recentpopularlog in


« earlier   
DoD Announces the Cybersecurity Maturity Model Certification (CMMC) Initiative | Inside Government Contracts
Key takeaways from the CMMC website include:

The initial implementation of the CMMC is for DoD only.  However, the use of CUI terminology rather than covered defense information (“CDI”), which is used in DFARS 252.204-7012, indicates a potentially broader role for this model beyond DoD.
All companies conducting business with the DoD, including subcontractors, must be certified.
The CMMC is expected to combine relevant portions of various cybersecurity standards, such as NIST SP 800-171, NIST SP 800-53, ISO 270001, and ISO 27032, into one unified standard for cybersecurity.  Unlike NIST SP 800-171, which measures a contractor’s compliance with a specified set of controls, the CMMC will more broadly “measure the maturity of a company’s institutionalization of cybersecurity practices and processes.”
The CMMC is expected to designate maturity levels ranging from “Basic Cybersecurity Hygiene” to “Advanced.”  For a given CMMC level, the associated controls and processes, when implemented, are intended to reduce risk against a specific set of cyber threats.  Notably, DoD will assess which CMMC level is appropriate for a particular contract and incorporate that level into Sections L and M of the RFP as a “go/no go” evaluative determination.  This assessment of appropriate maturity levels on a procurement basis is akin to the Cyber Security Model that the United Kingdom’s Ministry of Defence (“MoD”) currently employs for all MoD contracts.
cybersecurity  dod  nist  cmmc  policy 
29 days ago by bwiese
U.S. GAO - Potential Spectrum Interference Associated with Military Land Mobile Radios
"The new Land Mobile Radios operate in the same frequency range--380 Megahertz (MHz) to 399.9 MHz--as many unlicensed low-powered garage door openers, which have operated in this range for years. While DOD has been the authorized user of this spectrum range for several decades, their use of Land Mobile Radios between 380 MHz and 399.9 MHz is relatively new."

"Since DOD began its rollout of the new Land Mobile Radios in 2004, a number of complaints have been reported at several locations near military installations"
GAO  spectrum  interference  DoD  garage-door-openers 
4 weeks ago by pierredv
Government breaches - can you trust the US Government with your data? - Comparitech
Top 10 biggest US government data breaches
These are the top ten largest data breaches of government entities by number of records exposed since 2014.

U.S. Postal Service (DC) – 60,000,000 records – 2018
Office of Personnel Management (DC) – 21,500,000 records – 2015
California Secretary of State (CA) – 19,200,000 records – 2017
Government Payment Service, Inc. (IN) – 14,000,000 records – 2018
Georgia Secretary of State (GA) – 6,000,000 records – 2015
Office of Child Support Enforcement (WA) – 5,000,000 records – 2016
Office of Personnel Management (DC) – 4,200,000 records – 2015
U.S. Postal Service (DC) – 3,650,000 records – 2014
Los Angeles County 211 (CA) – 3,200,000 records – 2018
Washington Department of Fishing and Wildlife (WA) – 2,435,452 – 2016
cybersecurity  gov  dod  databreach 
4 weeks ago by bwiese
ADVANCED PERSISTENT THREAT: Industrial Strength Hacking – Internet Security Alliance
February 8, 2011
By Sounil Yu (Booz Allen Hamilton)

Why have you chosen to stay at Booz Allen?

The firm’s leadership has good strategic insight and a long-term vision, and that’s important to me. For example, Booz Allen had anticipated that the nation would need a homeland defense strategy, so it developed one—years before 9/11. We had the ideas ready when the client wanted to launch the Department of Homeland Security. In addition, people are Booz Allen’s greatest asset, and this is reflected in the way I’ve been rewarded and been able to grow professionally. The firm pays attention to its frontline leaders, who then guide the staff, and to its Core Values, so it can develop a community of people who share its culture.

To view the original article please click here.

What type of work do you do at Booz Allen?

I design the security architecture for major networks and systems and conduct research and development activities in network analysis. Some of my more interesting projects involve helping build layered defenses around major U.S. military and government networks and root out intrusions into them. I’m often assigned difficult, complex challenges that help me improve my technical competencies and problem-solving skills.

What excites you about your work?

I enjoy projects that make a difference, and the one I’m involved in has huge impacts; I see the results of my work as it unfolds. Right now, we’re watching the security posture of a mission-critical network evolve because of specific recommendations that the firm made. Not all the work we do has that kind of impact, but when it gets headline coverage or immediate implementation, that’s exciting.

Do you have a mentor at Booz Allen?

I find mentors by being proactive and seeking out individuals to coach me. And there’s no shortage of people who are willing to help, at all levels. Most managers act as role models for the behavior they want to see in their teams. When I thanked one Vice President for his guidance, he replied, “That’s my job.”

What differentiates Booz Allen from other companies that you could work for? What makes Booz Allen special?

Booz Allen advocates that people be “mobile” in their aspirations. There was a freedom in choosing the career path I am on today; the firm gave me the resources to follow my career goals and equipped me with skills, but it’s up to me to follow through.

How has Booz Allen helped you be ready for what’s next in your career?

I look for challenges where I can use my skills to the fullest, have positive impact, and go home feeling that I made a difference. I’ve received a great deal of training, which is part of the investment that Booz Allen makes in all employees, and I’ve been given great opportunities to apply and hone my skills across a wide range of public and commercial sector clients.
apt  cybersecurity  dod  military  leadership 
5 weeks ago by bwiese
SDF avoids fight with Trump over budget cut - al-Monitor
Congress cut $100 million from that figure in an appropriations reduction in December after Trump signed the Defense Department’s annual authorization that requested a higher figure. It wasn’t immediately clear why the Pentagon had decided to trim the military aid, though the agency slashed funding for the SDF by $200 million from the previous year in its budget for fiscal year 2020.
SDF  budget  Mar15  congress  DoD 
5 weeks ago by elizrael
Pentagon report: DoD needs to test how satellites would perform under attack -
"The Defense Department’s director of operational test and evaluation warns in a new report that the military today is not able to assess the durability of its satellites if they came under attack."

Quote of Behler: "... the DoD currently has no real means to assess adequately the operational effectiveness, suitability and survivability of space-based systems in a representative environment."

"The 2019 report echoes many of the same problems the DOT&E office has identified in recent years on the Global Positioning System constellation. Testers said the disjointed management of the GPS enterprise of satellites, ground systems and user equipment continues to plague the program.

The report again cautions that the Air Force is not able to properly test the resilience of its new GPS 3 satellites against orbital threats. It also notes that GPS user receivers continue to face schedule slips and are years behind schedule."
SpaceNews  DoD  GPS 
8 weeks ago by pierredv
Protecting Wideband RF Systems In Congested Electromagnetic Environments, Jan 2020
"The Wideband Adaptive RF Protection (WARP) program seeks to enhance protections for wideband receivers operating in congested and contested EM environments. The goal is to develop wideband, adaptive filters and analog signal cancellers that selectively attenuate – or cancel – externally generated interference signals (from adversarial jamming, for instance) and self-generated interference signals (like those created by a radio’s own transmitter) to protect wideband digital radios from saturation."
RF  filtering  DoD  Interference 
8 weeks ago by pierredv
U.S. Special Operations Forces Overemphasize Combat Experience, Review Says - The New York Times
"The Special Operations Command’s review found no “systemic ethics problem” in its forces, which include elite units from the Army, Navy, Air Force and Marine Corps. But it found “remarkable similarity” in the cultural issues it uncovered across the command, from entry-level trainees to elite counterterror units like Delta Force and SEAL Team 6."
navy  army  marines  military  america  DOD  abuse  murder  rape  crime  ethics 
8 weeks ago by conner

Copy this bookmark:

to read