From inviting hackers in to test cybersecurity to reaching out to Silicon Valley for bleeding-edge ideas, the Department of Defense is embracing commercial practices that foster innovation. What kind of impact will this have on the department? It will be interesting to see. Welcome to the weekly news kickoff. Enjoy these highlights.
DoD Announces Bug Bounty Program
The Defense Department this week launched a new cybersecurity initiative called “Hack the Pentagon,” FierceGovernmentIT reports. Under the pilot program, DoD will invite vetted hackers to test the department’s cybersecurity. The department modeled the pilot after commercial- sector bug bounty competitions. The program will help the department root out vulnerabilities in DoD’s applications websites and networks, Pentagon Press Secretary Peter Cook said Wednesday in a statement. The pilot, which will begin in April, will be run through the DoD’s Digital Service team.
Google’s Schmidt To Head New Pentagon Advisory Board
Eric Schmidt, executive chairman of Google‘s parent company Alphabet, is to head a new Defense Innovation Advisory Board for the Pentagon, FedScoop reports. The purpose of the board is to bring the paradigm-shattering management theories of Silicon Valley to DoD. This is one of a series of measures that has stemmed from Defense Secretary Ash Carter’s relationships with companies in the technology sector, including nontraditional partners such as startups and small firms.
NASA Begins Work To Build a Quieter Supersonic Passenger Jet
The return of supersonic passenger air travel is one step closer to reality with NASA’s award of a contract for the preliminary design of a “low boom” flight demonstration aircraft, according to a NASA press release. This is the first in a series of ‘X-planes’ in NASA’s New Aviation Horizons initiative, introduced in the agency’s Fiscal Year 2017 budget. NASA selected a team led by Lockheed Martin Aeronautics Company of Palmdale, California, to complete a preliminary design for Quiet Supersonic Technology (QueSST). The work will be conducted under a task order against the Basic and Applied Aerospace Research and Technology (BAART) contract at NASA’s Langley Research Center in Hampton, Virginia.
How Big Data, Info Sharing Make Hackers’ Lives Harder
Cyber defenders are making hackers’ lives more difficult by analyzing the provenance of code (a broader look at style rather than just substance), Federal Times reports. Thomas Ruoff, director of technology innovation and mission integration for the Department of Homeland Security, likened provenance to a professor trying to determine whether a student actually wrote a paper or plagiarized it. By breaking down the code and comparing certain attributes to other forms of known malware, defenders can identify patterns. From there, through statistical analysis, they can assign a trust score to the traffic coming from certain sources or bearing certain signatures of malicious intent. While this tactic isn’t perfect — true zero-days pop up all the time — it is a fast and efficient tool DHS and others are using to identify and block a large swath of attacks, Ruoff said during a panel discussion at the 2016 RSA Conference in San Francisco.
The ‘Fix FedRAMP’ Crowd Agitates for Change
FCW reports that Rep. Ted Lieu, D-California, asked the question that was on everyone’s mind at the Cloud Computing Caucus Advisory Group, which was packed with vendors who had soured on the government’s Federal Risk and Authorization Management Program. “Why is it so effed up?” Lieu asked. Meritalk’s Steve O’Keeffe criticized the FedRAMP office for what he called a “mysterious refusal” to offer official input on the months-long formation of the “Fix FedRAMP” plan. He also claimed that the team, based on the General Services Administration, had recently presented a “FedRAMP 2.0” plan to lawmakers that drew heavily from his group’s recommendations. The GSA, on behalf of the FedRAMP office, declined to comment.