Category Archives: IoT

New Army Unit -The Multi-Domain Task Force

Standard
Army Multiple Domain Master Sgt Baumgartner, Air Force

Image: Master Sgt Baumgartner, Air Force

“The Army is creating an experimental combat unit to develop new tactics for lethally fast-paced future battlefields.

While small, it will have capabilities not found in the building block of today’s Army, the 4,000-strong brigade.

The Multi-Domain Task Force will be “a relatively small organization…1,500 or so troops,” the Army Chief of Staff, Gen. Mark Milley, told the Future of Warfare conference here this morning.  “That organization will be capable of space, cyber, maritime, air, and ground warfare,” he said, extending its reach into all domains of military operations to support the Air Force, Navy, and Marines.

“It’s got a bunch of capabilities, and that’s what we’re going to play with to figure out what’s the right mix,” Lt. Gen. Joseph Anderson, the deputy chief of staff for operations (G-3/5/7), told reporters at last week’s Association of the US Army conference. “It’s got some aviation. It’s got some maneuver. It’s got signal. It’s got cyber.” In English, that means it has helicopters, infantry and/or tanks, communications troops, and technical troops to protect (and perhaps attack) computer networks. By contrast, a typical Army brigade today, a much larger formation, has maneuver and signal, but no helicopters or hackers.

The eventual goal of this experimentation may be permanent units that are so self-sufficient. The old Cold War-era Armored Cavalry Regiments had their own in-house helicopters, as well as tanks, signallers and supply to conduct reconnaissance at high speeds over large areas in the face of armed opposition. Army reformers from Doug MacGregor to H.R. McMaster, both veterans of ACRs, have seen these self-sufficient units as a potential model for future forces. The Army recently explored reviving them, but “we don’t have the stuff to build it,” in particular the helicopters, Anderson said.

“There’s still not consensus about what this thing” — the revived ACR or Reconnaissance-Strike Group — “should look like, how big it should be,” said Anderson. “That doesn’t mean we’re not going to keep striving to build that kind of capability….I think in the meantime this Multi-Domain Task Force may provide pieces, parts, of what that RSG was going to be.”

Why the drive for smaller units with a wider range of capabilities? The Army increasingly worries that big units will just be big targets. Russia and China, in particular, have developed their own smart missiles, plus the sensors to find targets and the networks to coordinate strikes. These Anti-Access/Area Denial (A2/AD) systems have the range and accuracy to potentially make wide areas of Europe and Asia — including the territory of allies like the Baltics, Poland, and South Korea — a deadly no-go zone for conventional US forces.

“There are several nations around the world who have developed very complex, very sophisticated Anti-Access/Area Denial sort of capabilities,” Milley said. “Obviously Russia and China, to a lesser extent Iran and North Korea…. That A2/AD structure is highly lethal and operating inside that structure, in large formations, will also get you killed.”

“So smaller dispersed, very agile, very nimble organizations — that are networked into other lethal systems that delivered by either air or maritime forces — will be essential to rip apart the A2/AD networks,” Milley said. “These organizations would be highly lethal, very fast, very difficult to pin down on a battlefield.”

The Army can’t maneuver this way today, emphasized Maj. Gen. Duane Gamble, the logistician heading the Europe-based 21st Theater Sustainment Command. “We don’t have the mission command capabilities that can do that. We don’t have the sustainment capabilities,” he told me at AUSA. “But where we’re getting the reps in is widely dispersed operations at the company level, sometimes at the platoon level, training with our allies, and we’re learning the vulnerabilities of our heavy formations (i.e. tank units). Their internal logistics are designed to operate in battalion sectors… So all that is informing what we need to do in the future.”

Not everyone is excited. At the AUSA conference in Huntsville, an analyst, historian and top aide to Milley’s predecessor, retired Col. David Johnson, warns we may have already overloaded Brigade Combat Team commanders with too many capabilities that once were managed by divisions or even corps. “The BCT has become the division… the focal point of just about everything. We ought to challenge that assertion,” Johnson said. “Should we keep pushing capabilities down to the BCT or relook the role of divisions and corps, and focus the brigade on the close fight?”

The head of Training & Doctrine Command (TRADOC), Gen. David Perkins answers: “You’re (still) going to have to have echelons of command that synchronize and deconflict. That won’t change — but how those responsibilities and authorities are divided may have to. A whole generation of Army leaders grew up with Airland Battle doctrine’s clear demarcations between the close fight, conducted by short-range weapons; the deep fight, conducted by Air Force strikes, attack helicopters, and ATACMS missiles; and the supposedly safe rear area.

“A lot of it was determined by range of weapons. It was determined by physics, it was determined by geography, (e.g.) here’s a bridge crossing, who’s in charge of it?” Perkins told me at AUSA. “What we’re finding with multi-domain battle (is) that construct doesn’t work…. What’s the range of cyber?…You can’t define the battlefield framework by the range and/or limit of your weapons.”

“What we tried to do with a two-dimensional construct, AirLand Battle, was impose some order on the chaos that is battle(:) I own this part of chaos, you own this part of chaos,” Perkins said. “Now… instead of trying to control chaos, we have to thrive in it.”

http://breakingdefense.com/2017/03/new-army-unit-to-test-tactics-meet-the-multi-domain-task-force/

 

Federal Contractors Seek Edge in Specialized Services

Standard
Competive Edge Virtual Elves dot com

Image: “Virtualelves.com”

“NATIONAL DEFENSE MAGAZINE”
“In the cutthroat world of government services contracting, the lowest bid generally wins the project.
That trend has driven a cadre of technically specialized firms to reposition themselves in the market so they can compete less on price and more on the value of particular skills and knowledge. 
 
This shift is especially apparent in sectors like defense, space and intelligence that depend on contractors for highly complex missions. Companies that have the technical expertise are carving out niches where they can dominate and be less vulnerable to price wars. 
 
Lynn Dugle, CEO of government services contractor Engility Inc., said the company has been moving in that direction for the past couple of years, and the plan going forward is to focus more acutely on projects that are awarded based on “best value.”
 
“We are positioning our defense business to be more like our space and intelligence businesses, where we can differentiate the work we do in higher end services and engineering,” Dugle told National Defense. 
 
Dugle is finishing up her first year as CEO of $2.1 billion Engility. The company was spun off nearly five years ago from top defense contractor L-3. In 2015 it acquired the services contractor TASC and doubled its size.
 
Engility initially sought to compete in broader categories of federal support services that are awarded to the lowest bidder in so called “lowest price technically acceptable” contracting. Over the past eight months, only 5 percent of Engility’s bids have been for LPTA contracts, Dugle said. Now almost all the company’s proposals are “best value.”
 
LPTA is widely despised by companies in the defense industry and viewed as a race to the bottom. There is now a growing consensus that LPTA contracting works for nontechnical services like maintaining government facilities or staffing mess halls. Dugle has seen the Defense Department walk back from LPTA for engineering support and other “mission support.” Defense agencies frequently found that companies selected based on LPTA were technically unqualified.
 
“The market has shifted,” Dugle said. “Customers got burned on those higher end contracts with LPTA. Competitors bid really low and then they couldn’t staff the jobs.”
 
Engility is moving to hire specialized talent to shore up its defense expertise. “We are close to naming a senior VP for defense,” she said. “We need a certain percentage of our leadership to have operated and been successful at pursuing big programs, and at best value proposal writing. That’s a different skill than competing on price for smaller projects.”
 
The shift to higher end services appears to paying off. Engility reported an $11 million loss in 2016, but that was an improvement over $235 million of red ink in 2015. The numbers are “encouraging,” said Dugle. “Four contracts we won were over $200 million. That requires getting the right people with the right experience.” Engility has submitted at least 10 bids worth over $100 million that are still in source selection.
 
“We want to be primes in large jobs,” said Dugle. The company’s government work today is 40 percent defense. Dugle predicts that share will increase. “The market itself in DoD continues to get more attractive,” she said. 
 
Like other industry executives, Dugle is bullish but cautious about the anticipated spending boost to defense and veterans programs projected by the Trump administration. Even if the increase materializes, every agency in the federal government including the Defense Department will be squeezed. A new Trump executive order requires agencies to conduct a “thorough examination” of its operations and to recommend “where money can be saved and services improved,” White House Press Secretary Sean Spicer told reporters. That could result in layoffs of government workers but also in cutbacks in the use of contractors.
 
The message for contractors is that “we have to be prepared to respond,” said Dugle. “We do a lot of thinking about scenarios and how we can be prepared. Services is always a challenging business. It’s not a technology play, it’s a people business.”
 
Dugle is especially optimistic about the possible privatization of parts of the Federal Aviation Administration. “We just won the largest contract with the FAA, the largest we’ve ever won, to help them modernize their systems.”
 
Trump’s budget has been widely rejected on Capitol Hill and many specifics remain unknown so Engility, like other defense firms, has been conservative in its future earnings and sales guidance to Wall Street. “It’s premature until we know the program details of the FY18 budget,” she said. “We believe we are more advantaged than disadvantaged in a Trump administration but we did not want to put that in a plan.”
 
The industry also will be watching congressional action led by House Armed Services Committee Chairman Rep. Mac Thornberry, R-Texas. The committee is drafting a procurement reform bill to accompany the 2018 national defense authorization act. On the list of Thornberry’s targets are services contracts. 
 
The 2017 NDAA sets limits to the use of LPTA in defense procurements. Thornberry has pushed Pentagon officials over the years to more precisely articulate the military’s needs for contracted services and how services vendors are selected.
“One of the big challenges is the definition of requirements,” Dugle said. That is partly the reason DoD has had to re-evaluate its use of LPTA contracts, she noted. “If you just write a requirement that you need five people with 10 years of experience with a particular degree, that is when people default to price.” Conversely, the government could make the requirement to accomplish a desired mission, and leave it up to the bidders to decide how to staff the job. “If you are relying on systems engineering, you have to write good requirements.” 

NATO Agency Seeking Bids for IT Modernization Program

Standard

NATO IT

Photo: NATO officials discuss future cyber initiatives at the NATO Communications and Information Agency. (NATO)

“NATIONAL DEFENSE MAGAZINE”

“The program will span at least four contracts and be worth up to $537 million, and is expected to be completed by mid-2018.

NATO’s communication and information technology arm is seeking industry partnerships as it takes on a multi-year modernization effort for its information-technology systems, according to the organization’s acquisition director.

The NATO Communications and Information Agency — which runs the information technology, communications and command and control for the multinational organization — has opportunities for defense and IT companies in various stages of the modernization program, Peter Scaruppe told National Defense in February.

“The IT modernization program is a very important one because it basically replaces all of the IT in all the NATO locations, and for all the NATO forces,” he said.

The program entails: streamlining NATO’s IT service offerings to increase efficiency and effectiveness; using a customer-funded delivery system to increase the flexibility and scalability of IT services; delivering services from a centralized set of locations; and implementing increased cyber security measures, according to the agency.

Next on the priorities list is introducing a cloud-based services enterprise design by this summer, which Scaruppe called a major part of the modernization program.

“Storage is an important issue for all current and future IT programs, because with big data and the availability of big data, it is increasingly important,” he said. “We are anxious to see what companies will provide.”

NCIA Agency also plans to develop new data centers in Mons, Belgium, and Lago Patria, Italy, by early 2018, Scaruppe said. A third site has not yet been publicly revealed, but is being considered as an option “if and when we need it,” he said.

“This is for the IT support and operational support for NATO locations and operations,” he said.

NCI Agency has made concerted efforts in recent years to work more closely with industry to beef up its cyber defense capabilities. The agency contracts out about 80 percent of its work to the defense and security industries of NATO’s 28 current member-nations, Scaruppe said.

This year, the agency will host its annual industry conference in North America for the first time since it kicked off six years ago, rather than in a European country, “to note the transatlantic alliance,” he said.

The theme of the NCIA Agency Industry Conference and AFCEA TechNet International — which will be held in late April in Ottawa, Canada — is “Sharpening NATO’s Technological Edge: Adaptive Partnerships and the Innovative Power of Alliance Industry.” The conference builds upon last year’s theme of why innovation is important to NATO’s technological needs, Scaruppe said.

“Especially in the IT and cyber world, we know that there are a lot of innovators out there … not exactly keen on working with an 800-pound gorilla like NATO,” he said. “Some are not familiar with the process, [so] we need to catch the right innovators.”

One major part of the conference is dedicated to innovation challenges where agency officials and industry will discuss pre-determined areas of study, he said. “We did this last year, very successfully, and we got lots of proposals, many more than we thought we would get.”

Conference attendees will learn of upcoming business opportunities with an overall budget of about $3.2 billion over the next two to three years, Scaruppe said.

Businesses also have the change to speak with agency experts ahead of potentially bidding on a project.

“We do this every year, but we’re dedicating a lot more time to this part than usual [this year],” he said, adding that the agency hopes to attract more U.S. and Canadian industry members as a result.

Attendance rates at previous conferences have been about 70 percent European-based, Scaruppe said.

The agency is also looking to attract more cyber experts through the conference by running a next-generation skills exercise and innovators program, he said.

“We have a lot more work than we have staff for — and the same is true with the private companies — [and] we want to find innovative ways of how to attract these people, how to retain these people and also keep us current in the cyber exercise.”

http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=2448

 

 

 

De-Complicating Federal Cyber Security

Standard

Decompliating Cyber Security(Photo Credit: U.S. Army)

“FIFTH DOMAIN CYBER” – By Keith Lowry

When it comes down to it we’re dealing primarily with a people problem before a technical problem. People use technology to become cybersecurity and insider threats.

They also use low-tech tactics like social engineering and dumpster diving, too. Until the government realizes these concepts are connected, and that it can’t just purchase tools to address their vulnerabilities, it will always lag behind the threat.

“The nine most terrifying words in the English language are, ‘I’m from the Government, and I’m here to help.’” ~President Ronald Reagan

It might seem like hyperbole to claim that anything the government does hinders, and doesn’t help, progress. I’d like to think differently, but my experience gives President Reagan’s statement a certain level of credibility. Too many times, government agencies are convinced that doing things on a large scale will solve individual problems or issues. This attitude leads to massive delays and a lack of attention to the small but important details.

Making Simple Things Complex

During my tenure at the Pentagon, it was almost impossible to develop, coordinate, authorize and publish any policy within two years. Even if a proposed policy was extremely important, it just took too long to implement. If the Department of Defense has such issues in developing policy, then consider how difficult it must be to develop and publish policies that span across the entire spectrum of the government.

Governments inherently make simple things complex, and complicate obviously simple tasks. Because of this, I inherently question any program driven by a government agency or organization that claims it is “here to help.”

Large scale government programs are often initiated to create cost effectiveness, but what is the cost if the program takes years to develop and implement? Even worse, the fast-paced cycle of technological advances makes measuring program development in terms of years a huge problem. The opportunity costs coming from a breach or system downtime far outweigh any fiscal savings. Add in the fact that many government agencies will fight for ownership of a large program because of the concomitant funding, and you’ll see why relatively simple matters can spiral out of control very easily.

That’s not to say there isn’t a benefit in government ownership. There are potential cost savings tied to having overarching policies executed by a single entity, but the coordination and time lapse in enacting anything of value is suspect. It takes too long to enact and follow through, especially when most agencies have their own congressionally driven budget and appropriations process to consider.

A Multi-faceted Issue

Over the years, I have heard many agencies state that they cannot consider creating an insider threat program or cybersecurity program because they don’t have the budget, or that they are waiting for a parent agency to come up with a plan and associated instructions. The problem with this thought process is multi-faceted. First, no two federal organizations are alike. They all have differing processes, serve diverse populations, and also possess assorted and sundry critical value data.

Second, each of these variables means that one insider threat or cybersecurity solution doesn’t fit another organization’s needs. Finally, the budgetary and appropriations cycles are controlled by Congress, subjecting them to political realities and consequences.

In these circumstances, when I hear that the government is telling agencies what they must do while controlling the budget from afar, it’s creating a difficult problem for the agencies to solve. Furthermore, when I hear that one agency is dependent upon another to proceed in developing insider threat programs or cybersecurity solutions, it rings of the “I’m from the government, and I’m here to help,” idiom. In other words, no action will be taken in sufficient time to counter any threat.

Solving at the Highest Level

My solution for this might sound a bit controversial.

Cybersecurity threats are comingled with insider threats. At a fundamental level, too many people believe that technology alone is the answer to cybersecurity concerns. I’ve mentioned it before, it’s not just about technology. Yet that’s the first thing people think of when considering cybersecurity or insider threats. Maybe it’s thanks to Hollywood’s portrayal of the industry and the capabilities of high-powered computers connected to, well, everything.

Solving at the Highest Level

My solution for this might sound a bit controversial.

Cybersecurity threats are comingled with insider threats. At a fundamental level, too many people believe that technology alone is the answer to cybersecurity concerns. I’ve mentioned it before, it’s not just about technology. Yet that’s the first thing people think of when considering cybersecurity or insider threats. Maybe it’s thanks to Hollywood’s portrayal of the industry and the capabilities of high-powered computers connected to, well, everything.

Tactically, the government should elevate decision making for the cybersecurity/insider threat problem to a Cabinet-level position, which would signify the importance of the issue. Additionally, the Cybersecurity Cabinet person should adhere to the mantra of centralized administration, de-centralized execution. Making each agency responsible for executing its own cybersecurity and insider threat program will encourage much faster implementation countering these threats. Of course, Congress would have to be included in any solution to ensure success.

This may not be the best fiscal option, but it would certainly be the best method for quick implementation and execution required to protect government-held and controlled critical value data. Rather than one agency doing everything, make each agency responsible for creating, implementing, and running individual programs, and hold them accountable at the highest level possible.

http://fifthdomain.com/2017/03/08/de-complicating-cybersecurity-at-the-federal-level-commentary/

About the Author

Keith Lowry

Keith Lowry is the senior vice president of Nuix USG and Nuix’s Business Threat Intelligence and Analysis division. He served as chief of staff to the deputy undersecretary of defense for human intelligence, counterintelligence and security at the Pentagon, as well as an information security consultant in the private sector

 

Security Clearance Backlog Puts Contractors & DOD at Risk

Standard
securtity-clearance-backlog-associationsnowdotcom

Image: “Associationsnow.com”

“WASHINGTON TECHNOLOGY”

“According to OMB, between February and September 2016, the backlog grew more than 22 percent from 464,000 to 569,000.

In a congressional hearing on Feb. 2, officials said the backlog was “more than half a million investigations.” All signs indicate it is still going up.

  1. The Backlog

Processing times are also too long, nearly triple the goal of 40 days for secret-level investigations (averaging 105 days) and 80 days for top secret-level investigations (214 days).

  1. Resource Shortfalls

For years, there have been too few people processing clearances and too little money to meet the demand. This affects agencies across the government, particularly those with the greatest demand. For example, when OPM raised the prepayment rate for a clearance request in 2015, Department of Defense funds to meet its pre-planned demand fell short by more than $60 million. The fiscal 2017 DOD budget request would have fixed that, but continuing resolutions made the funding shortfall worse. Civilian agencies also face funding shortfalls, though there is no readily available reliable information on their size.

  1. Antiquated Processes
Much of the backlog problem comes from using an antiquated, time-consuming background investigations process. Investigators ask basically the same questions they did 40 years ago, often going door-to-door and relying on face-to-face meetings with neighbors and friends. The government still relies too much on paper records and closed systems for collecting and sharing information.
  1. No Reciprocity

Dozens of agencies require their personnel and supporting contractors to obtain and maintain security clearances, yet these agencies fail to accept clearances from one another. At a Professional Services Council event last fall, the Justice Department alone cited at least five different required sets of background information, with DOJ agencies failing to recognize the validity of similar investigations even from within the same agency. This only exacerbates backlog problems.

  1. The OPM Data Breach

About the only area of the security clearance problem that has received plenty of attention has been the 2014 hacking of 22 million Office of Personnel Management data records. The records were so vulnerable to hacking, and government defenses so inadequate, that former Defense Policy Under Secretary Dr. Jim Miller described them as the equivalent of “leaving boxes of money on the front porch.”

However, while there has been little reporting on the OPM data breach impacts on security clearance backlogs, it is likely that government agencies have slowed their pace of activity in order to reduce their own vulnerability.

  1. Government Silence

The biggest problem of all is that the federal government simply won’t acknowledge the depth and vectors of the problems. Current data on the backlog are hard to find and harder to validate. Public statements by senior officials ignore both the magnitude of the problem and its impact on government workload and workforce. Congress has devoted little attention to the backlog, and hearings have focused more on OPM actions rather than on the backlog and its impact. Comprehensive solutions are hard to find.

Impact on the Government

New government personnel (military and civilian) cannot perform their full duties without the necessary clearances. Supporting contractors cannot fill positions requiring clearances even if they are funded under existing contracts. Essential work goes unperformed, and contractors can even be penalized for contractual non-performance by the very agencies that are holding up the clearances.

Fixing the Problems

The National Background Investigations Bureau became operational last October, and it offers some hope. NBIB aligns OPM with the Defense Information Systems Agency for a new database and more system security. NBIB also promises additional consolidation in federal investigations management and additional investigators.

But NBIB alone won’t bring the backlog down. Fixing the problems will take a serious infusion of additional people and funds, and the longer we wait, the greater the backlog will become. Most importantly, Congress must address DOD’s $60 million funding shortfall (as well as any shortfall in the civilian agencies) when the current CR expires on April 28. Congress should also raise this issue with every nominee in the affected agencies.

In the longer term, we need to make serious changes in investigations processes, including developing and applying digital tools for conducting background checks, performing ongoing updates instead of periodic reinvestigations, reducing the over-classification of material and the number of positions that require clearances, and focusing adjudication attention based on risk to the government rather than on rote application of rules. ”

https://washingtontechnology.com/articles/2017/03/02/insights-berteau-security-clearance-dangers.aspx

 

The FCC Seems Unlikely to Stop Internet Providers from Selling Your Data

Standard
selling-your-data-cbs-news-dot-com

Image: CBS News.com

“WIRED”

“Little seems to be standing in the way of Comcast, Verizon, and other internet service providers selling your personal information without your permission.

The Federal Communications Commission took a first step toward delaying its own rules protecting consumer privacy and security.

Last October the agency passed a set of rules that would have required internet providers to take new steps to protect your private data from hackers. That same regulatory package would have required ISPs to notify you if someone hacked your data and to get your active permission before selling your data. The FCC suspended the data security rules from that package that would have taken effect Thursday

The FCC and the Federal Trade Commission, which regulates the privacy and security practices of websites like Google and Facebook, also issued a joint statement that signaled a seeming intention to jettison the privacy rules as well before they take effect later this year. (Neither agency responded to a request for comment.)

“The Federal Communications Commission and the Federal Trade Commission are committed to protecting the online privacy of American consumers,” FCC chairman Ajit Pai and FTC chairman Maureen K. Ohlhausen said. “We believe that the best way to do that is through a comprehensive and consistent framework.”

Ajit Pai, chairman of the FCC, has opposed the rules all along, saying he believes websites and internet providers should follow similar privacy and security practices. He contends that multiple sets of rules will lead to confusion among consumers. The upshot for consumers: Your internet provider has less obligation now than it would have to protect you from hackers. And providers seem to be facing few legal roadblocks standing in the way of selling your personal data to advertisers.

Reasonable Protections

Rather than spelling out specific steps that internet providers should follow to protect customer data, last year’s privacy and security order called for internet providers to provide “reasonable data security.” The order made it clear that internet providers wouldn’t be held liable for all data breaches and provided some guidance that it described as consistent with the Federal Trade Commission’s privacy rules. It also suggested that providers look to other privacy laws, such as the the Health Insurance Portability and Accountability Act (HIPAA). Industry groups objected, claiming the FCC’s new rules were too vagu

Protecting internet privacy has also traditionally fallen to the FTC. But in 2015, the FCC reclassified internet providers as utility-like “common carriers,” a change that enabled the agency to enforce net neutrality rules banning internet providers from discriminating against or favoring particular websites or apps. Last year as result of a lawsuit filed by AT&T, a federal court decided that because internet providers now qualify as common carriers, the FTC no longer has authority over them. Responsibility for regulating how internet access providers manage privacy instead fell to the FCC, while the way websites like Facebook and Google manage privacy remained the FTC’s responsibility.

Shortly after the court’s decision, the FCC set about creating a set of stricter privacy rules. The biggest and most controversial difference between the FCC’s newer rules and the FTC’s rules was the ban on selling customer data without your permission, set to take effect as early as December. Your internet provider has a view of your most intimate online activities. Although Google uses encryption to prevent prying eyes from seeing your online searches, your internet provider can see what websites you visit, when you visit them, and how much time you spend there.

In 2012, Verizon began tracking its wireless customers’ activities across the internet. It then used that data to target ads on the various sites it owns, such as the Huffington Post. Eventually the company gave customers the option to opt out of that tracking, and later it limited tracking your behavior on Verizon-owned sites only. The FCC’s newer rules would ban Verizon or any other provider from similar data collecting without getting customers’ permission, unless the Congress or the FCC delay or overturn them before they go into effect.

Pre-existing FCC rules already ban providers from tracking customers without at least notifying them, but unless the new, more stringent rules take hold, telcos will have much more freedom to sell your data. Regulations letting both internet access providers and websites sell your data may be consistent. But that doesn’t mean they make sense.”

https://www.wired.com/2017/03/fcc-graciously-sets-internet-providers-free-sell-data/

 

 

 

Army Awards Spots on $2.5B Contract Vehicle for Desktop and Mobile Computers

Standard
mobile-computing-contract-defense-systems-dot-com

Image: Defense Systems.com

“GOVCONWIRE.COM”

“Nine companies have won spots on a potential 10-year, $2.5 billion contract.

The Army Contracting Command received 58 bids for the Army Desktop and Mobile Computing-3 contract vehicle, the Defense Department said Thursday.

The ADMC-3 contract covers integrated desktop computers, tablets, notebooks, tablets, workstations, electronic displays, printers, thin clients and multifunction devices, according to a FedBizOpps notice.

The awardees are:

  • Blue Tech
  • Dell’s federal systems business
  • GovSmart
  • Ideal Systems Solutions
  • Intelligent Decisions
  • Iron Bow Technologies
  • NCS Technologies
  • Red River Computers
  • Strategic Communications

The Army will determine work locations and obligate funds upon award of each task order under the firm-fixed-price contract and expects contractors to complete work by Feb. 15, 2027.”

https://www.govconwire.com/2017/02/army-awards-9-spots-on-2-5b-desktop-mobile-computers-contract-vehicle/

These College Students Invent Things for the Pentagon And Maybe Find a Business

Standard

invention-accellerator

“WASHINGTON POST”

“After a test run at Stanford University last spring, the accelerator is starting similar courses at least a dozen universities.

A Pentagon-funded unit called the MD5 National Security Technology Accelerator, gives students a modest budget to try to solve military problems using off-the-shelf products.

The Defense Department’s Hacking for Defense program (which, despite its H4D handle, does not focus on cybersecurity) is a graduate school course designed to let students invent new products for the military. Students without security clearances — including some foreign nationals — are put to work on unclassified versions of real-world problems faced by military and intelligence agencies.

The University of Pittsburgh, University of California at San Diego, James Madison University and Georgetown University are among those trying to replicate Stanford’s success.

To spearhead its effort, Georgetown hired a former Special Operations Marine with a deep Rolodex and a long history of doing business with the Pentagon.

Chris Taylor’s first career had him jumping out of airplanes and serving on hostage rescue teams as part of the Marine Force Recon unit, an elite intelligence-gathering team tasked with “deep reconnaissance” missions in dangerous combat zones.

He became an instructor in the unit’s amphibious reconnaissance school, where he taught enlisted Marines skills such as how to covertly approach military installations from the sea and survive undetected in the wilderness.

“He’s been good at teaching, leading and just selling ideas for a long time,” said Bob Fawcett, a retired Marine who worked with Taylor at the Force Recon training program.

Taylor spent evenings studying accounting as he worked toward a college degree, the first step in a lucrative career on the business side of the Bush administration’s military buildup.

He became a top executive at Blackwater Worldwide, the private security firm that was at the forefront of a booming mercenary industry working in Iraq and Afghanistan, until its reputation took a turn for the worse over a deadly shooting involving its employees that launched a congressional inquiry and was eventually ruled a criminal offense.

He served at private security firm DynCorp and founded a small but profitable company called Novitas Group, which handled job placement for Veterans.

His next challenge: helping Georgetown’s students navigate the Pentagon.

One team of students in Taylor’s class is working for the Army Asymmetric Warfare Group, a Pentagon sub-agency, to find new ways to track social unrest in crowded foreign cities by mining Twitter and Facebook. Another group of students is trying to combine augmented reality technology with advanced facial recognition software, hoping to build something that would allow U.S. forces to constantly scan crowds for individuals known to be a threat. Another team is looking for ways to counter the off-the-shelf drone fleets that the Islamic State claims to employ.

“This is like the greatest educational experience you could possibly have if you’re interested in national security,” Taylor said.

The program’s managers in the government say the main point is to familiarize techies with the Pentagon’s mission, but their trial run at Stanford also showed a degree of success in spinning off businesses.

In Stanford’s trial run, four out of eight student teams raised additional money, either from the government or from private investors, to continue their work beyond the course.

One is a satellite imaging company called Capella Space. The company’s founders had initially hoped to sell satellite imaging services to government space agencies, but pivoted toward the private sector after interviewing more than 150 industry experts as part of Stanford’s course.

“We realized that if you really want to work with the government in what you’re doing, they want you to be a commercial company — with commercial revenue — and they want to be a subscriber to your service,” said company founder Payam Banazadeh.

Capella Space has a satellite launch planned for the end of year, which it hopes will be the first step in sending 36 ­shoebox-size satellites into space. The company is funding it with an undisclosed amount of venture capital raised from Silicon Valley Venture investors including Yahoo co-founder Jerry Yang.

It remains to be seen whether efforts at other universities will have the same success.

Even before Georgetown’s class launched, for example, the university’s strengths and limitations were already on display. Georgetown is known for deep connections to the Washington establishment but is overshadowed by other elite universities in certain technical disciplines. It does not have an engineering school, for instance.

One of the problem sets that the government sent for Georgetown students to work on would be on an unclassified basis for the National Security Agency, following in a Stanford team’s footsteps.

Taylor touted the opportunity to work with the NSA in seminars advertising the course, but couldn’t find a group of students that he thought had enough technical knowledge to take on the challenge.

But those who did join Taylor’s course are making early progress. Just a few weeks into the program, students looking for a way to track terrorists using social media had come up with a prototype that they coded on their own.

The group spent the class working through ways of quickly translating posts from Arabic and more easily geo-locating individual tweets and Facebook posts. Taylor wondered aloud whether the system might be enhanced if they paid social-media users small sums of money for what details they knew about the posts.

Next, he wants to open the course to other Washington-area universities, poaching engineering students from rival colleges around the region.

“Imagine what we can achieve when [national capital region] universities band together with a unity of effort toward national security problem solving,” he said in an email.

“It. will. be. awesome.”

https://www.washingtonpost.com/amphtml/business/capitalbusiness/these-college-students-invent-things-for-the-pentagon-and-maybe-find-a-business/2017/02/19/558ac8f0-ea25-11e6-80c2-30e57e57e05d_story.html

 

The New Technology of Humanitarian Assistance

Standard

drones-for-humanity

“THE CIPHER BRIEF”

“Technology has already transformed the conduct of war; could it also transform approaches to aiding the victims of conflict, disease, and natural disasters?

Drones could help alleviate some of these challenges through remote delivery of high-value, low-mass goods to areas otherwise inaccessible due to hard terrain, natural disaster, or conflict.

Since the first CIA Predator drone strike in October 2001, the United States, among others, has sought to expand the technology to facilitate remote warfare. UN peacekeeping forces use drones for intelligence gathering in such places as Mali, the Central African Republic, and the Democratic Republic of the Congo. The commercial drone industry is booming and is expected to only grow further with hobbyists using off-the-shelf quadcopters for their scenic vantage points and Amazon’s prospective drone deliveries to customers. Even insurgents are beginning to incorporate this new technology into their arsenals, setting their sights on recruitment messaging, intelligence collection, and explosives delivery.

To understand how drones could transform the provision of humanitarian aid, it is important to first acknowledge the areas of difficulty humanitarians often encounter. Jack Chow, a former U.S. ambassador and the first Assistant Director-General of the World Health Organization on HIV/AIDS, Tuberculosis, and Malaria, points out that “the barriers to providing humanitarian aid are numerous and evolving. Chief among them are extensive operational obstacles that involve myriads of personnel, assets, and supply chain links. Complications and breakdowns among any operational components will cause delays and losses of aid. Chokepoints and tenuous routes invite corruption and pilferage.” Kristin Bergtora Sandvik, a professor at Peace Research Institute Oslo (PRIO) and co-founder and former director of the Norwegian Center for Humanitarian Studies, says that “the humanitarian sector struggles with lots of unresolved challenges with respect to obtaining adequate situational awareness for aid workers; getting sufficient information about the size and whereabouts of crisis-affected communities; and overcoming the logistical problems of timely and appropriately scaled last-mile delivery of cargo.”

The issue of supply chain logistics became a major hindrance in the timeliness of the international response to the 2014 Ebola epidemic in West Africa, particularly with fears of the virus spreading internationally. Drones could help alleviate some of these challenges through remote delivery of high-value, low-mass goods such as everyday medicines as insulin, antibiotics, and painkillers, or of communications equipment such as phones and computers, to areas otherwise inaccessible due to hard terrain, natural disaster, or conflict. For example, in Malawi, UNICEF sees drones as a method of transportation for blood work to help HIV testing, while in Rwanda, a humanitarian drone startup known as Zipline is also delivering blood supplies to remote hospitals in the region.

Similarly, the negotiation of humanitarian access in conflict and post-conflict countries often includes tradeoffs between an organization’s freedom of movement and concessions made to local authorities operating in a vacuum of formal government control. However, as Sandvik points out, even if drones could potentially replace caravans of trucks to mitigate the problem of access, “most of the models offered by the drone industry are too expensive for the humanitarian sector and the available models often not powerful enough to stay for any significant time in the air,” let alone “transport tons worth of relief items.”

While larger drones are available to the U.S. military, they require more advanced pilots and could also be targeted by the anti-aircraft systems of belligerents purposely using starvation and medical deprivation as weapons of war. For example, to deliver aid to the Yazidi population trapped on Mt. Sinjar in August 2014, the U.S. military had to first conduct airstrikes on ISIS positions to ensure safe passage of their cargo planes.

Potential advances in artificial intelligence (AI), however, could allow swarms of small drones to slip by air defense systems to individually deliver small packages of cargo—possibly even create impromptu networks for Wi-Fi and establish phone signal availability. Chow asserts that “as costs come down and AI-driven avionics accelerate in power, flotillas of drones over vulnerable regions can provide constant coverage for early detection and rapid response to humanitarian crises.” Artificially intelligent drones could also address major impediments to post-conflict reconstruction, such as landmine removal to enable locals to return to an agricultural economy while mitigating indiscriminate casualties largely affecting children. The Mine Kafon Drone seeks to autonomously map a designated area, detect the positioning of mines via GPS and then safely detonate them at a pace unmatched by even skilled personnel.

Drones could also be a source of information for aid workers on developing crisis situations. Chow notes that “on-board sensors will acquire information about conditions on the ground, presence of detectable dangers, and the numbers and locations of affected people,” and “in the future they may detect the first stirrings of violence by picking up sounds or flashes from gunfire.” Following the 2008 Sichuan earthquake in China that killed over 69,000 and left 18,000 missing, Chinese responders used drones to locate downed bridges, collapsed tunnels, and other chokepoints hindering rescue efforts, while assessing damage to critical buildings such as schools and hospitals. In Nepal, the Humanitarian UAV Network used drones to create clearer photos than existing satellite images while also using 3D modeling of the damage to identify which houses were prone to collapse.

The problem with humanitarian drones monitoring from the skies is that governments and their populations will be uneasy about what the data will be used for. The association of drones with military intelligence collection creates a stigma not easily avoided, and governments may fear footage could be shared with human rights organizations documenting war crimes. Some of this can be addressed through technical solutions such as geo-fencing, whereby drones are only able to gain access to certain airspace, but ultimately, as Chow notes, “expanding drones’ powers will also force a need for a regulatory framework at the national and international level in order to establish technical standards and rules for operations.”

Sandvik suggests the major criticisms of the humanitarian use of drones now are over “concerns the technology creates distance between beneficiaries and aid workers,” “the potential association with military applications” such as intelligence collection, and ultimately, “the lack of added value delivered by the use of drones,” whereby the technology is simply not sufficiently developed yet and therefore a “distraction from other work.”

While drones would likely augment, not replace aid workers—or other longer-term projects such as infrastructure development—there is still enormous potential for drone technology to change the provision of humanitarian aid. There are, however, numerous steps before such technology becomes meaningful, let alone systematically normalized. While the hype over the humanitarian application of drones may have spurred the discussion, persistence is needed to determine how drone technology will actually contribute to future humanitarian efforts.”

https://www.thecipherbrief.com/article/tech/new-technology-humanitarian-assistance-1092

 

 

 

‘Third Offset’ Strategy Calls for Fresh Thinking

Standard
third-offset-strategy

Image: Army.Mil

“NATIONAL DEFENSE MAGAZINE”

“Seeking to gain a competitive advantage by changing the conditions of the environment is referred to as an offset strategy. Defense Department leaders in recent years have been discussing a “third offset” strategy.

Offset strategies are intended to overcome technological or quantitative military advantages of our adversaries.

During the Cold War, the first offset was realized with a superior nuclear arsenal designed to avoid larger expenditures on conventional weapons. Later in the 1970’s, smart weapons, sensors, targeting and control networks were introduced providing technological superiority to mitigate quantitative inferiority in conventional forces, the second offset.

In these times of declining defense budgets, and more importantly, the proliferation of advanced technologies by U.S. adversaries, particularly in the consumer electronics across the global market, the Defense Department is seeking to identify a third offset strategy to regain technological superiority and reverse the cost imbalance created by our adversaries’ lower-cost systems.

This next offset strategy cannot rely on investments in exquisite costly systems. Instead, we must identify ways to leverage existing technologies and maximize the operational utility of development efforts.

In light of this drive to find innovative solutions, the Defense Department has pushed a re-invigoration of the innovative spirit of the United States by supporting organizations like the strategic capabilities office and Defense Innovation Unit-Experimental. Across all domains of the industrial complex it is safe to say that the United States is still a leader in innovation and technology development and we benefit from having some of the most creative and inventive people in the world. As such, technology development is not our biggest challenge in meeting our adversaries’ military posture; fielding innovative technologies more rapidly and efficiently is the challenge we face today.

The defense community has fully embraced this challenge by investing in various technologies intended to truly change the battlespace, altering the playing field in order to maintain superiority. There is a strong tendency for the defense industry to search for that “special” technology or the “next big thing” to provide this offset.

As the previous two offsets have shown, technology is a necessary ingredient, but is just part of the overall strategy. Rather, technological superiority is an enabler of an investment strategy which maximizes the pace and efficiency of capability improvement putting operational and investment pressure on our adversaries.

The 2016 annual Government Accountability Office report on selected Defense Department acquisitions assesses a multitude of programs with timelines in excess of a decade from program start to initial operating capability. On average it seems the weapons themselves or components and upgrades are on a cycle of eight to 12 years whereas major platforms, such as ships, can be measured in decades. In many of these highly complex systems the rigor and pace necessary to ensure program success is understandable, particularly when large quantities of expensive platforms are involved. However, often times the Defense Department could be better served by looking for opportunities to introduce limited quantities of more targeted advanced capabilities more timely and cost effectively.

When looking at adversary cycle times we see that their agility and focus allows them to be inside of our production loop, often fielding counters to our capabilities as our systems are introduced to the warfighter, creating gaps and forcing reactionary responses. If that equation can be flipped, where the Defense Department can introduce advanced capabilities at a faster pace, it will put our adversaries in a more reactionary mode.

Today’s budgetary climate and acquisition process presents challenges to this approach, but there are ways to achieve the recommended effect. There are some select programs demonstrating more rapid acquisition approaches designed to meet critical objectives, but also to identify characteristics that could be the third offset, accelerated capability fielding. Within the framework of the traditional acquisition process there are a few key characteristics that could aid in streamlining and accelerating the fielding of new capabilities.

From the top down there needs to be a cultural shift to accept more risk in order to achieve greater gains in capability. The process in place currently emphasizes low-risk solutions and approaches; however, technically and programmatically there are times where significant gains can be made by taking calculated risk. Our current culture rewards individuals and programs for “not messing up” rather than incentivizing success.

A great example, albeit a bit extreme for acquisition, is the Defense Advanced Research Projects Agency’s mentality of “swinging for the fences.” Many of DARPA’s game-changing breakthroughs occur because of the willingness to accept the risk of failure. Acceptance of a “not perfect” solution must be an acceptable approach. The ability to reassess the requirement based on technical knowledge gained through the engineering process is a critical element to achieving an appropriate solution in an efficient, timely manner. In many instances an 80 percent solution early is more impactful and cost effective than a 100 percent solution late and over budget.

In order to manage risk, program progress should be paced by technical progress with structured reviews that support key decisions. This enables a program to focus on challenging problems and identified risk areas, supporting progress based on technical maturation and risk mitigation rather than strict entry and exit criteria based on standards. These efforts can benefit from active management supported by application and vigorous use of basic management tools and processes. As an example, a fully integrated program schedule and risk management approach allows the team to actively track technical progress, mitigate risks and allocate resources as needed to address potential challenges and opportunities.

“People” is a common thread seen throughout all organizational leadership and effectiveness discussions. Somewhat cliché, but the right people in the right positions can make a significant impact. A high-risk, fast-paced environment is not for everyone and selecting personnel with the correct technical skill sets in conjunction with programmatic and personality characteristics suited to this environment will pay dividends over the course of a program. Subject matter experts with a willingness to take on risk are critical in ensuring program success or even when deciding to “throw in the towel.”

Senior leadership needs to be able to rely on their teams to take calculated risks throughout the program. Key decisions need to occur on the timeline of the technology and progress of a program rather than based on the process. In order to achieve rapid decision-making, managers must have access to necessary stakeholders and be empowered by their leadership. The traditional hierarchy seen in many programs has numerous levels of leadership involved in decision-making based on the type and impact of the decision. This structure can create a risk-averse environment, stifling rapid decision making. A direct line from a program office to an executive steering board comprised of those major decision owners can greatly enhance decision timing as well as incentivize other stakeholders to ensure timely action. A streamlined organizational construct and empowered individuals can keep an accelerated program on pace and when staffed by the appropriate expertise can be agile and flexible enough to handle pop-up challenges.

These are a small sample of ideas that can be achieved today to accelerate the insertion of advanced capabilities by leveraging existing technologies and making use of rapid development and fielding processes.

By demonstrating our ability to bring these improvements to bear when we want and where we want will achieve the desired effects of the third offset regardless of the technology. Embracing concepts to accelerate capability improvements and maximize investments in technology will ultimately force our adversaries into a reactionary posture, thus allowing the Defense Department to maintain its technological and economic superiority for years to come.”

http://www.nationaldefensemagazine.org/archive/2017/January/Pages/ThirdOffsetStrategyCallsforFreshThinking.aspx