Latest posts


Quick Study

By Brian Robinson

View all blogs

DOD blacklist authority could go too far, say small-biz advocates

Business advocates are charging the Defense Department with redlining the government contracting business to the extent that the 2011 Defense Authorization bill would allow DOD officials to secretly blacklist contractors and bar them from doing any business with the federal government.

In particular, they say this “blatant power grab” by agency heads could end up significantly harming small-business contracting because it could lead to the concentration of contracting dollars in the hands of just a small number of big companies.

The American Small Business League (ASBL) recently went public with its concerns in a dispatch from Communications Director Chris Gunn in The Exception magazine.

“Small-business advocates are concerned that DOD’s determination will be shared with each agency where the company competes as a prime contractor or subcontractor,” Gunn writes. “This could lead to the broad-based exclusion of contractors from federal contracting programs without due process.”

That could be a sensitive issue with the new Congress. Government agencies have specific small-business set-aside targets, but small-business advocates consistently complain that agencies are not doing enough to meet those goals. And last year, things came to a head in Congress over charges of fraud in the Small Business Administration’s set-aside programs, which allegedly cost small companies some $100 million worth of business.

According to Gunn, ASBL estimates that more than $100 billion in federal small-business contracts are diverted away from such companies every year, with many large companies — such as Boeing, Lockheed Martin and Northrop Grumman — receiving the contracts instead.

ASBL has legs when it comes to making its concerns known and paid attention to. Earlier in the year, it sued the government for muddling its small-business contracting data, thereby reducing the transparency of government contracting. Groups had used that data to uncover fraud in the past, ASBL said.

And in November, the group sued the Homeland Security Department for refusing to release subcontracting reports on contracts it had awarded to Boeing.

A big part of the beef ASBL and others have with the new Defense bill is that they say it will allow DOD to blacklist companies without notifying those companies. And it protects the blacklist from disclosure requirements that would be part of a Freedom of Information Act request, a protest to the Government Accountability Office or action in federal court.

Posted on Dec 14, 2010 at 9:03 AM3 comments


Teetering on the brink of critical infrastructure protection

Are the ducks finally lining up on cybersecurity? The recent memorandum of agreement between the departments of Defense and Homeland Security, who for years have been butting heads on cybersecurity responsibilities, is one positive sign.

If we depart from the cynical view, which would have this as nothing more than window dressing for the public and Congress, then we can expect better coordination and information sharing between the two departments going forward. Hopefully, that ultimately means a much better approach to protecting critical infrastructures.

And none too soon. The Stuxnet worm that reportedly devastated Iran’s energy infrastructure is being seen as the most visible evidence of a trend toward more “professional” coding of malware aimed at country’s infrastructures. Some are calling it the blueprint for a new generation of cyberweapons that will be used in a rapidly developing Cyber War.

A DOD official was quoted as saying the agreement with DHS was needed because the United States doesn’t have either the time or the money to develop cyberdefenses twice over. DHS Secretary Napolitano and DOD Secretary Gates called it the beginning of a new framework for coordination and joint program planning between the departments.

If this all works out as planned then it will be quite few steps on from where the public perception is right now, with a large majority in a recent Narus poll saying government is wildly unprepared to defend against cyberattacks. Industry didn’t fare much better.

How much does this positive outweigh the negatives? Good question. Symantec’s 2010 Critical Information Infrastructure Protection survey reported that more than half of America’s infrastructure providers have experienced politically-motivated cyberattacks. Those were presumably made by the kinds of people who launched Stuxnet, not the relatively unsophisticated hacker stuff that predominated in years past. And it’s likely to only get worse.

Outside of the feds and industry, state and local governments also have a big responsibility for critical infrastructure, of course, and they are getting hammered by the recession. A new study found that nearly four-fifths of state chief information security officers reported stagnant or slashed budgets that pose “a serious problem that stifles their ability to adequately handle growing internal and external threats.”

So which is it? Are we marching forward, falling back, or staggering to a standstill?

Posted on Oct 14, 2010 at 9:03 AM2 comments


Administration's wiretapping push could damage cloud security

In another case of unintended consequences, now come warnings that the Obama administration’s call to Internet service providers and other firms to make it easier for the FBI to tap into online communications could damage attempts to tighten security in the cloud.

Security research firm Securosis says that the proposal, which is aimed at denying terrorists and other groups the advantage of encrypted communications, will create “a single point of security failure within organizations and companies that don’t have the best security track record to begin with.”


Related stories:

Big Brother wants to surf the Net with you

Why cybersecurity experts can never rest

Security washes out cloud savings

Who owns data in the cloud? The answer could get tricky.


The administration’s proposal specifically targets peer-to-peer communications, requiring companies that deliver these types of services to redesign them to allow interception. There’s only a limited number of ways to do that, Securosis says, and each of them creates new opportunities for security failures. Those failures are also likely to be detectable by bad guys with some fairly basic techniques, it says.

ReadWriteWeb, which provided the initial link to the Securosis post, points out that means nothing but trouble for cloud providers. Instead of locking the cloud down tighter, this proposal would create an always-open backdoor into the cloud.

Government clouds are mostly behind the firewall now, but at some point they’ll have to connect to public services if they want to make full use of the cloud. If Securosis is right, the administration’s proposal might serve to throttle the use of the cloud by the feds, who are paranoid about its security, at the same time that the White House is trying to promote it.

 

Posted on Sep 29, 2010 at 9:03 AM4 comments


DARPA aims for fiber-optic link between warfighters' minds, bodies

The Defense Advanced Research Projects Agency is famed for its prowess at delivering increasingly effective ways for warfighters to deliver mayhem to their enemies, and it seems that DARPA also is as determined to look after their minds and bodies.

The latest effort is a $5.6 million award to Southern Methodist University to fund its Neurophotonics Research Center’s development of two-way fiber optic communication between prosthetic limbs and the wearer’s peripheral nerves.

All allusions to cyborgs aside (and there’s been plenty of those), the research has the deadly serious aim of helping amputees get back as much function as possible to help them in their post-warfighter lives. The research at SMU has the real chance of giving amputees an effective way of “feeling” their artificial limbs, which could revolutionize their freedom of movement and agility.

Unlike most DOD-funded work, this research also has a very clear implication in the civilian world. As well as lost limbs, there also are tens of thousands of spinal cord injuries in the United States each year, with the consequent hit to individuals’ lives and to the well-being of their families, not to mention the economy overall.

DARPA is also funding research into direct stimulus of brain functions that could help soldiers deal better with battlefield stress and even reduce the effects of traumatic brain injuries. Technology that could do this could be built directly into soldiers’ helmets.

With multiple recent announcements of technology-enabled brain-body links, such as a chip that can be implanted in the brain to help with controlling prosthetics, it’s no longer science fiction to believe that people with shattered limbs and minds --- helped by U.S. military research -- can be made almost whole again.

 

Posted on Sep 22, 2010 at 9:03 AM2 comments


Power IT Down Day: A major success, but could be bigger

The organizers of Power IT Down Day, a yearly event that tries to convince government workers and agencies to do more to save energy, obviously need to get more ambitious.

They set a fairly conservative goal of 6,100 participants -- a 10 percent over 2009 -- but instead ended up with 17,639. The Wounded Warrior Project, which gets a contribution proportional to the size of the participation, will be banking a $60,000 check.

That’s about as successful as it gets for this kind of project, whose aim is to educate government about the money that can be saved just by turning off PCs and other computing devices when they are not being used. It seems that, despite the various mandates for agencies to reduce their energy use, substantial prodding is needed.

Tom Simmons, area vice president for the US public sector at Citrix Systems, one of the event’s sponsors, said that compared to three years ago when the event started, government overall is now much more aware of how much money it spends on powering electronic devices. Coming budget cuts will no doubt help focus minds even more.

However, as he also pointed out, policies in many government organizations weigh against savings. Managers tell their people to keep PCs and other devices turned on at night to facilitate security and other updates. Comments to the original Quick Study post made the same point. So there’s still a lot of convincing that needs to happen.

Citrix and the other event sponsors -- Intel, Hewlett Packard and GTSI -- obviously did a great job in getting the word out this year. A good number of press outlets carried something about it, and inside government such agencies as the General Services Administration and the Health and Human Services Department stepped up to publicize the effort to their employees and others.

Given the response, momentum is obviously building. When pressed, Simmons said a participation of 25,000 or more would be reasonable. Feels a little wussy to me. As he said, this year’s total still came to less than 0.5 percent of the government PC user population. I would think at least 50,000 is a better target for 2011, wouldn’t you?

Posted on Sep 01, 2010 at 9:03 AM3 comments


Military simulation training may lead recruits to view war as a game

It’s a fact that video games have become an important part of the military training regimen. It’s not that they are a new technology, but video games are an interesting addition to traditional approaches and, so the theory goes, are a necessity for current “digital-native” generations of recruits.

However, according to a LiveScience story, although video games are being used to train recruits for war, they could also be masking the reality of the battlefield and creating a kind of detachment for those who become involved in the real thing.

The story quotes Brooking Institution senior fellow Peter Singer, who opined on this in a recent edition of Foreign Policy. As Singer points out, the Pentagon’s goal with all of this is to create a simulation and quick training scenario for just about any military skill set, which is why it spends some $6 billion a year on the virtual universe.

If you want to see just how serious the military is about this, check out the presentations made at GameTech 2011, the latest in an annual series of conferences the Defense Department uses to promote the use of gaming technology in the military. It’s as detailed and academic as any serious tech gathering.

There’s good and bad in all of this, of course. Video games are also being used to (somewhat) successfully treat soldiers with post-traumatic stress disorder more than a decade after the much less capable gaming technology of the 1990s was tried out on Vietnam vets.

However, with all of this techno wizardry, there’s a question of whether it’s blurring the border between gaming and reality for warfighters. Virtual training, for example, is at the heart of the Air Force’s vision for the future, and flying by joystick and screen is already a career path for pilots.

But Singer points to a conversation he had with a former F-15 pilot who, while standing in awe of the capabilities of U.S.-based pilots of unmanned drones, said the virtual nature of their training and video-based flying gives them no sense of what’s really going on. That pilot refuses to let his own kids play war-based games, preferring ones involving cars.

Posted on Aug 20, 2010 at 9:03 AM1 comments


Defense Systems eNewsletters