October 2, 2020 | International, Aerospace
WASHINGTON — The U.S. State Department cleared $83.5 billion in Foreign Military Sales cases in fiscal 2020, the highest annual total of FMS notifications since the start of the Trump administration.
The dollar total — spread over 68 FMS cases notified to Congress — represent an increase of roughly $15 billion over FY19 figures. However, that dollar figure comes with a number of caveats that will lower the overall dollar figure of actual sales when negotiations are complete.
FMS notification figures represent potential arms sales that the State Department internally cleared, then passed to Congress through the Defense Security Cooperation Agency. The notifications do not represent final sales; if Congress does not reject the potential sale, it then goes into negotiations, during which dollar figures and quantities of equipment can change.
Four key members of Congress, either individually or collectively, have quietly frozen all major U.S. arms sales to Turkey for nearly two years.
However, while not solid dollars, notifications are a notable way of tracking interest in American arms from foreign partners, and are seen as a leading indicator of final sales to come.
Geographically, the Pacific region led the way with 25 requests totaling $44.1 billion in potential sales. Following that was Europe with 20 requests totaling $21.1 billion; the Middle East with 14 cases totaling $11.5 billion; and Africa with five cases totaling $5.1 billion. Central and South America (three cases) and Canada (one case) each totaled less than $1 billion.
July was the busiest month, with 15 announcements worth $32.5 billion, followed by September with nine announcements worth $17.4 billion. Japan was the largest single customer, with five cases worth an estimated $27.9 billion. The second-highest dollar total for one nation was Switzerland — which leads to the biggest caveat from these numbers.
FMS deals sometimes never come to fruition, and that is particularly true with two cases included in the FY20 figures: Switzerland and the Philippines. In both cases, the State Department moved to preapprove those nations to buy high-end American technology, even though the governments had not selected the winner of their respective internal competitions.
That means that while the Philippines has not decided on its next military helicopter, the U.S. State Department in April announced it cleared potential sales for both AH-1Z helicopters at $450 million and AH-64E Apaches at $1.5 billion.
The case was even starker in Switzerland, where the country was cleared this week to purchase both the F/A-18 Super Hornet for $7.45 billion and the F-35A Joint Strike Fighter for $6.58 billion.
In both those situations, the country has yet to decide if it will purchase any American system, and will not be purchasing both; a decision to buy from elsewhere in both cases would drop the FMS total by almost $16 billion.
September 7, 2021 | International, Land
At first glance, Army 2021 was a display of traditional Russian military might. But behind the scenes were military and civilian industry officials and experts discussing two critical issues facing local businesses.
September 30, 2020 | International, C4ISR, Security
Drew Schnabel The U.S. Department of Defense is set to adopt an initial zero-trust architecture by the end of the calendar year, transitioning from a network-centric to a data-centric modern security model. Zero trust means an organization does not inherently trust any user. Trust must be continually assessed and granted in a granular fashion. This allows defense agencies to create policies that provide secure access for users connecting from any device, in any location. “This paradigm shift from a network-centric to a data-centric security model will affect every arena of our cyber domain, focusing first on how to protect our data and critical resources and then secondarily on our networks,” Vice Adm. Nancy Norton, director of the Defense Information Systems Agency and commander of the Joint Force Headquarters-Department of Defense Information Network, said at a virtual conference in July. How does the Pentagon's AI center plan to give the military a battlefield advantage? The Pentagon's artificial intelligence hub is working on tools to help in joint, all-domain operations as department leaders seek to use data to gain an advantage on the battlefield. Andrew Eversden To understand how the DoD will benefit from this new zero-trust security model, it's important to understand the department's current Joint Information Environment, or JIE, architecture; the initial intent of this model; and why the JIE can't fully protect modern networks, mobile users and advanced threats. Evolving DoD information security The JIE framework was developed to address inefficiencies of siloed architectures. The goal of developing a single security architecture, or SSA, with JIE was to collapse network security boundaries, reduce the department's external attack surface and standardize management operations. This framework helped ensure that defense agencies and mission partners could share information securely while reducing required maintenance and continued infrastructure expenditures. Previously, there were more than 190 agency security stacks located at the base/post/camp/station around the globe. Now, with the JIE architecture, there are just 22 security stacks centrally managed by the Defense Information Systems Agency to provide consistent security for users, regardless of location. “This paradigm shift from a network-centric to a data-centric security model will affect every arena of our cyber domain, focusing first on how to protect our data and critical resources and then secondarily on our networks,” Vice Adm. Nancy Norton, director of the Defense Information Systems Agency and commander of the Joint Force Headquarters-Department of Defense Information Network, said at a virtual conference in July. To understand how the DoD will benefit from this new zero-trust security model, it's important to understand the department's current Joint Information Environment, or JIE, architecture; the initial intent of this model; and why the JIE can't fully protect modern networks, mobile users and advanced threats. Evolving DoD information security The JIE framework was developed to address inefficiencies of siloed architectures. The goal of developing a single security architecture, or SSA, with JIE was to collapse network security boundaries, reduce the department's external attack surface and standardize management operations. This framework helped ensure that defense agencies and mission partners could share information securely while reducing required maintenance and continued infrastructure expenditures. Previously, there were more than 190 agency security stacks located at the base/post/camp/station around the globe. Now, with the JIE architecture, there are just 22 security stacks centrally managed by the Defense Information Systems Agency to provide consistent security for users, regardless of location. Initially, the JIE was an innovative concept that took the DoD from a highly fragmented architecture, in which each agency managed its own cybersecurity strategy, to an architecture in which there is a unified SSA. However, one of the early challenges identified for the JIE was managing cloud cybersecurity as part of the SSA. The components in the JIE — the Joint Regional Security Stacks family's internet access points and cloud access points — have traditionally focused on securing the network, rather than the data or user. As more DoD employees and contractors work remotely and data volumes increase, hardware cannot scale to support them. This has created ongoing concerns with performance, reliability, latency and cost. A cloud-first approach In response, the DoD leverages authorized solutions from the Federal Risk and Authorization Management Program, and it references the Secure Cloud Computing Architecture guidance for a standard approach for boundary and application-level security for impact Level 4 and 5 data hosted in commercial cloud environments. The purpose of the SCCA is to provide a barrier of protection between the DoD Information Services Network and the commercial cloud services that the DoD uses while optimizing the cost-performance trade in cybersecurity. Defense agencies are now exploring enterprise-IT-as-a-service options to move to cloud, and reduce the need for constant updates and management of hardware. Through enterprise-IT-as-a-service models, defense agencies will be able to scale easily, reduce management costs and achieve a more competitive edge over their adversaries. Before the pandemic hit, defense agencies were already moving to support a more mobile workforce, where employees can access data from anywhere on any device. However, a cyber-centric military requires security to be more deeply ingrained into employee culture rather than physical protection of the perimeter. The next evolution to secure DISA and DoD networks is to embrace a secure access edge model with zero-trust capabilities. The SASE model moves essential security functions — such as web gateway firewalls, zero-trust capabilities, data loss prevention and secure network connectivity — all to the cloud. Then, federal employees have direct access to the cloud, while security is pushed as close to the user/data/device as possible. SP 800-27, zero-trust guidance from the National Institute of Standards and Technology, provides a road map to migrate and deploy zero trust across the enterprise environment. This guidance outlines the necessary tenants of zero trust, including securing all communication regardless of network location, and granting access on a per-session basis. This creates a least-privilege-access model to ensure the right person, device and service have access to the data they need while protecting high-value assets. As the DoD transforms the JIE architecture to an as-a-service model with zero-trust capabilities, defense agencies will experience cost savings, greater scalability, better performance for the end user and war fighter, improved visibility, and control across DoD networks — and ultimately a stronger and more holistic cybersecurity capability moving forward. https://www.c4isrnet.com/opinion/2020/09/29/the-dod-needs-data-centric-security-and-heres-why/
September 7, 2018 | International, Aerospace, Naval, Land, C4ISR
By: Aaron Mehta WASHINGTON — Last December, Ellen Lord sat down with reporters and told them that the reorganization of the Pentagon's Acquisition, Technology and Logistics office would be a two-year process. Now, however, Lord believes her Acquisition and Sustainment office will beat that target, easily. “I believe we are going to be pretty squared away” by the first quarter of calendar year 2019, Lord told Defense News in an interview following her appearance at the second annual Defense News Conference. “I believe those last critical slots — a lot of [deputy assistant secretary of defense] slots, a few director slots — will all be filled by March of '19. We're excited to get going on the work,” she said. The AT&L reorganization included splitting the office into two new units — the undersecretaries of Acquisition and Sustainment, led by Lord, and of Research and Engineering, led by Mike Griffin. In July, Deputy Secretary of Defense Pat Shanahan released a memo — obtained first by Defense News — finalizing the structures of the new organizations. Full article: https://www.defensenews.com/smr/defense-news-conference/2018/09/06/as-reorganization-should-be-completed-a-year-ahead-of-time