//
Army Begins Unified Directory Service Implementation
Published on
NETCOM kicks off transition to Army Unified Directory Service to provide immediate connectivity for soldiers

The U.S. Army’s Network Enterprise Technology Command, or NETCOM, has started implementing a cloud-based directory and device management platform to deliver enhanced security and capabilities to warfighters worldwide.

The Army said Wednesday it will transition all unclassified end-user computers to the Army Unified Directory Service, or AUDS, by the end of September.

What Is AUDS?

AUDS seeks to merge all unclassified Army directories into a single, unified network to help streamline user and device management.

The platform is leveraging artificial intelligence to facilitate integration with a threat intelligence network and facilitate proactive response to emerging threats. It also applies threat detection and endpoint protection measures to improve security.

Improving User Experience

With AUDS, warfighters can access Teams, Outlook and other Army 365 applications from compliant devices without the need for a VPN. 

The device management platform also offers single sign-on features and provides standardized network access controls to ensure seamless connectivity.

Facilitating AUDS Transition

NETCOM has been conducting weekly administrator training and leader orientation sessions to facilitate the transition to AUDS. The command will also configure new systems to meet the AUDS standard.

The military branch is directing commands to submit required software to the AUDS approved product list through the Army Enterprise Service Management Portal.

Gain insights into modernization imperatives, force structure optimization, national security missions and more at the Potomac Officers Club’s 2025 Army Summit on June 18. Register here.

POC - 2025 Army Summit
/
Google Urges Some Remote Staff to Return to Office
Published on
Google is requiring a return-to-office policy for some remote workers

Google has asked some remote employees to show up at the nearest office at least three days a week if they want to keep their jobs, CNBC reported Wednesday.

Courtenay Mencini, a spokesperson for Google, said the decisions concerning return-to-office arrangements for remote staff are not companywide but are based on individual teams.

“As we’ve said before, in-person collaboration is an important part of how we innovate and solve complex problems,” Mencini said in a statement to CNBC. “To support this, some teams have asked remote employees that live near an office to return to in-person work three days a week.” 

Prioritizing Investments in AI

The technology company has been downsizing various business units in an effort to cut costs, streamline operations and prioritize investments in artificial intelligence and related infrastructure.

Voluntary Exit Packages

At the start of the year, several units within Google started offering voluntary exit plans to some full-time employees.

According to the report, Google Technical Services has required employees to return to the office for a hybrid work schedule or take a voluntary exit plan. The unit also offers a one-time relocation package to remote workers who want to move closer to a Google office.

Remote staff at Google’s human resources unit, called People Operations, who live within 50 miles of an office have been told to either opt for a hybrid work arrangement or prepare to leave the company by June.

//
Rick Muller: IARPA Eying LLMs for Next AI Cyber Research
Published on
IARPA Director Rick Muller talking about large language models

Rick Muller, director of the Intelligence Advanced Research Projects Activity, said IARPA considers large language models a major focus area for its next artificial intelligence cybersecurity research program, Federal News Network reported Wednesday.

“What we want to be able to do is understand in the next round, what kind of training skews are brought into a large language model that might give unintended consequences? What type of hallucinations are going on?” Muller said Tuesday at an Intelligence and National Security Alliance-hosted event.

“And then how can we make sure that those models can be trained on classified data and not spew out that data if you ask them nicely?” he continued. “If you read the literature in jailbreaking large language models, sometimes it really just takes asking them in the right way.”

IARPA is now considering the next round of AI research as its current program, TrojAI, is set to conclude this year.

What Is TrojAI?

Launched in 2019, TrojAI is an IARPA program that seeks to defend AI systems from malicious attacks, known as Trojans, by conducting research and developing technology to detect such attacks in a completed AI system.

The program aims to deliver software that can quickly and accurately detect Trojans in AI tools before deployment. It has focused research on various AI domains, including image classification, reinforcement learning and natural language processing.

In September 2023, IARPA hosted a challenge with the National Institute of Standards and Technology to prevent malicious actors from manipulating data used to train AI systems.

Register now for the Potomac Officers Club’s 2025 Cyber Summit on May 15. Listen to experts as they discuss new cyber policies, modernization strategies and other trends shaping the cyber domain.

POC - 2025 Cyber Summit
/
CISA, Partners Defend CI Systems Against Simulated Cyberthreat
Published on
The power grid and other critical infrastructures are vulnerable to cyberattacks.

The Cybersecurity and Infrastructure Security Agency hosted an exercise that aims to prepare different organizations to secure and protect critical infrastructure systems. At its Control Environment Laboratory Resource, CISA said representatives from the Department of Homeland Security’s Science and Technology Directorate, the Idaho National Laboratory, Louisiana State University and critical infrastructure operators respond to a simulated cyberattack. 

Strengthening Critical Infrastructure Resilience

During the two-day event, attendees had to fend off attacks by a technical team posing as sophisticated adversaries in a live environment with IT and OT traffic. The exercise utilized the CELR chemical processing platform, which is located in Idaho and operated by INL for CISA. 

The goal was to detect and respond to kinetic cyberattacks on industrial control system elements such as human-machine interfaces, supervisory control and data acquisition, and programmable logic controllers.

“Collaborating with LSU and industry partners is extremely beneficial in strengthening the nation’s cybersecurity knowledge and ability to respond to threats,” commented Matt Hartman, deputy executive assistant director for cybersecurity at CISA. “This training is another step in our shared vision to expand the opportunity for critical infrastructure entities to strengthen their cybersecurity using CELR.”

What Is CELR?

The laboratory provides a space for government and industry to test technologies and practices related to securing critical infrastructure systems and build new capabilities to defend against emerging threats. 

According to Tim Huddleston, cybersecurity program manager for the INL, the CELR offers an immersive environment where partners can experience realistic cyberattacks. He added that the Idaho-based laboratory hosts five ICS testbeds sponsored by CISA.

“We were proud to host industry partners and academia in this exercise, helping them improve their skills in cyber hunting and incident response, which reduces the risk from malicious cyber actors,” Huddleston said.

Learn more about the cyberthreats the nation and international partners face at the Potomac Officers Club’s 2025 Cyber Summit on May 15. Register for the in-person event now!

CISA, Partners Defend CI Systems Against Simulated Cyberthreat
//
NSA Issues Smart Controller Cybersecurity Protocols for OT Environments
Published on
NSA Issues Smart Controller Cybersecurity Protocols for OT Environments

The National Security Agency has recommended security policies and technical requirements for smart controller devices installed for operational technology in national security systems, or NSS. The recommendations address new risks from the rising combination of IT and OT systems, as well as growing adversarial cyberthreats, NSA said Wednesday. 

Vulnerable Cyberattack Targets

Smart controllers typically integrated within IT network systems are high-value cyberattack targets vulnerable to adversaries, the agency noted in its cybersecurity technical report titled “Operational Technology Assurance Partnership: Smart Controller Security within National Security Systems.” 

Threats on OT systems and devices can simulate IT network vulnerabilities, the agency explained. It pointed out that vulnerability is higher on legacy OT systems, as they lack security by default, and there are vulnerabilities as well in the IT infrastructure integrated into them. 

Testing and Updates as Shields

The recommendations in the 57-page report include regular administrator testing and updating of all NSS OT firmware and software, including host, embedded and network devices. The NSA report also urges controls on system components or devices with wireless capabilities to ensure that a switch or a default mode can disable the wireless interface. 

As a further guidance, the report provides analytical comparison of National Institute of Standards and Technology security controls and current International Society of Automation technical requirements for OT devices.

Parallel Cyber Guardrails

According to NSA, the study was also conducted to help develop the Operational Technology Assurance Partnership, a pilot for the cybersecurity testing process of NSS OT components. Additionally, the study’s findings will be submitted to the U.S. Army’s Intelligence Support Activity standards committee for consideration on future cybersecurity technical requirement updates for the components in industrial automations and control systems. 

In February, NSA also released three cybersecurity information sheets outlining critical mitigation strategies to safeguard organizations’ edge device systems, including firewalls, routers and virtual private network gateways.

//
2 CISA Senior Advisers Stepping Down
Published on
2 CISA Senior Advisers Stepping Down

Cybersecurity and Infrastructure Security Agency senior advisers Bob Lord and Lauren Zabierek announced that they are resigning from their roles at CISA, Nextgov/FCW reported Monday.

“While CISA’s approaches to Secure by Design evolve, our commitment to the principles remain steadfast. I thank Bob Lord and Lauren Zabierek for helping to lay the foundation on which future work in this space can be built,” Bridget Bean, acting director of CISA, said in a statement.

What Is Secure by Design?

According to the report, Lord and Zabierek helped lead the agency’s Secure by Design initiative, which seeks to provide incentives for software providers in the private sector to integrate security features into their offerings by default.

In his LinkedIn post announcing his resignation, Lord described the initiative as a movement that involves other U.S. agencies, international partners, software companies, open source projects and other stakeholders who “are pushing the software industry toward a future where safety is built in from the start.”

“There’s a role for everyone in making software safer,” Lord said. “The Secure by Design movement will only succeed if more people take ownership of the problem. So wherever you sit in the software ecosystem, I hope you’ll find your way to contribute.”

In her post on the professional networking platform, Zabierek said she is proud of her work on the Secure by Design initiative.

“Being part of this initiative has been one of the most meaningful experiences of my career, one that truly embodies the spirit of public-private partnership and both interagency and international collaboration. One of government’s most important roles is to catalyze innovation that serves the public, and then find a way for it to scale, adapt, and endure. What started as a government-led call to action has quickly become a global movement and we look forward to continuing the momentum,” Zabierek wrote.

Bob Lord’s Career Background 

Before joining CISA, Lord was chief security officer at the Democratic National Committee, according to his LinkedIn profile.

He previously served as chief information security officer at Yahoo and Rapid 7.

He also held senior security leadership roles at Twitter, Red Hat, AOL and Netscape Communications.

Earlier in his career, Lord served as a manager at Andersen Consulting.

Lauren Zabierek’s Career Highlights

Zabierek is a visiting fellow at the National Security Institute.

She previously served as director of the cybersecurity project at Harvard’s Belfer Center and senior intelligence analyst at Recorded Future.

The retired U.S. Air Force intelligence officer worked as a consultant at Deloitte and spent five years as an intelligence analyst at the National Geospatial-Intelligence Agency.

Bridget Bean will be one of the speakers at the Potomac Officers Club’s 2025 Cyber Summit on May 15. Join her and other experts as they discuss new cyber policies, modernization strategies and other trends shaping the cyber domain. Save your spot now for this key event!

POC - 2025 Cyber Summit
/
Marco Rubio Unveils State Department’s Reorganization Plan
Published on
Marco Rubio Unveils State Department’s Reorganization Plan

Secretary of State and a 2025 Wash100 awardee Marco Rubio has announced a reorganization plan that seeks to deliver on the Trump administration’s America First foreign policy and bring the State Department into the 21st Century.

“This approach will empower the Department from the ground up, from the bureaus to the embassies,” Rubio said in a statement published Tuesday.

“Region-specific functions will be consolidated to increase functionality, redundant offices will be removed, and non-statutory programs that are misaligned with America’s core national interests will cease to exist,” he added.

Rubio Orders Cyber & Intel Bureau Movement

Nextgov/FCW reported that the State Department’s Bureau of Cyberspace and Digital Policy, which has operated under the deputy secretary’s office since its creation in 2022, will be part of the department’s Economic Growth office as part of the reorganization.

The Bureau of Intelligence and Research, which is responsible for safeguarding the department’s secret networks and generating insights to inform diplomatic decisions, will now operate as part of a new Bureau of Emerging Threats.

According to the report, the changes will result in the elimination of about 15 percent of domestic personnel and the closure of 132 offices.

///
SSC Awards Raft API Gateway Development Contract to Enhance Data Access
Published on
SSC Awards Raft API Gateway Development Contract to Enhance Data Access

Defense technology company Raft has secured a $2.9 million contract from the U.S. Space Force’s Space Systems Command to develop an application programming interface gateway for the cloud-based Unified Data Library.

The API gateway will turn legacy and current data messaging formats into modern API endpoints, addressing data access issues, SSC said Tuesday.

Space Force is still using legacy data messaging formats that modern API endpoints cannot read, making such data unusable. With the API gateway, the legacy formats will be transformed and translated into the latest formats automatically, allowing legacy systems to work with modern applications and enabling fast delivery of accessible and actionable data to warfighters.

How Does Enhanced Data Access Benefit Warfighters?

According to USSF Lt. Col. Dan Kimmich, Global Mission Data Dominance materiel leader for SSC’s Battle Management, Command, Control and Communication and Space Intelligence’s Program Executive Office, the capability to speed up information delivery will enhance mission readiness and turn the Digital Space Force Vision, which aims to establish the Space Force as a digitally dominant, innovative and interconnected service, into a reality.

Developing the API gateway also supports the Department of Defense’s effort to accelerate the turnover of scaled digital capabilities to warfighters and keep the U.S. military’s superiority on the battlefield and advances the implementation of the Space Force’s FY 2025 Data and Artificial Intelligence Strategic Action Plan.

Raft was awarded the contract through the Space Enterprise Consortium’s other transaction authority.

/
DCSA Background Investigations Inventory Down 24% in 6 Months
Published on
DCSA Background Investigations Inventory Down 24% in 6 Months

The Defense Counterintelligence and Security Agency’s security clearance background investigations inventory dropped 24 percent to 222,700 cases in April from 291,200 investigations in September 2024.

The reduction in backlogged cases was attributed to the implementation of solutions and changes proposed by the personnel vetting tiger team after it identified where the investigation process could be streamlined, DCSA said Tuesday.

According to Ryan Christianson, DCSA business transformation adviser, the agency expects the case inventory to fall below 200,000 by the end of the current fiscal year, depending on the execution of recommended solutions.

“Some of them are going to be very simple and easy to implement, but we’re also looking at more complex solutions that might change how we operate in the agency,” Christianson added.

With the positive impact of the ongoing effort, the tiger team looks forward to improving the DCSA adjudications and continuous vetting processes using a three-phase approach it utilized to transform background investigation processes, beginning with a discovery phase and followed by Phase Two – Solutioning and Phase Three – Execute, Monitor and Adjust.

/
Army, General Dynamics OTS Unveil New 155mm Artillery LAP Facility
Published on
Army, General Dynamics OTS Unveil New 155mm Artillery LAP Facility

The U.S. Army, in collaboration with General Dynamics Ordnance and Tactical Systems, opened a new load, assemble and pack, or LAP, facility in Camden, Arkansas, on April 22.

Boosting Critical Artillery Production

The new LAP facility is intended to bolster the production of 155 mm high-explosive artillery projectiles, the Army said Tuesday. This aligns with the service branch’s efforts to bolster its production capacity, with the goal of producing 100,000 155 mm artillery projectiles a month. The modern projectile loading facility has two new LAP lines expected to manufacture 50,000 high-explosive projectiles monthly.

The Camden facility will be utilized for the final stage of the critical artillery production. During this stage, the 155 mm metal projectile bodies will be filled with explosive materials and assembled with other parts before they are packed for delivery.

The new facility is also meant to revitalize the defense industrial base and enhance readiness to reinforce deterrence. It is equipped with advanced automation, digital quality tracking and other technological capabilities to boost consistency and production rate. In addition, the LAP facility is fitted with a modern air-cooling system for explosive curing to minimize water usage compared to existing cooling methods.

“The Camden load, assembly, and pack munitions facility is just one of several modernization investments the Army is making to reinforce and strengthen our defense industrial base,” said Secretary of the Army Dan Driscoll.

The Army and General Dynamics also worked together to open production facilities in Mesquite, Texas and Marion, Illinois, in 2024.

Potomac Officers Club presents the 2025 Army Summit on June 18. Register and join Army officials, government leaders and industry trailblazers as they discuss the service branch’s most urgent priorities and challenges.

Army, General Dynamics OTS Unveil New 155mm Artillery LAP Facility
1 78 79 80 81 82 2,619