Back to news

September 5, 2024 | International, C4ISR, Security

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Discover how NIST CSF 2.0 and CTEM align to improve proactive cybersecurity through continuous monitoring.

https://thehackernews.com/2024/09/nist-cybersecurity-framework-csf-and.html

On the same subject

  • India's military strength soars with Dhruv deal, countering regional rivals - Army Technology

    March 25, 2024 | International, Land

    India's military strength soars with Dhruv deal, countering regional rivals - Army Technology

    Amid India's efforts towards defence modernisation, a GlobalData analyst highlights the strategic implications.

  • Space Acquisition: Speed May Not Fix Problems, Critics Say

    May 27, 2020 | International, Aerospace

    Space Acquisition: Speed May Not Fix Problems, Critics Say

    "The answer isn't 'we've just gotta go fast'," said one critic. By THERESA HITCHENSon May 26, 2020 at 4:10 PM WASHINGTON: The latest version of the Air Force's long-overdue report to Congress on space acquisition reform fails to address a number of foundational questions, critics say, including: go fast to do what; who gets to decide the what; and who is accountable if things go pear shaped? DoD is asking Congress to cut legislative strings and approve special powers to streamline space acquisition programs worth billions — pushing the need for speed to ensure the US military's technical edge over China and Russia, as first reported by colleague Sandra Erwin. The proposed changes are focused mainly on ways to get the Space Force out from under current acquisition rules, both those imposed by Congress and internally by DoD regulations. They also are “mostly a rehashed list of things that every service has asked for since time immemorial,” one national security space veteran told Breaking D, with a virtual eye roll. Or in the words of the recently-released teaser for the upcoming Netflix comedy “Space Force”: “Your attitude seems to be: ‘Give us money and don't look'.” “The problem is, I think, it's asking for a lot of trust from Congress that in space in particular hasn't been necessarily warranted to date,” said Joshua Huminski, director of the National Security Space Program at the Center for the Study of the Presidency & Congress. A space acquisition report, due to Congress on March 31, was delivered on May 20. Air Force acquisition head Will Roper called a press briefing last Friday to discuss it, only to abruptly cancel a couple hours later with no explanation. A congressional aide told Breaking D on Friday afternoon that they could not release the version of the report transmitted to Congress because it was not a final version; and an Air Force spokesperson later confirmed that — well after business hours on Friday evening and before the long Memorial Day weekend). So, it's not really the final version. The spokesperson said: “The Department of the Air Force continues to work with DoD and interagency partners to finalize the Space Force Alternative Acquisition System report. An initial version of the report was delivered to the Hill, but we anticipate delivering the final report to Congress soon.” As one space analyst notes wryly: “Not exactly a clean rollout.” The nine proposed reforms are required because “current space threats demand a shift to a system that more broadly delivers agile solutions to meet an ever-evolving technical baseline and integrate into an open architecture,” according to the current report language. Three of the recommendations will require legislative changes; one will require agreement from the House and Senate Appropriations Committees. Specifically, the nine recommendations address the following acquisition authorities for the Department of the Air Force and the Space Force: Unique Acquisition Category (ACAT) Thresholds, Major Defense Acquisition Program (MDAP) Definition, and Milestone Decision Authority Delegation for Space Systems. “Efficient Space Procurement (ESP)” Codification for the DAF/USSF. USSF-Unique “New Start” Notification Procedures. Budget Line Item Restructure. Modified JCIDS [Joint Capabilities Integration and Development System that sets program requirements] Approach for Space Systems. New Policy Regarding Key Decision Point and Reporting Requirements for Development, Fielding, and Sustainment of Space Systems. “Useable End Item” Determination Authority. Separate USSF Topline Budget. USSF-Unique Head of Contracting Activity (HCA). As an example of bending the current DoD rules for the Space Force, the “Budget Line Restructure” asks Congress for authority to move money around by combining individual programs within in a large “portfolio” of similar efforts — an effort unlikely to win congressional approval, if past attempts are a guide. Numerous critics noted it goes directly against the intent of Congress when it mandated in 2016 that DoD develop a Major Force Program to allow better tracking of both the macro military space budget and individual projects from year-to-year via a specific, standardized “program element number” in budget documentation. Further, as Breaking D readers know, the report punts on one of the key mandates included in the 2020 National Defense Authorization Act (NDAA): to create a Space Acquisition Executive separate from the Air Force acquisition authority, a position now held by Roper. The NDAA requires that the Air Force appoint a Senate-confirmed assistant secretary for space acquisition and integration. That person, the act said, “will “synchronize with the Air Force Service Acquisition Executive on all space system efforts, and take on Service Acquisition Executive responsibilities for space systems and programs effective on October 1, 2022.” The SAE is to oversee the Space and Missile Systems Center, the Space Rapid Capabilities Office (SpRCO), and the Space Development Agency (SDA) — all of which currently have separate acquisition authorities and lines of oversight. Roper has fought tooth and nail against a fully separate SAE since it was proposed by Congress, according to numerous DoD sources even threatening to resign if it is created outside his purview. Sources close to the debate say that Gen. Jay Raymond, who currently is double hatted as head of the Space Force and Space Command, also does not want to see a change in the status quo that would put another layer of acquisition oversight in the mix. Thus, the current version of the draft report simply states that Roper will hold SAE authority for now. This, several sources said, in reality is a place holder signaling that DoD intends to recommend in future that Congress essentially ditch the idea. “We want to ignore your direction on the separate SAE [Space Acquisition Executive] – thanks, but we know better,” the former national security space official summed up. “And it ain't a signal – it's a shot across the bow.” “On face value, I think it does seem to suggest they are trying to avoid the separate Space Acquisition Executive, which when combined with the bucketing of money is unlikely to be well received by Congress,” Huminski said. “Congress is going to want some balance here, at least I think,” he added. “If the Space Force wants the authority to move money around within the portfolios, they are going to need to provide some measure of confidence to Congress that it is being done in an efficient and transparent manner, which could be the SAE—at least someone accountable for those money moves.” Failure to restructure the space acquisition organization, critics point out, leaves open the critical question of how DoD plans to fix the problem of lack of coordination with the Army and Navy on user equipment, for which they have acquisition authority. (We're looking at you, GPS III.) While the Space Force in the near term will comprise only Air Force personnel either seconded or transferred, the expectation is that eventually it will include Army and Navy personnel as well. A number of critics further charge that the requested changes do not sufficiently address the fact that previous space program cost overruns and schedule delays can be attributed to lack of coherent, coordinated and disciplined management at the program level within Space and Missile Systems Center itself, not due to outside factors. “All of the changes they've asked for are external to the Space Force,” said one former DoD official, rather than taking a hard look at past program management. “Instead it's: ‘Congress has to change; Ellen Lord [DoD acquisition czar] has to change; the JROC [Joint Requirements Oversight Council] has to change.” “The answer isn't ‘we've just gotta go fast',” the official added. “One of the biggest challenges is the proverbial acquisitions rubber meeting the road—unless the Space Force changes what they are buying, changing how they buy it may not matter,” Huminski explained. “If the same architectures and same vehicles and same capabilities are bought, just faster, what was the point of changing anything at all?” DoD sources defend the proposal, saying that Congress asked for, and expected to receive, ‘bold recommendations' on how to change the current space acquisition system. Noting that there are many conflicting pressures, one DoD source said that concerns about transparency and who does what exactly have been overtaken by concerns that the Space Force “be empowered to go fast, innovate, and achieve the space dominance wanted by POTUS.” Another government official keeping tabs on the issue said sympathetically that in some ways, “they are damned if they do, and damned if they don't.” While some in Congress likely will be annoyed by the recommendations push to get out from under current regulations, the source said, others would have complained loudly if DoD failed to move from the status quo. Spokespeople for a number of key House and Senate members involved in defense oversight did not respond to requests for comment. However, DoD sources and several analysts with close Hill ties said Congress is most likely to be concerned by the recommendations that infringe upon Congress's own powers. For example, members of the House and Senate Armed Services Committees are almost certain to protest the recommendation that assumes approval if Congress doesn't respond to “New Start” notifications within 30 days. https://breakingdefense.com/2020/05/space-acquisition-speed-may-not-fix-problems-critics-say

  • Airspace Launches Galaxy Drone Security Solution

    June 25, 2019 | International, Aerospace

    Airspace Launches Galaxy Drone Security Solution

    Source: Airspace Systems Inc. Airspace Systems today introduced Airspace GalaxyTM, the first family of fully-automated, always-on airspace security solutions that accelerate the integration of drones into cities and protects people and property -- on the ground and in the air -- from clueless, careless or criminal drone operators. The new Airspace Galaxy security platform combines input from multiple sensors to detect drone activity at long-ranges, instantly identifies authorized and unauthorized flights, assesses risk, and if necessary and permitted, deploys an autonomous mitigation system to safely capture and remove an unauthorized or malicious drone. “We created Airspace to accelerate the integration of lifesaving drone technologies while giving communities the ability to ensure safe and secure skies,” said Jaz Banga, Airspace co-founder and CEO. “Galaxy is the first crucial step toward creating the trusted environment required to unlock the full potential of drones.” The airspace security company also today announced that cybersecurity veteran David DeWalt has invested in Airspace through the NightDragon Fund, and joined the Airspace board of directors as Vice Chairman. Additionally, Airspace announced that former Federal Aviation Administration Administrator Michael Huerta has joined the company's board of advisors. Airspace developed the Galaxy security platform for business, public venues, government, law enforcement, and the military to protect people, property, and IP from harm. Galaxy was recently deployed to detect and identify drone activity behind the scenes for Major League Baseball during the 2018 World Series games in Boston and Los Angeles, for the San Francisco Police Department in support of the U.S. Navy to protect its annual San Francisco Fleet Week, and in Sacramento for the 36th annual California International Marathon. And in the fall, during the Chairman of the Joint Chiefs of Staff's BLACK DART live-fire exercise, Galaxy was the only airspace security solution to deliver a fully autonomous drone mitigation capability – from takeoff to landing – capturing both stationary and moving targets. “Airspace security is a prerequisite to realize the full potential of the drone economy,” said Huerta. “We are on the verge of many great things that drones can do for us, but without the kind of safety and security Airspace Galaxy offers, we are just one terrible event away from stalling what could be a thriving, multi-billion dollar industry.” We believe in the good that drones can do Drones have already proven critical in disaster response. Firefighters have used them to monitor ongoing fires to focus their efforts, keep themselves safe, and help them save lives. Emergency teams have used drones to survey damage after natural disasters, deliver supplies, and find missing people. But as drones get smaller and cheaper, the potential physical and cyber threats grow exponentially. And regardless of whether a damaging drone event is caused by the naïve or nefarious, the results will be the same: progress derailed, and benefits denied. Airspace developed the Galaxy software platform to protect people, property, and IP by stopping drone threats before they happen. Galaxy: Mobile, Modular, Simple to Operate The critical first step in airspace security is accurate long-range detection of drone activity. As a modular system, Galaxy options include the ability to configure detection based on a customer's site- and mission-specific requirements and includes identification of all types of drones, both signal and non-signal emitting. The Airspace sensors detect anomalies operating from ground level to 400-feet and beyond in the sky, and cover up to a 25-mile radius. Detection comprises three primary functions: radio frequency (RF) sensors that use drone-to-operator communication links to legally identify a drone's unique identifier and launch location, a camera array to minimize false alarms and improve localization, and communication alerts to the Galaxy operator. Galaxy then fuses data from multiple sensors into a single, easy-to-use graphical user interface that is coupled with artificial intelligence (AI) and machine learning to create actionable intelligence for the system to handle automatically or with human override. Users can log in from a browser on their desktop or mobile device to see all pertinent information. Finally, if necessary and permitted by law, the Airspace mitigation option dispatches the Airspace Interceptor drone with a single click. Using advanced guidance systems and powered by AI, the Interceptor autonomously locks onto identified rogue drones and heads them off at high speed without human guidance. Trusted and deployed by the U.S. Department of Defense, the Airspace Interceptor fires a Kevlar net to neutralize and capture unauthorized or malicious drones, and then delivers them to a safe place, preventing damage to either people or property. “Thinking about security in two dimensions is antiquated -- it's just not good enough to keep the bad guys out today,” said DeWalt, who has led two of the biggest companies in cybersecurity – McAfee and FireEye – and is now Delta Air Lines chairman of Safety & Security. “Today you have to protect in three dimensions – basically create an airspace security dome over everything -- events, your company – your entire city.” Among many other positions, DeWalt is the founder of cybersecurity platform NightDragon Security and the managing director of early-stage investor AllegisCyber. He sits on the boards of several cybersecurity firms, including Optiv, Callsign, and Claroty, and he has served on the Department of Homeland Security's National Security Telecommunications Advisory Committee since 2011. DeWalt was president and CEO of McAfee between 2005 and 2012 and was CEO of FireEye between 2012 and 2016. “David's and Michael's experience across the cybersecurity and aviation industries is incredibly relevant to our mission to create autonomous airspace security and our vision of a world of safe and secure skies open for business and social good,” said Banga. “They are both equally strategic assets for Airspace.” Airspace began producing Galaxy solutions that are now ready to deploy in three configurations after raising a $20-million Series A round led by Singtel Innov8 Ventures in March 2017. The company was founded in 2015 by a team from Apple, Google, and Cisco Systems, and backed by SterlingVC – the venture capital arm of the New York Mets – as well as Shasta Ventures, Granite Hill Capital Partner, Singtel Innov8, and S28 Capital. http://www.asdnews.com/news/aerospace/2018/12/20/airspace-launches-galaxy-drone-security-solution

All news