January 29, 2020 | International, C4ISR, Security
The first version of the new cybersecurity requirements the Pentagon wants military contractors to follow could be finalized as soon as Jan. 31.
Katie Arrington, chief information security officer for the Office of the Under Secretary of Defense for Acquisition and the point person for the Cybersecurity Maturity Model Certification (CMMC), told an audience Jan. 28 that she will have the requirements by the end of the month.
The CMMC is a tiered cybersecurity framework that grades companies on a scale of one to five. A score of one designates basic hygiene and a five represents advanced hygiene. Arrington said Jan. 28 that the lowest level will become the default for Department of Defense contracts and will include basic tasks such as changing passwords.
Speaking at an event hosted by the law firm Holland and Knight, Arrington said the new standards won't be in effect overnight. The auditors and assessors who will grade companies need training and new contracts will be slowly phased in.
“The likelihood that any awards will be made until 2021 [of the certification] is, I would say, highly unlikely,” she said. She noted that companies are not required to have CMMC certification until the time of award. “You have a full year to get yourselves set, to get yourself in position.”
According to one slide in her presentation, all new contracts will have the requirements in fiscal year 2026. Arrington expects 1,500 companies to be certified by the end of 2021.
The requirements are expected to be free of jargon and overly technical language that can often make military documents befuddling.
“I asked if it could be created on an eighth grade reading level. Why? Because I'm not smart and I owned a small business and I fell prey to this,” she said. “I needed it to be in something that anybody could adapt to. We hear companies all the time say my nephew is doing my cybersecurity. I need your nephew to read what I need him to do.”
Arrington promised that the requirement would not become a simple checklist, because if it does “I've failed. We failed.”
Moreover, she suggested the framework be reevaluated at least once each year because cyber threats will continue to evolve.
July 13, 2023 | International, Aerospace
/PRNewswire/ -- Pratt & Whitney, an RTX (NYSE: RTX) business, has been awarded a $66 million definitized contract modification for continued F135 Engine Core...
June 2, 2020 | International, Aerospace
The Air Force is proposing turning unarmed military cargo jets into temporary bombers. Cargo jets, with their large internal volume, could launch missiles from safe distances, far away from enemy forces. The Air Force has already successfully tested dropping simulated munitions from the back of airplanes. The U.S. Air Force is looking at arming otherwise unarmed cargo planes, pressing them into service as makeshift bombers. The service believes future wars with adversaries like Russia or China will require plenty of aerial firepower and transport planes, loaded with pallets of cruise missiles, could provide an inexpensive solution. According to Defense News, the Air Force thinks aircraft such as the C-130J Super Hercules and C-17 Globemaster III could become part-time missile trucks. The unarmed aircraft typically shuttle troops and equipment, but in a pinch, would be equipped with “smart pallets” carrying long-range cruise missiles and other munitions. The pallets would be capable of feeding position, navigation, and targeting data to their onboard missiles. Once dropped from the rear of the aircraft, the pallets would quickly release their missile cargoes, sending them downrange to their targets. The larger the aircraft, the more missiles it could carry. https://www.popularmechanics.com/military/aviation/a32714464/air-force-cargo-planes-makeshift-bombers/
December 9, 2020 | International, C4ISR, Security
Mark Pomerleau WASHINGTON — The U.S. military and Australia announced a first-of-its-kind agreement to develop a virtual cyber training range together. U.S. Cyber Command will incorporate Australian Defence Force feedback into the Persistent Cyber Training Environment (PCTE), per a Cyber Training Capabilities Project Arrangement signed Nov. 3. This agreement is valued at $215.19 million over six years and provides the flexibility to develop cyber training capabilities for the future, Cyber Command said in a release Dec. 4. PCTE is an online client that allows Cyber Command's warriors to log on from anywhere in the world to conduct individual or collective cyber training and mission rehearsal. In the physical world, military forces regularly go to a training facility, such as the National Training Center at Fort Irwin, to work on particular concepts or rehearse before deploying. But a robust environment has not existed for the Department of Defense's cyber warriors, creating readiness gaps. The program is run by the Army on behalf of the joint cyber force. “Australia and the U.S. have a strong history of working together to develop our cyber capabilities and train our people to fight and win in cyberspace,” said Australian Army Maj. Gen. Marcus Thompson, the Australian signatory and head of Information Warfare for the Australian Defence Force. “This arrangement will be an important part of the ADF's training program, and we look forward to the mutual benefits it will bring.” In the past, the two countries created cyber training ranges separately, which could take months and stymied cooperation efforts, Cyber Command noted. U.S. officials have long held that the military will never fight alone, and this extends to cyberspace. “This project arrangement is a milestone for U.S.-Australian cooperation. It is the first cyber-only arrangement established between the U.S. Army and an allied nation, which highlights the value of Australia's partnership in the simulated training domain,” said Elizabeth Wilson, U.S. signatory and Deputy Assistant Secretary of the Army for Defense Exports and Cooperation. “To counter known and potential adversarial threats, the Army has recalibrated our strategic thinking; we've made smart decisions to refocus our efforts to invest in the new, emerging and smart technologies that will strengthen our ability to fight and win our nation's wars.” Gen. Paul Nakasone, head of Cyber Command and the National Security Agency, has made partnerships — with other nations, private sector actors and academia — a key pillar of his tenure. Cyber Command has deployed personnel to other nations to conduct what it calls hunt forward missions, which serve the dual role of helping shore up defenses of partners while allowing U.S. cyber personnel to potentially uncover tools used by adversaries to better understand their techniques. Congress, in the annual defense policy bill for fiscal 2021, also authorized a pilot program with Vietnam — which many cyber experts assert is rapidly growing its cyber capabilities — Thailand and Indonesia to enhance their cybersecurity, resilience and readiness of military forces. https://www.c4isrnet.com/cyber/2020/12/04/dod-and-australia-ink-first-ever-cyber-training-partnership/