By Justin Katz
Feb 03, 2021
Einstein is the Department of Homeland Security’s intrusion detection system. It observes traffic flowing in and out of federal networks, allowing the government to target threats identified by a database of known malware. That makes it unlikely Einstein ever could have detected the malware implanted into SolarWinds Orion because it was delivered to agency networks through a trusted update.
However, overhauling Einstein to identify unknown or zero-day threats would be far too costly, cybersecurity analysts said. The most viable path forward, they argued, would be to install new capabilities, necessarily bolstered by private industry.
Kiersten Todt, formerly executive director of the Commission on Enhancing National Cybersecurity, was blunt about Einstein s record. There are no real strong success stories of Einstein, she said. When you look at what happened with SolarWinds, they essentially outsmarted Einstein.
By Lauren C. Williams
Feb 03, 2021
The Navy has released nearly 60 recommendations on combatting systemic racism and sexism in the ranks as part of a long awaited report on diversity and inclusion.
Chief of Naval Operations, Adm. Michael Gilday, ordered the Task Force One Navy report, which spans 141 pages with 56 recommendations, following the mass protests in response to the police killing of George Floyd last summer. Gilday said the Navy had failed to adequately address systemic racism and sexism in the service. We have fallen short in the past by excluding or limiting opportunity for people on the basis of race, sexual orientation, sexual identity, gender or creed, Gilday said in a statement. Simply put, all Sailors – uniformed and civilian - and applicants for accession to the Navy must be treated with dignity and respect above all else.
By Justin Katz
Jan 20, 2021
Donald Trump issued an executive order on the final night of his presidency aimed at forcing cloud providers to capture more complete records about foreign customers. Foreign actors use United States [cloud services] for a variety of tasks in carrying out malicious cyber-enabled activities, which makes it extremely difficult for United States officials to track and obtain information . before these foreign actors transition to replacement infrastructure, according to a letter from Trump to Congress publicly released in the evening of Jan. 19.
To address those threats, the EO states, the government will move to require cloud providers to keep more complete records of foreign entities that they sell to and potentially require companies to limit certain foreign actors’ access.
By Lauren C. Williams
Jan 20, 2021
Thanks to the changes brought on by the COVID-19 pandemic, bringing your own approved device (BYOAD) is now a high priority for the Defense Information Systems Agency.
That s due in large part to vastly more teleworkers and the temporary deployment of the Defense Department s commercial virtual remote (CVR) Teams environment. As DOD and DISA move to a permanent Microsoft Office 365 solution this summer, the need and demand for BYOAD is expected to increase. With the rollout of CVR and the success of CVR users and the fact that users are working differently with CVR, it is driving us more quickly to BYOAD, Steve Wallace, the systems innovation specialist for DISA s Emerging Technologies Directorate, said during a Jan. 14 AFCEA DC virtual event.
By Lauren C. Williams
Jan 20, 2021
The Defense Department has begun shifting the chief management officer position and duties that Congress repealed in the 2021 defense authorization bill to several entities across DOD, including the CIO.
Deputy Defense Secretary David Norquist pushed out in two memos dated Jan. 11 re-establishing two organizations to bear some CMO responsibilities, and realigning others across the Office of the Secretary of Defense.
One memo resurrected two positions: the Assistant to the Secretary of Defense for Intelligence Oversight office, which will take on the CMO s Division of Intelligence Oversight function, funding and responsibilities, and the Director of Administration and Management, which will take over the CMO s Directorate for Oversight and Compliance and the Directorate for Administration and Organizational Policy. The latter will also take control of the Washington Headquarters Service and the Pentagon Force Protection Agency.