Category Archives: Department of Defense

Generative AI, DevSecOps and Cybersecurity Highlighted for the Air Force and Space Force at DAFITC 2023

Posted on by
Reply

Thousands of Space Force and Air Force personnel and industry experts convened to discuss the most current and significant threats confronting global networks and national defense at the 2023 Department of the Air Force Information Technology and Cyberpower Education & Training (DAFITC) Event. Throughout the many educational sessions, thought leaders presented a myriad of topics such as artificial intelligence (AI), DevSecOps solutions and cybersecurity strategies to collaborate on the advancement of public safety.

Leveraging Generative AI in the DoD

At the event, experts outlined three distinct use cases for simplified generative artificial intelligence in military training.

  • Text to Text: This type of generative AI takes inputted text and outputs written content in a different format. Text to Text is associated with tasks such as content creation, summarization, evaluation, prediction and coding.
  • Text to Audio: Text to Audio AI can enhance accessibility and inclusion by creating audio content from written materials to support elearning and education and facilitate language translation.
  • Text to Video: Text to Video AI is primarily geared towards generating video content from a script to aid the military with language learning and training initiatives.

Dr. Lynne Graves, representative of the Department of the Air Force Chief Data and Artificial Intelligence Office (CDAO), provided attendees with a brief timeline of how the USAF will fully adopt artificial intelligence. The overarching aim for AI integration is to make it an integral part of everyday training, exercises and operations within the Department of Defense (DoD).

  • In FY23, the DoD is focusing on pipeline assessment. Using red teaming where ethical hackers run simulations to identify weaknesses in the system, internal military personnel target improvement of their infrastructure and mitigation of the vulnerabilities in the different stages of the pipeline.
  • In FY24, the emphasis will be on the Red Force Migration policy, which involves developing, funding and scaling the necessary strategies.
  • In FY25, the goal is for the department to become AI-ready. This entails preparing for AI adoption at all agency levels, establishing a standard model card that explains context for the model’s intended use and other important information, creating a comprehensive repository of data and implementing tools for extensive testing, evaluation and verification.

Carahsoft AI, Cybersecurity, DevSecOps at DAFITC Tradeshow Blog Embedded Image 2023USSF Supra Coders Utilize DevSecOps for Innovation

The current operations of United States Space Force (USSF) Supra Coders involve a range of activities that combine modeling, simulation and expertise in replicating threats. These operations are conducted globally, and currently include orbit-related activities, replication of DA ASAT (Direct Ascent Anti-Satellite) capabilities and the reproduction of adversarial Space Domain Awareness (SDA).

The USSF Supra Coders have encountered limitations with software solutions, including restrictions tied to standalone systems, licensing structures with associated costs and limited adaptability to meet the specific needs of aggressors and USSF requirements. DevSecOps presents a multifaceted strategy for mitigating the identified capability gaps noted by the USSF Supra Coders. It can help create more effective and efficient software solutions through seamless integration of security protocols, streamlining system integration processes, optimizing costs and enhancing customizability.

Cybersecurity Within the Space Force

Cybersecurity is a shared responsibility across the DoD but is especially relevant for the U.S. Space Force. As a relatively newly emerging branch of the military, the Space Force is still developing its cyber strategies. Due to its completely virtual link to its capabilities, the USSF must prioritize secure practices from the outset and make informed decisions to protect its networks and data.

Currently, the Space Force is engaged in the initial phases of pre-mission analysis for its cyber component which serves as a critical element for establishing and maintaining infrastructure through the integration of command and control (C2). These cyber capabilities encounter a series of complex challenges, which necessitate a multifaceted approach including the following solutions:

  • Enforcing Consistent Cybersecurity Compliance
  • Developing Secure Methods to Safely Retire Old Technology
  • Enhancing Cryptography Visibility
  • Understanding Security Certificate Complexity
  • Identifying Vulnerabilities and Mitigating Unknown Cyber Risks

While the Space Force faces a uniquely heightened imperative to bolster its cybersecurity capabilities with its inherent reliance on information technology and networks in the space domain, the entire community must collaborate effectively to achieve military leaders’ targeted cybersecurity capabilities by the goal in 2027.

The integration of generative AI in military training, innovations through DevSecOps by the USSF Supra Coders and cybersecurity initiatives of the Space Force collectively highlight the evolving landscape of advanced technologies within the Department of Defense. Technology providers can come alongside the military to support these efforts with new solutions that enhance the DoD’s capabilities and security.

 

Visit Carahsoft’s Department of Defense market and DevSecOps vertical solutions portfolios to learn more about DAFITC 2023 and how Carahsoft can support your organization in these critical areas. 

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DAFITC 2023.*

Returning to the Heart of Customer Experience: A Government for the People

Posted on by
Reply

At Carahsoft’s annual Government Customer Experience and Engagement Summit hosted in June, experts from industry and Federal, State, and Local Government came together to discuss stewardship, innovation and paths forward in customer experience (CX). At the one-day event, the thought-provoking sessions examined trends regarding two main themes in the CX journey: culture and technology. The culture track explored ideas for effective leadership, understanding and supporting employees and the importance of diversity, equity and inclusion. The technology track considered goals within IT modernization, artificial intelligence and automation and the digitization of services. This blog series highlights lessons learned from the 2023 Summit and unpacks strategies for achieving excellence in Government CX and engagement.

The Big Picture of Customer Experience

During the opening keynote session, President of GovExec360, Troy Schneider, held a discussion with Barbara Morton, Deputy Chief Veterans Experience Officer, Veterans Experience Office (VEO) at the Department of Veterans Affairs (VA), emphasizing the importance of accessibility and accountability in service delivery. Morton said that purpose is at the heart of customer experiences. Whether they are in the government or supporting from the outside, public servants must consider the barriers along with the opportunities that foster trust, serve the greater common purpose and create excellence in CX. In the Public Sector, CX establishes how constituents engage with civic services. By transforming CX, the public sector can build and progress toward greater trust with those it serves.

Carahsoft Customer Experience Engagement Summit Part 1 Blog Embedded Image 2023Great CX starts with an organizational understanding that building and sustaining trust matters. With that agreement in mind, organizations can better support the mission of delivering efficient CX by learning and adapting to the needs of people they are serving. Agencies should provide visibility to customers on the timeliness and process of their requests, as well as deliver on their promises to foster trust and assurance of reliability. Using human-centered design throughout all stages of CX is also essential for understanding the human perspective and anticipating customer needs. As data is collected throughout the human-centric design approach, organizations gain actionable insights that help them create the best tangible solutions for customer challenges.

Use Case: The Department of Veterans Affairs

Government agencies and organizations must focus on traditional operational measures, and the VA ensures it takes another step forward to evaluate experience-based metrics and treat these insights as co-equal when it comes to agency performance. Morton said that action drivers like executive orders and Office of Management and Budget’s (OMB) efforts are significant authorities in the transformation of Government CX to continuously progress toward access equitability and efficiency. With their guidance, agencies must agree on the top priorities for service delivery and then incorporate the human-centered design aspect. For example, the VA examines women and tribal veteran’s experiences to ensure it can translate those insights into meaningful and applicable products so those groups feel better understood when interacting with the VA. Additionally, in a digitally driven world, organizations must provide experiences with easy-to-navigate accessibility. Each agency should have a clear homepage or “digital front door” that customers know how and when to access.

Lasting Progress for Lasting Change

In the government, CX can make a measurable difference in the lives of individuals or families going through significant life changes, such as a natural disaster or medical crises as an active or retired veteran. Open source technology that intersects with the government at Federal, State and Local levels can achieve economies of scope and scale, and the improvement of financial savings proportionate to goods produced. The addition of effective CX technology allows government agencies to provide more assistance to more people, having a profound impact in their lives.

 

Check back soon to read the rest of Carahsoft’s insights from CX industry thought leaders at the summit.

 

To learn more about the latest in the CX landscape and how Carahsoft’s industry-leading partners can support your Customer Experience initiatives, please visit our resource hub to access all on-demand recordings and information from the 2023 Government Customer Experience and Engagement Summit.

Insights from SOF Week 2023

Posted on by
Reply

By maintaining effective collaboration and innovation, the U.S. furthers its quality defense. This year’s SOF Week conference was held May 8-11 in Tampa, Florida. Organized by the Global Special Operations Forces Foundation (GSOF) and the United States Special Operations Command (USSOCOM), the event offered attendees an exhibition hall and extensive networking and educational programming to discuss advanced physical and digital security measures within defense operations.

The Importance of People

The Marine Forces Special Operations Command is initiating a new program called Cognitive Raider. This initiative’s goal is to operate parallel to the Marine Corps by making a difference on the battlefield through a robust workforce. There are several traits the Cognitive Raider initiative is looking for in applicants. Individuals must be prepared to secure assets against adversaries and be able to operate, not only as an individual, but also as a part of a team. Other vital traits are professionalism, dependability and modesty in relation to their achievements. The Marine Forces deliberately select candidates who display character and are prepared to learn special skills that build the organization up for success.

As the military aims to advance along with the dynamic evolution of technology, they must prepare for significant and unpredictable changes. Agencies may need to repurpose existing technology and investments to gain results in new areas that were previously considered low priority projects.

Carahsoft SOF Week Recap Blog Embedded Image 2023Artificial Intelligence Driving Innovation

In the digital age, and in the U.S. specifically, the economic ecosystem is digitally connected. This makes cybersecurity vital to every part of daily life. Bad actors can utilize AI’s abilities to hack software before defensive tools have been put in place; however, there are ways to mitigate these challenges.

AI technology drives efficient capability by improving agency understanding of technology and by accelerating decision-making. While humans can only make a few decisions a minute, AI can make hundreds of thousands of precise calculations and execute accordingly. This makes AI helpful in performing penetration tests to identify security weakness for offensive cyber operations. In finding these weaknesses, agencies can get ahead in the cybersecurity battle against threats.

Innovation in U.S. Central Command

Innovation is a vital part of the national defense sphere, and emerging technology can be leveraged to drive agency growth. This means employees must be properly prepared to use new software. To achieve this, agencies need to implement mechanisms and processes that encourage employees to enact change.

Team collaboration can help agencies reach grounded conclusions. Having tech partners is vital, as agencies can swap information on their respective expertise to help each other accomplish their goals and optimize processes. Schuyler Moore, the Chief Technology Officer for U.S. Central Command said she collaborates with other team members “…consistently to scan and ask folks about what processes are working, and what good ideas [they] have that might improve on how we do things.”

To best support timely tech updates and modernization, agencies should begin by shifting the organizational structure to create new pipelines and entities to sustain long-term innovation. In addition, agencies should prioritize projects in correlation with the shifting agency needs. By utilizing recurring exercises and group conversations, organizations can coordinate employee efforts and set expectations on priorities and goals.

Collaboration around new technology drives important innovation for national security. By facilitating the sharing of these ideas, SOF Week has spurred on new defense developments and shared knowledge.

 

To learn more about the topics discussed at SOF Week, view Francis Rose’s full Fed Gov Today episode co-sponsored by Carahsoft.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at SOF Week 2023.*

How Palantir Meets IL6 Security Requirements with Apollo

Posted on by
Reply

Building secure software requires robust delivery and management processes, with the ability to quickly detect and fix issues, discover new vulnerabilities, and deploy patches. This is especially difficult when services are run in restricted, air-gapped environments or remote locations, and was the main reason we built Palantir Apollo.

With Apollo, we are able to patch, update, or make changes to a service in 3.5 minutes on average and have significantly reduced the time required to remediate production issues, from hours to under 5 minutes.

For 20 years, Palantir has worked alongside partners in the defense and intelligence spaces. We have encoded our learnings for managing software in national security contexts. In October 2022, Palantir received an Impact Level 6 (IL6) provisional authorization (PA) from the Defense Information Systems Agency (DISA) for our federal cloud service offering.

IL6 accreditation is a powerful endorsement, recognizing that Palantir has met DISA’s rigorous security and compliance standards and making it easier for U.S. Government entities to use Palantir products for some of their most sensitive work.

The road to IL6 accreditation can be challenging and costly. In this blog post, we share how we designed a consistent, cross-network deployment model using Palantir Apollo’s built-in features and controls in order to satisfy the requirements for operating in IL6 environments.

What are FedRAMP, IL5, and IL6?

With the rise of cloud computing in the government, DISA defined the operating standards for software providers seeking to offer their services in government cloud environments. These standards are meant to ensure that providers demonstrate best practices when securing the sensitive work happening in their products.

DISA’s standards are based on a framework that measures risk in a provider’s holistic cloud offering. Providers must demonstrate both their products and their operating strategy are deployed with safety controls aligned to various levels of data sensitivity. In general, more controls mean less risk in a provider’s offering, making it eligible to handle data at higher sensitivity levels.

Palantir IL6 Security Requirements with Apollo Blog Embedded Image 2023

Impact Levels (ILs) are defined in DISA’s Cloud Computing SRG as Department of Defense (DoD)-developed categories for leveraging cloud computing based on the “potential impact should the confidentiality or the integrity of the information be compromised.” There are currently four defined ILs (2, 4, 5, and 6), with IL6 being the highest and the only IL covering potentially classified data that “could be expected to have a serious adverse effect on organizational operations” (the SRG is available for download as a .zip from here).

Defining these standards allows DISA to enable a “Do Once, Use Many” approach to software accreditation that was pioneered with the FedRAMP program. For commercial providers, IL6 authorization means government agencies can fast track use of their services in place of having to run lengthy and bespoke audit and accreditation processes. The DoD maintains a Cloud Service Catalog that lists offerings that have already been granted PAs, making it easy for potential user groups to pick vetted products.

NIST and the Risk Management Framework

The DoD bases its security evaluations on the National Institute of Standards and Technology’s (NIST) Risk Management Framework (RMF), which outlines a generic process used widely across the U.S. Government to evaluate IT systems.

The RMF provides guidance for identifying which security controls exist in a system so that the RMF user can assess the system and determine if it meets the users’ needs, like the set of requirements DISA established for IL6.

Controls are descriptive and focus on whole system characteristics, including those of the organization that created and operates the system. For example, the Remote Access (AC-17) control is defined as:

The organization:

  • Establishes and documents usage restrictions, configuration/connection requirements, and implementation guidance for each type of remote access allowed;
  • Authorizes remote access to the information system prior to allowing such connections.

Because of how controls are defined, a primary aspect of the IL6 authorization process is demonstrating how a system behaves to match control descriptions.

Demonstrating NIST Controls with Apollo

Apollo was designed with many of the NIST controls in mind, which made it easier for us to assemble and demonstrate an IL6-eligible offering using Apollo’s out-of-the box features.

Below we share how Apollo allows us to address six of the twenty NIST Control Families (categories of risk management controls) that are major themes in the hundreds of controls adopted as IL6 requirements.

System and Services Acquisition (SA) and Supply Chain Risk Management (SR)

The System and Services Acquisition (SA) family and related Supply Chain Risk Management (SR) family (created in Revision 5 of the RMF guidelines) cover the controls and processes that verify the integrity of the components of a system. These measures ensure that component parts have been vetted and evaluated, and that the system has safeguards in place as it inevitably evolves, including if a new component is added or a version is upgraded.

In a software context, modern applications are now composed of hundreds of individual software libraries, many of which come from the open source community. Securing a system’s software supply chain requires knowing when new vulnerabilities are found in code that’s running in the system, which happens nearly every day.

Apollo helped us address SA and SR controls because it has container vulnerability scanning built directly into it.

Figure 1: The security scan status appears for each Release on the Product page for an open-source distribution of Redis

When a new Product Release becomes available, Apollo automatically scans the Release to see if it’s subject to any of the vulnerabilities in public security catalogs, like MITRE’s Common Vulnerabilities and Exposure’s (CVE) List.

If Apollo finds that a Release has known vulnerabilities, it alerts the team at Palantir responsible for developing the Product in order to make sure a team member updates the code to patch the issue. Additionally, our information security teams use vulnerability severity to define criteria for what can be deployed while still keeping our system within IL6 requirements.

Figure 2: An Apollo scan of an open-source distribution of Redi shows active CVEs

Scanning for these weak spots in our system is now an automatic part of Apollo and a crucial element in making sure our IL6 services remain secure. Without it, mapping newly discovered security findings to where they’re used in a software platform is an arduous, manual process that’s intractable as the complexity of a platform grows, and would make it difficult or impossible to accurately estimate the security of a system’s components.

Configuration Management (CM)

The Configuration Management (CM) group covers the safety controls that exist in the system for validating and applying changes to production environments.

CM controls include the existence of review and approval steps when changing configuration, as well as the ability within the system for administrators to assign approval authority to different users based on what kind of change is proposed.

Apollo maintains a YML-based configuration file for each individual microservice within its configuration management service. Any proposed configuration change creates a Change Request (CR), which then has to be reviewed by the owner of the product or environment.

Changes within our IL6 environments are sent to Palantir’s centralized team of operations personnel, Baseline, which verifies that the Change won’t cause disruptions and approves the new configuration to be applied by Apollo. In development and testing environments, Product teams are responsible for approving changes. Because each service has its own configuration, it’s possible to fine-tune an approval flow for whatever’s most appropriate for an individual product or environment.

Figure 3: An example Change Request to remove a Product from an Environment

A history of changes is saved and made available for each service, where you can see who approved a CR and when, which also addresses Audit and Accountability (AU) controls.

When a change is made, Apollo first validates it and then applies it during configured maintenance windows, which helps to avoid the human error that’s common in managing service configuration, like introducing an untested typo that interrupts production services. This added stability has made our systems easier to manage and, consequentially, easier to keep secure.

Incident Response (IR)

The Incident Response (IR) control family pertains to how effectively an organization can respond to incidents in their software, including when its system comes under attack from bad actors.

A crucial aspect to meeting IR goals is being able to quickly patch a system, quarantine only the affected parts of the system, and restore services as quickly as is safely possible.

A major feature that Apollo brings to our response process is the ability to quickly ship code updates across network lines. If a product owner needs to patch a service, they simply need to make a code change. From there, a release is generated, and Apollo prepares an export for IL6 that is applied automatically once it’s transferred by our Network Operations Center (NOC) team according to IL6 security protocols. Apollo performs the upgrade without intervention, which removes expensive coordination steps between the product owner and the NOC.

Figure 4: How Apollo works across network lines to an air-gapped deployment

Additionally, Apollo allows us to save Templates of our Environments that contain configuration that is separate from the infrastructure itself. This has made it easy for us to take a “cattle, not pets” approach to underlying infrastructure. With secrets and other configuration decoupled from the Kubernetes cluster or VMs that run the services, we can easily reapply them onto new infrastructure should an incident ever pop up, making it simple to isolate and replace nodes of a service.

Figure 5: Templates make it easy to manage Environments that all use the same baseline

Contingency Planning (CP)

Contingency Planning (CP) controls demonstrate preparedness should service instability arise that would otherwise interrupt services. This includes the human component of training personnel to respond appropriately, as well as automatic controls that kick in when problems are detected.

We address the CP family by using Apollo’s in-platform monitoring and alerting, which allows product or environment owners to define alerting thresholds based on an open standard metric types, including Prometheus’s metrics format.

Figure 6: Monitors configured for all of the Products in an Environment make it easy to track the health of software components

Apollo monitors our IL6 services and routes alerts to members of our NOC team through an embedded alert inbox. Alerts are automatically linked to relevant service logging and any associated Apollo activity, which has drastically sped up the remediation process when services or infrastructure experience unexpected issues. The NOC is able to address alerts by following runbooks prepared for and linked to within alerts. When needed, alerts are triaged to teams that own the product for more input.

Because we’ve standardized our monitors in Apollo, we’ve been able to create straightforward protocols and processes for responding to incidents, which means we are able to action contingency plans quicker and ensure our systems remain secure.

Access Control (AC)

The Access Control (AC) control family describes the measures in a system for managing accounts and ensuring accounts are only given the appropriate levels of permissions to perform actions in the system.

Robustly addressing AC controls includes having a flexible system where individual actions can be granted based on what a user needs to be able to do within a specific context.

In Apollo, every action and API has an associated role, which can be assigned to individual users or Apollo Teams, which are managed within Apollo and can be mirrored from an SSO provider.

Roles necessary to operating environments (e.g. approving the installation of a new component) are granted to our Baseline team, and are restricted as needed to a smaller group of environment owners based on an environment’s compliance requirements. Team management is reserved for administrators, and roles that include product lifecycle actions (e.g. recalling a product release) are given to development teams.

Figure 7: Products and Environments have configurable ownership that ensures the right team is monitoring their resources

Having a single system to divide responsibilities by functional areas means that our access control system is consistent and easy to understand. Further, being able to be granularly assign roles to perform different actions makes it possible to meet the principle of least privilege system access that underpins AC controls.

Conclusion

The bar to operate with IL6 information is rightfully a high one. We know obtaining IL6 authorization can feel like a long process — however, we believe this should not prevent the best technology from being available to the U.S. Government. It’s with that belief that we built Apollo, which became the foundation for how we deploy to all of our highly secure and regulated environments, including FedRAMP, IL5, and IL6.

Additionally, we recently started a new program, FedStart, where we partner with organizations just starting their accreditation journey to bring their technology to these environments. If you’re interested in working together, reach out to us at fedstart@palantir.com for more information.

Get in touch if you want to learn more about how Apollo can help you deploy to any kind of air-gapped environment, and check out the Apollo Content Hub for white papers and other case studies.

This post originally appeared on Palantir.com and is re-published with permission.

Download our Resource, “Solution Overview: Palantir—Apollo” to learn more about how Palantir Technologies can support your organization.

Cybersecurity Initiatives from TechNet Cyber 2023

Posted on by
Reply

The global prominence of technology, cyber power and cybersecurity is vital to U.S. political and economic success. At TechNet Cyber 2023, a conference held in Baltimore, Maryland, Government, industry and academic partners discussed solving global security needs. This year’s conference, which took place May 2-4, focused on numerous topics including Zero Trust, multicloud and defense strategies against bad actors.

Thunderdome: The New Zero Trust Framework

Thunderdome is the new Zero Trust framework to improve cyber security and posture, created by the Defense Information Systems Agency (DISA), a combat support agency that provides information technology and communications support. Lieutenant General Robert Skinner, the director of DISA, attests that Thunderdome meets 131 of 153 key standards that were laid out by the Department of Defense (DoD) as a part of its strategy for Zero Trust. With that and further growth, Thunderdome is well on its way to being a vital part of Zero Trust cybersecurity.

Carahsoft TechNet Tradeshow Blog Embedded Image 2023However, Thunderdome is not a one size fits all solution, as its scalability and modularity will require ongoing assessment. At the event, Lieutenant General Skinner highlighted three key components to understanding where Thunderdome fits into agencies. They are known as the “three Ps:” posture, position and partnerships. The first part, posture, evaluates where an agency stands with its technology and processes in relation to its cyber posture. The second element, position, is the utilization of these resources to achieve the best results. And lastly, partnerships form the cornerstone of maximizing business capabilities. In relationships with allies and partners, all participants can help each other and ensure that they are all on the same page.

Much of this manifests in Thunderdome’s process of improving agency posture with regards to the workforce. Through education, the right training, retention and hiring those with the right skillsets, agencies can improve their industry posture. Lieutenant General Skinner stressed that to support the current workforce, it is vital for agency leaders to “know and understand what their capabilities are to move them in the right place.”

The Pentagon’s MultiCloud Environment

The Pentagon’s multicloud environment is designed to give practitioners access to the best of technology. However, the complexity of the multicloud environment can lead to issues if not managed correctly. To combat this, Armon Dadgar, HashiCorp’s CTO and Co-founder, recommends forming a consistent way for practitioners to set up cybersecurity infrastructure on other platforms. As agencies seek to decomplexify systems, one way to achieve this in both the public and commercial sector is by establishing a consistent approach to the multicloud. Agencies should be intentional about instituting abstraction layers and begin by defining a central platform team to create a common blueprint across environments. This way, there is an organized standard for future processes.

Threats to Cybersecurity

Wanda Jones, a principal cyber advisor of the U.S. Air Force, discussed how to protect against hackers with evolving threats. Bad actors are aggressive, always moving and attacking industry’s weak spots. The best way to defend capabilities is to detect threats early on and respond in a timely manner. Agencies must always be monitoring and improving to stay on the offensive. A solid start to improving the Zero Trust is improving security architecture and providing access to those with known identities within the agency.

With the continued focus on cybersecurity, the Federal Government maintains the public’s safety and security.

 

To learn more about the topics discussed at TechNet Cyber, View the full Fed Gov Today episode co-sponsored by Carahsoft.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at TechNet Cyber 2023.*

Sea-Air-Space 2023 Showcases Strategic Insights for the Navy

Posted on by
Reply

As the landscape of defense technology across the United States Armed Forces continues to advance and transform, the military must also evolve and adapt with it. At Sea-Air-Space 2023, the Navy League’s Global Maritime Exposition, key leadership from the U.S. defense industry and government technology experts came together for educational and collaborative sessions across a variety of topics. A record number of attendees gathered for the three-day conference where many vendors including Carahsoft and 45 of its partners demonstrated their technology solutions to meet military needs. Fed Gov Today joined Carahsoft on the show floor to speak with military thought leaders on staffing, cybersecurity and more.

Carahsoft Sea-Air-Space Recap Tradeshow Blog Embedded Image 2023Sea Service chiefs attending the conference noted that currently, maintaining and developing the workforce is a high priority for the military as it emphasizes the role of people as resources. Defense agencies are looking to engage young, talented individuals interested in serving the armed forces.

“Whenever you see the defense budget start to go down…a lot of times you’ll see training and education reduced,” Carahsoft’s Program Executive of Navy and Defense Strategy, Mike McCalip, said. “What you end up with is a workforce that can be five or 10 years behind in technology.” To mitigate this, McCalip sees this as an opportunity for industry vendors to “help [the Navy] to educate and keep their workforce on the tip of the spear when it comes to technology.”

Another important concept discussed at Sea-Air-Space was the Department of Defense’s shift to ever evolving Zero Trust. Throughout the conference, Sea Service chiefs and tech vendors fielded many questions and conversations surrounding cybersecurity’s role within defense strategy. Military leaders and vendors shared an eagerness to collaborate and explore opportunities for growth together in the future.

 

Check out the rest of my industry insights and highlights from the event floor at Sea-Air-Space 2023 in my full blog at FedGovToday.com.

Driving Advancements for the U.S. Sea Services at WEST 2023

Posted on by
Reply

In the 21st century, technological security remains one of the most important features of any government agency. Military officials, Government leaders and industry professionals gathered at AFCEA’s WEST 2023, an annual and international Sea Services conference, to discuss the future of security and naval technology in the federal government. This year’s conference featured the Departments of the Navy, the Marine Corps and the US Coast Guard (USCG). At WEST, agencies showcased and reviewed IT initiatives and programs in the context of meeting the needs of the Sea Services.

Opportunities for the USMC

US Marine Corps (USMC) is an amphibious force that engages enemy forces, protects U.S. naval bases, combines armed service with their fleet and responds to global crises.

At WEST, the USMC elaborated on various steps to opportunities to ensure readiness to respond to various threats and challenges. It has:

  • Extended the MQ-9 flying range
  • Gained new approvals for bases
  • Increased funding for various subsets
  • Focused on retaining recruits

During the upcoming year, it aims to:

  • Obtain a minimum of 31 amphibious warships
  • Provide training in realistic conditions
  • Explore expeditionary contracting and pre-positioning
  • Secure continued support from Congress
  • Improve cybersecurity
  • Acquire more personnel

IT professionals from both industry and other government agencies can collaborate with the USMC to help it effectively meet these goals.

Carahsoft WEST 2023 Recap Blog Embedded Image 2023How DISA IT Initiatives Support the USMC

The Defense Information Systems Agency (DISA) is a United States Department of Defense (DoD) combat support agency that provides information technology (IT) and communications support to public officials. When creating security solutions for the USMC, DISA incorporates a variety of helpful features including having all migration efforts interoperable with Zero Trust best practices. This is especially important to gaining continued federal support, as Zero Trust is a vital security model in the federal government.

Over the last year, the pilot for Thunderdome, DISA’s application of the zero trust security model, came to fruition. While its implementation has been difficult, DISA hopes to use Thunderdome to improve the lack of endpoint credential solutions in the DoD by employing conditional access policies and application security stack requirements. Additionally, DISA plans to implement SOAR—Security, Orchestration and Automated Responses—solutions and tools to streamline security operations. Other similar security efforts include automating security validation, implementing endpoint management and advancing micro-segmentation. DISA plans to add multipurpose team collaboration and management tools that can fulfill multiple tasks at once. By channeling increased funding into these initiatives, the USMC can solidify its technological security.

Industry Professionals Driving Innovation

The Navy, and by extension, the USMC, have three main goals in the upcoming year: modernize the department of infrastructure, drive innovation and become more competitive. The tech industry can help the USMC achieve these goals through various technological advancements.

For example, transforming cybersecurity to be rooted in military readiness can help improve the USMC’s defense, speed capability delivery and insights. Quicker capabilities are especially helpful to its goal of acquiring more warships and shifting back to a focus on maritime services. Additionally, USMC must work with agencies that maintain its own Software-as-a-Service (SaaS) tools to implement additional agile tools that can expedite processes, freeing funding for other projects. Other initiatives are to expand the department’s satellite network capabilities beyond sole usage of the cloud, to enable the USMC to access toolkits from multiple systems and to advance internal innovation. These capabilities can help create comprehensive growth in the Navy.

Through a variety of security implementations, government agencies and the IT sector can work together to make the USMC, Navy and Coast Guard as safe and effective as possible. With continued and future partnerships between the government and technology industry, the Sea Services hope to achieve long-term support that will drive fundamental and vital development.

To learn more about AFCEA’s West 2023, visit Carahsoft’s Partners and Events Resource Hub.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at WEST 2023.*

DoDIIS Takeaways: IT Workforce, Partnerships, Interoperability and Data Management

Posted on by
Reply

As the defense and intelligence communities reflect on 2022 and plan for the future, several key takeaways will guide upcoming initiatives. At the Department of Defense Intelligence Information System (DoDIIS) Worldwide, a conference sponsored by the Defense Intelligence Agency (DIA), attendees from the military, industry, government and academia gathered to collaborate and share insights on accomplishing the Department of Defense’s mission.

Agency leaders highlighted that every aspect of the Department of Defense (DoD) and Intelligence Community (IC) is critically enabled by IT. Not only is IT the first-in and last-out function for every crisis, oftentimes IT is the mission, not just a supporting role. The DIA recognizes that to innovate with current technology and invest in emerging tech, the journey to maximum productivity often includes the critical evaluation of processes and programs. With IT, misuses must be corrected, software needs to be transparent to users and technology simplified to promote a seamless integration. In essence, IT should be viewed as an evolution instead of a revolution.

To accomplish these goals, the DIA laid out its five main areas of prioritization for the coming years:

  • IT workforce retention
  • JWICS modernization, resilience and autonomy
  • DoDIIS modernization
  • International connectivity and partnerships
  • Capability delivery pipeline with Zero Trust and data management

The first part of this two-part blog series covers the discussions of DoD and IC challenges in relation to IT workforce development and retention, partnerships and interoperability and data management. The second blog will cover the enabling technology being deployed including artificial intelligence (AI), machine learning (ML) and the cloud.

Carahsoft DoDIIS Recap Blog Embedded Image 2023IT Workforce Development and Retention

The DoD and IC have encountered challenges upskilling the workforce and uncovering new talent. To fill the gap in applicants, the DIA and IC have turned to contract hires and those from industry who want to spend only a few years in government. The DIA also offers an Education With Industry (EWI) Program where DIA employees can get joint duty credit while working with an industry partner. In addition, the DIA and National Geospatial Intelligence Agency (NGA) have developed recruiting programs for high schoolers and partnerships with local universities to offer high school internships in hopes of encouraging students to develop interest in a government career.

High competition for talent has increased the need for retention incentives and additional education so agencies can maintain the current workforce. To address these concerns, the DoD and IC have begun modernizing their HR systems and seek to automate HR processes and provide self-service capabilities in hopes of expediting the talent acquisition timeline. Another endeavor includes modernizing training platforms for current employees to keep their skillsets up to date. Investing in continuing-education for these agency subject matter experts is important since they play an essential role in advising commanders and building tech options to address threats. Leadership is looking to academia and industry to source individuals with understanding of the current DoD and IC challenges and the global crises. By pulling from these outlets, the DoD and IC can expedite the process rather than having to train from the ground up with high school recruits. To successfully integrate industry workers into the government sphere, the DoD and IC must adapt to make commercial approaches work as well.

Partnerships and Interoperability

In the realm of defense and intelligence, partnerships and interoperability of technology are key to achieving results that maximize each agencies’ unique capabilities and pool combined strengths. By engaging with other agencies and countries, commanders have access to additional information and options. Investing in these resources offer some resolutions to the DoD’s current challenge of how to rapidly develop new warfighting capabilities while also simultaneously addressing current threats.

These partnerships can make a difference through data sharing, which offers new knowledge to commanders for more informed decision making. To make this information and technology sharing a reality, systems and processes must ensure cross-domain security and allow for interoperability throughout data sourcing countries and agencies. Partnering more significantly with Five Eyes countries (FVEY), will be a major source of increased intelligence as the DIA shifts towards integrating systems. In the near future, any DIA cybersecurity programs that do not align and add value to the FVEY countries will be either adapted or removed.

DoD and IC leaders also hope to collaborate with allies such as the Five Eyes to establish baseline international policies that will open doors for easier parity of information and comparability of systems and technology. Without a universal frame of reference, definitions, and laws, practical progress and innovation is impeded.

Connecting with industry has proven to be another valuable resource as DoD and IC leaders are seeking to better understand the full capabilities of current and emerging technology and gain insight into how industry can solve mission challenges. The DoD and IC desire to foster a culture that values systematic, strategic and equitable private sector engagement as well as addresses barriers to those relationships.

Involving the community through continued conversations and strong alliances provides an integrated deterrent and an advantage over the adversary. While these partnerships have taken a back seat in the past, DoD and IC leaders believe that this needs to be a crucial change and take priority.

Data Management

One of the main cruxes for the DoD and IC is harnessing the power of data. Since everything begins with data, the DoD and IC recognize the responsibility to think and act strategically from data collection to exploitation, dissemination and disposal, and seek to improve current data handling methods. Dr. Stacey A. Dixon, Principal Deputy Director of National Intelligence, believes that developing strategies in the IC to accelerate delivery of that data to those that need it, is the greatest challenge of our time for defense and the IC. Currently the DoD has crossed the limit of data input, overwhelming existing data strategies and making data too siloed, too slow and too hard to find to successfully stay ahead of threats. As the volume of data increases, several measures must be put in place to leverage the wealth of information.

According to DoD and IC officials, the one thing industry and government agencies alike can collectively improve, is interoperability; however, unless data source countries’ systems are secure and the data can be worked together, this cannot be accomplished. Because a large, diverse set of data is needed for good ethics and proper execution, the DoD and IC look to gain increased ability to integrate data across classification levels. Maintaining Zero Trust and consistent monitoring is also critical to freeing the data from other sources.

Over the coming years, the DoD and IC seek to implement widespread data tagging as a foundation for effective data management and quality results. This will allow the combining of commercial and government data to merge with the context and experience that the DoD and IC possess to achieve well rounded, sound decisions.

The Office of the Director of National Intelligence (ODNI) released its IC Data Strategy 2023-2025, which outlines its plans for improving the management and use of data. The strategy aims to leverage data to operate, collaborate and communicate at any time, in any place and in any security domain at speed, scale and securely. To achieve this transformation, the strategy focuses on four areas: performing end-to-end data management, delivering data interoperability and analytics at speed and scale, seeking advanced partnerships for continued digital and data innovation, and transforming the IC into a data-driven enterprise. Finally, it outlines a modular and agile framework that integrates business, functional, technical, security and data standards to provide a blueprint for the use of data in the IC.

Dr. Raj G. Iyer, former CIO for Information Technology Reform, Office of the Secretary of the Army, stated that data will be the new ammunition. At the end of the day, it comes down to enabling optionality for commanders, enabling mission command and enabling a common operating picture. Dr. Iyer emphasized that this is not a technology strategy, but a digital transformation to change operating models and leverage data in ways that U.S. competitors have not.

Utilizing artificial intelligence, machine learning and the cloud will empower these goals. Read part two of this series to find out more.

 

Check out our Fast Facts and Future Initiatives of the DoD and IC Resource for more information and key insights for the IT industry.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DoDIIS 2022.*

The Pros and Cons of Low-code in Cybersecurity Environments

Posted on by
Reply

In the past, new technology solutions required highly experienced developers to compile certain coding languages, understand specific technologies and utilize specialized software. On top of these challenges, traditional development platforms limited innovation. Now, organizations have a new and improved development option, which can reduce time and costs while increasing customizability, automation and growth, known as low-code platforms.

Low-code can be implemented in various ways, but in the cybersecurity realm, it is often used to automate and streamline processes, such as cybersecurity operations. Low-code platforms allow digital teams to access capabilities and customizable technologies and tools that empower them to quickly produce valuable innovations, applications, and solutions with little to no limitations. Gartner predicts that 70% of new applications will use low-code or no-code technologies by 2025. As a result, application development will shift to allow teams to focus more on assembly and integration rather than development, resulting in improved efficiency, enhanced employee satisfaction and increased productivity.

For the Department of Defense (DoD) cybersecurity professionals, low-code presents an array of benefits and challenges. While it creates agility, simplification and innovation, low-code can also introduce cybersecurity risks and vulnerabilities.

Challenges of Low-Code in DoD Environments

When implementing any new process or platform, the DoD must pay attention to overall security and identify any potential risk factors that could infiltrate the environment. The DoD faces a unique challenge when considering low-code: supply chain management and ensuring the secure execution of low-code to avoid presenting new threats to its organization. For example, borrowing and leveraging unverified code from the internet can cause significant problems among an organization’s platforms. Copying and pasting code without testing it can lead to bugs, errors and inaccuracies that can slow down and harm an environment, creating further security issues.

Tychon Low-Code Cybersecurity Blog Embedded Image 2023For cybersecurity and zero trust professionals within the industry, this idea of obtaining and launching bad content is particularly challenging as they strive to protect their organization’s operations. These groups must also be prepared to identify insider threat and guarantee security when utilizing a truly limitless customization of content like low-code. Organizations must ensure new code is protected yet unrestricted. Otherwise, they run the risk of negating the purpose of a low-code platform. Ultimately, the sources and employees creating and executing new low-code must be trusted entities to avoid problems like data leaks, exploitation and cyber-attacks.

Benefits of Low-Code in Cybersecurity

While there are clear risks, the benefits to using low-code solutions continue to make it a desirable cybersecurity option. It offers the flexibility to stay ahead of emerging threats, while simultaneously saving on costs. Ultimately, low-code development enables organizations to keep pace with an ever-changing security landscape.

  • Respond immediately to emerging threats: Local platforms help an organization to become more agile. Customized low-code content enables organizations to respond quickly when existing security tools may not be able to support the software system and prevent or stop a threat.
  • Quickly create custom features: The flexibility of low-code within local platforms allows for the creation of features to match the immediate needs of an organization instead of waiting for the release of the latest software which may or may not solve the problem. The progression of low-code implementation increases the longevity and growth of an organization.
  • Build upon low-code and local platforms to save on costs: A low-code solution along with the implementation of a local platform should be able to fulfill multiple use cases and eliminate various other tools from an organization’s toolbox. Once a local platform is implemented, limitations can be lifted and advancements or replacements can be made to older legacy systems instead of purchasing multiple new tools. This saves costs for security and asset management teams.

Eliminating Risk in Low-Code Capabilities in Cybersecurity Today

The good news for cybersecurity organizations is that they can easily mitigate low-code risks and challenges with proper access controls and a simple deployment process. Any new code created for government customers or internal purposes should undergo rigorous and reliable testing through multiple levels of technical experts within an organization to ensure quality, validity and trustworthiness. Additionally, testing in a simulation of the customer’s intended environment for that code should only be a matter of minutes, ensuring a smooth production process once the code has been executed.

If purchasing a low-code solution from a third-party vendor, organizations should investigate their internal code reviews, Quality Assurance testing and delivery methods to ensure strict standards are being met. Features such as signed content, restricted third party binary executions, and more help ensure an organization can take advantage of the numerous benefits of a low-code platform without introducing risk and vulnerabilities.

The Future of Low-Code

Today’s advanced artificial intelligence-driven technology, combined with natural language processing, enables everyday employees to create complex code by simply asking a question. The local community base within organizations now has the power to heighten efficiency, productivity and creation for their deployments with quicker, more customized low-code content. Low-code and local platform capabilities provide the freedom to create innovative solutions facilitating the growth of their business.

 

Learn more about secure, low-code cybersecurity solutions like TYCHON at tychon.io.

3 Ways DoD Can Strengthen Network Security and Resilience

Posted on by
Reply

In October 2022, CISA (Cybersecurity and Infrastructure Security Agency) revealed that multiple hackers had compromised a defense industrial base organization, gaining long-term access to the environment and exfiltrating sensitive data. And those threats are increasing. Since, 2015 the DoD has experienced over 12,000 cyber incidents.

SolarWinds DoD Network Security and Resilience Blog Preview Embedded 2023Strong, resilient next-generation networks that protect sensitive data and DoD missions and functions have never been more critical. But, with a complex interconnected information environment, how can federal IT teams strengthen cybersecurity and become proactive instead of reactive? Army leaders have spent much time discussing resilient next-generation networking, but action needs to be taken soon.

To achieve greater network resilience, here are three steps that federal IT leaders can take to prepare for an unpredictable future and safeguard its networks – and those of its contractors – from malicious cyber activity.

  1. Progress the DoD’s “defend forward” strategy

The DoD’s “defend forward” strategy is nothing new. First outlined in the 2018 DoD Cyber Strategy, the initiative is designed to “disrupt malicious cyber activity at its source.” This refers to any device, network, organization, or adversary nation that poses a threat to U.S. networks and institutions or is actively attacking them.

Notably, the strategy shifts DoD and U.S. Cyber Command’s cybersecurity program from reactive to proactive. Rather than detect and remediate threats as they arise, defend forward actively seeks out threats and eliminates them.

U.S. Cyber Command restated its pledge to “defend forward” in October 2022, but it’s principles and standards must be extended across the defense industrial base – the networks and systems that contribute to U.S. military advantages.

Government contractors are held accountable for their cybersecurity practices and choices, but for true resilience, DoD security leaders must establish new standards for information sharing with their private sector counterparts.

In addition to standing by DoD’s pledge to share indications and warnings of malicious cyber activity, DoD must continue to move beyond transactional vendor relationships. Toll-free numbers are not enough for federal CISOs – they need a dedicated, trusted, point of contact within each defense contractor. Someone with whom they can have frequent and honest conversations, conduct deliberate planning, and oversee collaborative training that enables mutually supporting cyber activities.

  1. Embrace AIOps: The next big thing in networking

Powered by artificial intelligence (AI) and machine learning, AIOps is a relatively new approach to network monitoring that boosts resilience by reducing the time it takes to discover issues, detect anomalies, and gives network engineers the context they need to remediate – before a threat materializes.

AIOps-powered observability works by automating the complex task of collecting and analyzing network data across the vast DoD network infrastructure and turning that data into actionable intelligence. With this insight, teams can proactively address network or cyber issues and even predict certain situations – such as signs of network intrusion. A key advantage of AIOps is that it observes remedial action taken and uses these observations to automatically respond to future problems without the need for IT’s involvement – thereby ensuring a more resilient, autonomous network.

  1. Layer in multipath monitoring

Enterprise networks have traditionally been comprised of multiple hub and spoke topologies with linear routing paths and clearly defined traffic flows. But hybrid IT, hyperconverged infrastructure, and modern networking have created complex multipath network environments – any given packet can take any number of different routes, all of which are changing at any moment.

Unfortunately, these multipath topographies can’t easily be visualized using traditional network monitoring tools. There’s simply not enough time in the day to diagram the network, let alone proactively monitor the application traffic and hardware links that comprise it.

The answer lies in finding a network performance monitoring tool that combines multipath monitoring with traditional infrastructure monitoring for greater visibility into network security.  Having this insight will allow federal network pros to proactively manage multiple networks, identify issues, and fix them before they get out of hand.

A smarter and more collaborative defense

Network resiliency can be achieved at scale, but it will take a concerted effort. Through greater collaboration between the DoD and private sector, as well as the adoption AIOps-powered observability, the DoD will be better prepared to manage and secure increasingly complex, dynamic military network environments.

 

To learn more about SolarWinds’ AIOps-powered Hybrid Cloud Observability Solution, click here.