Web Page sponsored by Cassidian
20 Nov 13. New regulations release by the Defense Department will require contractors to implement information security standards on their unclassified networks as a way to stem the theft of sensitive technical information by hackers. The new rules published on Nov. 18 also require contractors to report cyber intrusions into their networks that result in the loss of unclassified technical data. Acknowledging industry concerns that the proposed rules would have covered all unclassified networks operated by contractors, DOD said “the scope of the rule [was] modified to reduce the categories of information covered. This final rule addresses safeguarding requirements that cover only unclassified controlled technical information and reporting the compromise of unclassified controlled technical information.” The new rules are part of a larger effort outlined in October by Defense Secretary Chuck Hagel to tighten security controls on unclassified networks as a way to stop the loss of what the Pentagon calls “unclassified controlled technical information” through cyber intrusions. In the past, many contractors have been reluctant to publicly disclose network breaches.
“We cannot continue to give our potential adversaries the benefits in time and money they obtain by stealing this type of information,” Frank Kendall, undersecretary of defense for acquisition, technology and logistics, said in a Nov. 19 statement. Neither Kendall nor the new rules identified the “potential adversaries,” but a Chinese military unit was cited in a report released earlier this year. Also at issue were the types of standard security rules that will be implemented to protect unclassified data. DOD said several industry commenters raised the issue of adopting a variety of National Institute of Standards and Technology (NIST) security controls. This could lead to a broader interpretation of the security regulations that could stymie competition, the commenters argued. (Source: Defense Systems)
21 Nov 13. The Air Force is looking to lighten the load warfighters have to carry into the field, in this case by researching new developments in cryptographic key loading devices, including whether they could be incorporated into wearable technology. In a request for information posted to the FedBizOps website, the Air Force said it was interested in next-generation portable key loaders that are as small and light as possible while still meeting military ruggedness requirements. The RFI sets parameters for two types of devices: a portable key loader no heavier than 3 pounds and no larger than 8.75-by-10-by-2.75 inches, with rechargeable, low-maintenance batteries and a range of power-input capabilities; and a smaller PKL-Tactical weighing no more than 1.5 pounds. The Air Force also wants to explore the feasibility of building key loaders into wearable technology, with dimensions of 1.14-by-1.03-by-1.46 inches. Among the questions to be answered are whether the wearable device could meet MIL-STD-810G or another, lesser, ruggedness standard, and how the device could be powered. The request is part of the military’s continual Size, Weight and Power (SWAP) efforts to find smaller, lighter devices for the field while at the same time improving performance. Portable cryptographic key loaders allow warfighters in the field to securely receive, store and send data to compatible equipment. One example is the N/PYQ-10 Simple Key Loader, developed by SAIC in concert with the Army and National Security Agency. (Source: Defense Systems)
29 Nov 13. Mobility, cloud computing and security are high on the Pentagon’s technology roadmap for the coming months and years. The challenge, however, is rolling out these services globally, securely and in a cost-effective manner, said Greg Youst, chief mobility engineer at the Defense Information Systems Agency.