVID-19 has underscored the need for us to move ahead in a more agile manner but also balance that quicker capability with responsible spending”

______________________________________________________________________________

“From supply chain, to acquisition, to automation, the federal response to COVID-19 is changing what IT means to agencies, according to several top federal IT managers.

As the pandemic grew, the Small Business Administration ramped up its telework efforts and surged its personnel and IT to support disaster and small business loan portals, the agency was told there were potential shortages desktop and laptop computers and lagging supplies of peripheral devices such as mice and monitors, according to agency CIO Maria Roat. That shortage, however, didn’t slow the efforts down, as the General Services Administration and NASA’s SEWP contract had enough to support SBA’s efforts, she said, but it showed a potential problem.

With other agencies, including Health and Human Services and the Veterans Administration looking for similar IT gear, “the supply chain on the hardware side was stressed,” said Roat during an April 30 ACT IAC teleconference.

Cross-agency teamwork, she said, is a critical piece of such a huge response. SBA’s dozens of field offices, for instance, can now rely on IT support from GSA and Agriculture Department IT field personnel because of collaboration through the Federal CIO Council, according to Roat. “I haven’t used that yet,” she said, but it’s helpful to know the help is there.

In setting up its telework and loan platform efforts, Roat said SBA has leveraged software defined networking, collaborative technologies, such as Skype, and Microsoft Teams.

In support of the loan platforms, said Roat, SBA has turned up its Gigabit bandwidth on Ethernet backbone circuits to handle the traffic on the portals. The agency, she said, plans to add more capabilities, as well hone existing capabilities in the coming weeks.

“We’re now getting ready for release five” of those portal efforts, she said. The agency will add additional features, such as chat boxes, a way to view active cases and additional workflow refinements, as well as additional personnel, she said.

The COVID-19 response, said Harrison Smith, deputy chief procurement officer, at the IRS, has shown the federal government needs faster, more responsive methods to get what it needs in times of crisis. The pandemic response has shown the traditional 12 to 36 month acquisition planning cycle “is not how we need to do things,” he said.

COVID-19 “has underscored the need for us to move ahead in a more agile manner” but also balance that quicker capability with responsible spending, he said.

That could mean making a way for agencies to shift to more creative ways of getting things on the fly, possibly forgoing interagency agreements for say, shared services, for instance, according to Smith.

GSA, said Beth Killoran, the agency’s deputy CIO, is learning to leverage drones, data analytics and virtual capabilities to handle more of its federal building management duties. The agency is using geotagged images to track contractors’ construction or repair work on its buildings, to save local and federal building inspectors from having to make a trip to sites, she said. The agency is tasking drone aircraft to do exterior building inspections, as well. GSA has also tapped public data of COVID-19 hotspots at federally-owned medical facilities, to inform where its cleaning crews can safely do their work.

Modernized IT, said Roat, Killoran and Smith, is key to responding to such a huge crisis. The workforces at GSA, SBA and IRS, they said, have adapted quickly to telework because they had begun to move toward telework before the crisis.

House lawmakers previously proposed a $3 billion bump for the Technology Modernization Fund in a COVID-19 bill that ultimately went nowhere, but future additions are possible. Roat, who is on the TMF board that approves projects for funding said it’s unclear if any new funding will be approved.

SBA, she said, spent 50 intense days planning and executing a plan to implement IT to support public-facing portals and services for COVID-19 response.

“From where I sit, I’d bet other agencies are doing the same” reflection on how to move ahead from here, she said. “How would we use that $3 billion to look at the bigger picture?” Should it concentrate on shared services, she wondered. “Everyone is at home right now. Everyone is digital. We need to ramp up out digital citizen interaction.”

https://fcw.com/articles/2020/04/30/covid-changing-federal-tech-rockwell.aspx?oly_enc_id=

The Pentagon’s Artificial Intelligence “Black Box”

Standard
Image: “FCW”

FCW

In February, DOD formally adopted its first set of principles to guide ethical decision-making around the use of AI.

By the guidance they seek to push back on criticism from Silicon Valley and other researchers who have been reluctant to lend their expertise to the military.

____________________________________________________________________________

“The Department of Defense is racing to test and adopt artificial intelligence and machine learning solutions to help sift and synthesize massive amounts of data that can be leveraged by their human analysts and commanders in the field. Along the way, it’s identifying many of the friction points between man and machine that will govern how decisions are made in modern war.

The Machine Assisted Rapid Repository System (MARS) was developed to replace and enhance the foundational military intelligence that underpins most of the department’s operations. Like U.S. intelligence agencies, officials at the Pentagon have realized that data — and the ability to speedily process, analyze and share it among components – was the future. Fulfilling that vision would take a refresh.

“The technology had gotten long in the tooth,” Terry Busch, a division chief at the Defense Intelligence Agency, said during an Apr. 27 virtual event hosted by Government Executive Media. “[It was] somewhat brittle and had been around for several decades, and we saw this coming AI mission, so we knew we needed to rephrase the technology.”

The broader shift from manual and human-based decision-making to automated, machine-led analysis presents new challenges. For example, analysts are used to discussing their conclusions in terms of confidence-levels, something that can be more difficult for algorithms to communicate. The more complex the algorithm and data sources it draws from, the trickier it can be to unlock the black box behind its decisions.

“When data is fused from multiple or dozens of sources and completely automated, how does the user experience change? How do they experience confidence and how do they learn to trust machine-based confidence?” Busch said, detailing some of the questions DOD has been grappling with.

The Pentagon has experimented with new visualization capabilities to track and present the different sources and algorithms that were used to arrive at a particular conclusion. DOD officials have also pitted man against machine, asking dueling groups of human and AI analysts to identify an object’s location – like a ship – and then steadily peeling away the sources of information those groups were relying on to see how it impacts their findings and the confidence in those assertions. Such experiments can help determine the risk versus reward of deploying automated analysis in different mission areas.

Like other organizations that leverage such algorithms, the military has learned that many of its AI programs perform better when they’re narrowly scoped to a specific function and worse when those capabilities are scaled up to serve more general purposes.

Nand Mulchandani, chief technology officer for the Joint Artificial Intelligence Center at DOD, said the paradox of most AI solutions in government is that they require very specific goals and capabilities in order to receive funding and approval, but that hyper-specificity usually ends up being the main obstacle to more general applications later on. It’s one of the reasons DOD created the center in the first place, and Mulchandani likens his role to that of a venture capitalist on the hunt for the next killer app.

“Any of the actions or things we build at the JAIC we try to build them with leverage in mind,” Mulchandani said at the same event. “How do we actually take a pattern we’re finding out there, build a product to satisfy that and package it in a way that can be adopted very quickly and widely?”

Scalability is an enduring problem for many AI products that are designed for one purpose and then later expanded to others. Despite a growing number of promising use cases, the U.S. government still is far from achieving desired end state for the technology. The Trump administration’s latest budget calls for increasing JAIC’s funding from $242 million to $290 million and requests a similar $50 million bump for the Defense Advanced Research Projects Agency’s research and development efforts around AI.

Ramping up the technology while finding the appropriate balance in human/machine decision-making will require additional advances in ethics, testing and evaluation, training, education, products and user interface, Mulchandani said.

“Dealing with AI is a completely different beast in terms of even decision support, let alone automation and other things that come later,” he said. “Even in those situations if you give somebody a 59% probability of something happening …instead of a green or red light, that alone is a huge, huge issue in terms of adoption and being able to understand it.”

https://fcw.com/articles/2020/04/28/dod-ai-black-box-johnson.aspx?oly_enc_id=

COVID-19 Enhances Pentagon Cyber Policy Commission Report Recommendations

Standard

FIFTH DOMAIN

“The importance of having that one person, that singular belly button in the executive branch who’s coordinating efforts across government .

So that you don’t have to create an ad hoc task force, [so] you’re not scrambling to find who are the right people we need in the room after the crisis has already occurred,” Co-Chairman Rep.Mike Gallagher, R-Wis. Gallagher

______________________________________________________________________________

“A co-chairman of the Cyberspace Solarium Commission said April 22 that the fiscal 2021 defense policy bill could include about 30 percent of the group’s cyber policy recommendations.

According to Rep. Mike Gallagher, R-Wis., who co-chairs the Cyberspace Solarium Commission, which released a report with more than 75 cyber policy recommendations March 11, said on a webinar hosted by Palo Alto Networks that commission staff is working with the appropriate congressional committees and subcommittees to put about 30 percent of its recommendations into this year’s National Defense Authorization Act.

The report proposed a three-pronged strategy for securing cyberspace, called layered deterrence: shape behavior, deny benefit and impose cost.

The report also takes U.S. Cyber Command’s “defend forward” policy, which allows the military to take a more aggressive approach in cyberspace. It also suggests broadening the policy to encompass the entire federal government.

Gallagher didn’t specifically identify recommendations he thinks will be included in the NDAA, but given that the bill focuses on authorizing Defense Department programs, Pentagon-specific recommendations are the likeliest to be in the legislative text.

The recommendations for the department focus on ensuring that the Cyber Mission Force is adequately equipped; establishing vulnerability assessments for weapons and nuclear control systems; sharing threat intelligence; and threat hunting of the networks of the defense-industrial base.

The spread of the new coronavirus, COVID-19, disrupted the commission report’s rollout, which included congressional hearings on the commission’s recommendation. Those hearings have been canceled. But the pandemic also highlights the need to implement recommendations made in the report, Gallagher said, specifically the establishment of a national cyber director in the White House.

“The importance of having that one person, that singular belly button in the executive branch who’s coordinating efforts across government so that you don’t have to create an ad hoc task force, [so] you’re not scrambling to find who are the right people we need in the room after the crisis has already occurred,” Gallagher said

Before the spread of the coronavirus, congressional committees had planned to host hearings on the commission report, but those were canceled after the coronavirus spread throughout the United States. Congress is currently wrestling with how to remotely conduct voting and committee business, as the pandemic is restricting gatherings of large groups of people.

“Even though coronavirus has complicated some of … our commission rollout, we’re continuing the legislative process right now, and I’m pretty optimistic about our ability to shape this year’s NDAA,” Gallagher said.

As for the other recommendations, Gallagher said they aren’t germane to the NDAA and will take “some time.”

https://www.fifthdomain.com/congress/capitol-hill/2020/04/22/cyber-policy-suggestions-for-pentagon-could-be-implemented-this-year/

“Tracing”Challenges Using Tech To Combat COVID-19

Standard
Image: “FCW

FCW” By Steve Kelman

This refers to gathering information about those with whom newly infected people have been in touch, in order to notify them that they might have been infected.  The most-interesting example of this is a recently developed Singapore app called TraceTogether.

It is impossible to mention systems such as these without some raising concerns about privacy. These efforts are still in the earliest stages — but we should be tracking how combating coronavirus has entered the digital age.

______________________________________________________________________________

“Recently there has been attention to the importance of what is called “contact tracing” for fighting the coronavirus.

This has come up in the discussions of “reopening the country” after recent lockdowns, with the argument that slowing disease spread depends heavily on being able to do this, though it did not appear in the president’s re-opening plan.

But contact tracing has historically been a resource-intensive and very imperfect process. Officials have had to go to newly infected people and interview them about whom they have been in contact with over the previous two weeks. Memories of course are often imperfect. People may not even know everyone with whom they interacted. And the interviewing itself takes significant time and manpower.

In just-published guidance of contact tracing, the Centers for Disease Control has stated that “contact tracing in the U.S. will require that states, tribes, localities and territorial establish large cadres of contact tracers.” Reaching people to interview about contacts can be slow, and contacting those contacts delays things further. Meanwhile, there is a limited window between infection and illness to catch contacts with problems, so speed is important.

However, since the Ebola outbreak in 2014, mobile telephone technology and especially smartphone penetration have dramatically improved. We are now seeing, mostly in Asia, the use of tech to provide quicker, more accurate, and more economical contact tracing in response to the coronavirus pandemic. I blogged a number of years ago on the theme of areas where Asia was overtaking the U.S. in tech apps, which I illustrated with the widespread use in China of mobile payment apps using smartphones and QR codes. We are now seeing Asian superiority with digital coronavirus apps in Asia as well.

This was the theme of a recent piece in the Daily Alert, a publication of the Harvard Business Review that publishes short management-related articles, called How digital contact tracing slowed covid-19 in East Asia, by MIT Sloan School professor Yasheng Huang and grad students Meicen Sun and Yuze Sui.

I think the most-interesting example of this is a recently developed Singapore app called TraceTogether. For those choosing the use the app, Bluetooth tracks smartphones that have also installed the app. The app then tracks when a user is in close proximity with these other persons, including timestamps. If an individual using the app becomes positive to Covid-19 they can choose to allow the Singapore Ministry of Health to access the tracking data — which can then be used to identify and then contact any recent close contacts based on the proximity and duration of an encounter. This is tech-enabled quick and accurate contact tracing. Apple and Google recently announced ago that they are developing a similar Bluetooth-based app, but rolling it out is apparently still a few months away.

Other Asian countries have used tech in other ways to help fight the virus. Taiwan has created a “digital fence,” whereby anyone required to undergo home quarantine has their location monitored via cellular signals from their phones. Venturing too far from home triggers an alert system, and calls and messages are sent to ascertain the person’s whereabouts. South Korea has an app called Corona100, which alerts users of the presence of any diagnosed Covid-19 patient within a 100-meter radius, along with the patient’s diagnosis date, nationality, age, gender, and prior locations. (A map version of the app called Corona Map similarly plots locations of diagnosed patients to help those who want to avoid these areas.)

Preview(opens in a new tab)

It is impossible to mention systems such as these without some raising concerns about privacy. The Singapore SmartTracker will save data for only 21 days, and the names of the ill and their contacts will not be shared with others. Wired ran an article on privacy risks of the Google/Apple system and concluded purported risks were quite small.

A bigger question is whether the government should be allowed under any circumstances to require people to sign onto a new contact-tracing app. Observers worry that without very widespread adoption, the benefits of such apps will dramatically decline. One can make an argument, which underlines the general case for disease quarantines, that if people do not quarantine themselves and then become sick, the costs fall not just on themselves but on others they might infect. However, even Singapore, a country without the robust culture of privacy we have in the U.S., has not been willing to require people to install SmartTracker, and only about 20% have done so.

In other words, these efforts are still in the earliest stages — but we should be tracking how combating coronavirus has entered the digital age.”

Navy COVID-19 Procurement Acceleration And Troubleshooting

Standard
Image: U.S. Navy

DEFENSE SYSTEMS

The Navy has spent the past two years building systems that can provide real-time visibility into its supply chain, where there were gaps for major programs.

They’ve now overlapped that capability with hot-spot data, indicating where companies have shut down or there’s been an influx in cases.”

______________________________________________________________________________

“The Navy has been awarding contracts faster since the start of the coronavirus pandemic, but one of the biggest gains have been systems that can assess supply chain weaknesses, according to James Geurts, the Navy’s acquisition chief.

Geurts said doing that allows the Navy to “see what suppliers are at risk. When we understand that, we can start managing those potential delays into our supply system.” That information is then used to inform continuing operations, move supplies if needed and understand when suppliers are back online.

Geurts also said the Navy has geographically networked all of its 3D printers, which provides insight into where the need is on the local levels, “ensuring that we’re not competing or conflicting with each other.” Many organizations are using 3D printers to fabricate parts for medical devices and other needed materials that are not readily available through existing supply chains.

With contracts going out faster than anticipated, Geurts also said the Navy has been examining its business practices, learning how to better collaborate, reduce backlogs and not duplicate functions. All of that will hopefully aid in a faster recovery from the coronavirus, he said.

“Ships still have to come out on time, we’ve got to do the maintenance and continue to supply lethal capabilities to our sailors and Marines, and we can’t afford to lag the recovery.”