Category: News

WASHINGTON — The first launch of the Space Development Agency’s low Earth orbit satellites that had been scheduled for late September is slipping to no earlier than mid-December. 

Speaking at the Washington Space Business Roundtable Sept. 14, SDA Director Derek Tournear said the launch of the agency’s Tranche 0 satellites had to be delayed due to supply chain problems that have affected all vendors in the program.

The 28 satellites in Tranche 0 include 20 communications payloads made by Lockheed Martin and York Space; and eight missile-tracking infrared sensor satellites made by SpaceX and L3Harris.

Read Full Article

The Office of Management and Budget (OMB) today issued marching orders to Federal agencies to take action to comply with National Institute of Standards and Technology (NIST) guidance for the use of secure supply chain software, as ordered by President Biden’s cybersecurity executive order issued in May 2021.

Read Full Article

Lawrence Hale, who recently took over as Acting Deputy Assistant Commissioner for Category Management, Office of Information Technology Category at the General Services Administration’s (GSA) Federal Acquisition Service, explained today that his office’s fiscal year 2023 priorities focus on helping Federal agencies work toward easier cloud service adoption and continued progress in zero trust security migration. 

Read Full Article

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) released Securing the Software Supply Chain for Developers today. The product is through the Enduring Security Framework (ESF)  — a public-private cross-sector working group led by NSA and CISA that provides cybersecurity guidance addressing high priority threats to the nation’s critical infrastructure. 

Read Full Article

Avetta urges companies to prioritize eliminating cybersecurity risks, which could otherwise have devastating effects on their supply chain. According to Avetta, 85% of companies experience at least one interference in their supply chain every year. From financial instability to data threats, greenhouse gas emissions to incidents on site, supply chains face constant threats.

Full Article

Risk and compliance specialist, Exiger, has been awarded a contract by the U.S. General Services Administration (GSA) as a trusted partner to deliver a supply chain risk management (SCRM) and third-party risk management (TPRM) enhanced capability made available to the entire U.S. Federal Government. 

The multi-year, $74.5 million, contract award builds on Exiger’s SCRM work with the Department of Defense (DoD) that has been tested and proven across multiple scenarios. GSA will now expand access to Exiger’s SCRM solutions and allow all government agencies to share risk insights and consistently manage supplier risk and health across the U.S. Federal Government enterprise. This enterprise solution is designed to enable significant efficiencies including volume discounts, cross-enterprise data sharing, improved collaboration, and development of supply chain risk mitigation strategies.  

Full Article

The Department of Defense requested about $38.6 billion for FY 2022 for its unclassified information technology, such as communications systems and business systems.

We reviewed the performance of DOD’s 25 major IT business programs, management of cybersecurity and supply chain risks, and more. Among other things, we found:

• 19 of the 25 programs did not fully report data measuring progress on system performance
• Programs reported progress on only 77 of 172 performance targets
• 15 of the 25 reported having an approved cybersecurity strategy and provided a copy to validate

Full Article

U.S. Space Force has kicked off development of a seven-year contract for cybersecurity services to protect the ground networks that manage its space assets.

Space Force’s cyber operations division has dubbed the contract Digital Bloodhound and it will be a multiple-award, task-order contract. The solicitation is expected before the end of the year with an award by the end of March 2023.

The cyber operations division currently has two product lines for defensive requirements for cybersecurity and national security called Manticore and Kraken, according to the Sam.gov posting.

Full Article

To better manage and protect against cybersecurity risks the Environmental Protection Agency (EPA) must establish an enterprise-wide cybersecurity risk assessment framework, the Government Accountability Office (GAO) said in its latest annual priority recommendations report to the agency.

GAO outlined 12 priority recommendations for EPA that fall into six focus areas – including ensuring cybersecurity at EPA.

Federal agencies continue to face a growing number of cyber threats to their systems and data. According to Federal guidelines, agencies need to effectively identify, prioritize, and manage their cyber risks to protect themselves against these threats.

Full Article

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps. Publication of this project description begins a process to solicit public comments for the project requirements, scope, and hardware and software components for use in a laboratory environment.

Full Article