Month: September 2019

Winning ‘The Shadow War’

Whether it’s online, on land, underwater or in space, CNN national security correspondent Jim Sciutto’s “The Shadow War: Inside Russia’s and China’s Secret Operations to Defeat America” offers ominous insights into how the United States’ key adversaries are changing the dynamics of national security.

Sciutto provides context into present day Russia and China military strategies — from the downing of Malaysia Airlines Flight 17 and Ukranian political upheaval to foreign meddling in U.S. elections to satellite maneuvering — how the new game of security is played, and what the United States needs to rethink and execute for these new times.

Key excerpts:

The advent of the Shadow War should have surprised no one. In military terms, hybrid warfare is a natural product of a world with a single superpower and other rising or declining powers eager to challenge that superpower. For China, Russia, and other US and Western adversaries, hybrid warfare is the only way to take on a country such as the United States with otherwise unchallenged military might. In other words, the so-called gray zone is the only field of conflict on which these adversaries believe they stand a chance of winning.

US defense and intelligence officials now speak openly of the dangers of repeating the errors of the 1930s, that is, observing aggression by adversaries in Europe and Asia while assigning false limits to those adversaries’ ambitions. Those fears of repeating the mistakes of history are now fueling calls to defend against the Shadow War now or face the danger of a wider conflict in the years to come. And yet, without a commitment throughout all levels of the US government, the United States faces the alarming prospect of emerging from the Shadow War diminished and defeated.

U.S. national security officials agree that the United States must find better ways to fight and defend against the Shadow War, to impose costs sufficient to compel Russia and China to change their behavior, and, if possible, to impose costs sufficient to reverse the gains they have already achieved, or to make those gains untenable. The consensus of the current and former national security and intelligence officials I’ve spoken with is that none of these steps has so far been taken to a degree sufficient to make America safe.

UK will pilot AI government procurement guidelines co-designed with World Economic Forum

Photo: World Economic Forum
Photo: World Economic Forum

The United Kingdom Government announced it will pilot newly-developed artificial intelligence procurement guidelines it co-designed with the World Economic Forum.

From the announcement:

Governments want to acquire AI solutions to streamline processes and provide insights into key sectors such as transportation, healthcare and public services. However, officials often lack experience in acquiring such solutions and many public institutions are cautious about harnessing this rapidly developing technology at a time when we are only beginning to understand the risks as well as the opportunities.

Growing public concerns around bias, privacy, accountability and transparency of the technology has added an extra layer of complexity to a potential roll out on a national level. The AI Procurement Guidelines for Governments have been designed help officials keep up with this rapidly developing technology and mitigate the risks.

The guidelines were co-designed by the World Economic Forum’s Artificial Intelligence and Machine Learning team and fellows embedded from UK Government’s Office of AI, Deloitte, Salesforce and Splunk. Members of government, academia, civil society and the private sector were consulted throughout a ten-month development process, which incorporated workshops and interviews with government procurement officials and private sector procurement professionals.

The report provides the requirements a government official should address before acquiring and deploying AI solutions and services. It also provides the questions that companies should answer about their AI development and how the data is used and processed. The guidelines also include explanatory text elaborating on how to implement, key questions to ask and case studies.

More: UK Government First to Pilot AI Procurement Guidelines Co-Designed with World Economic Forum

NSA challenges students to test their cyber skills in mock national security exercise

Codebreaker

The National Security Agency will host a “cyber-challenge similar to those that regularly threaten national security,” open to students at any U.S. based academic institution. The exercise will run from September 20, 2019 to January 10, 2020.

From NSA:

The annual Codebreaker Challenge offers students a closer look at the type of work done at NSA and provides the opportunity to develop skills needed to achieve the Agency’s national security mission. The problems touch on skills like software reverse engineering, cryptanalysis, exploit development, block chain analysis and more.

This year’s challenge scenario is about tech savvy terrorists who have developed a new suite of communication tools that are being used for attack planning purposes. Intelligence suggests the terrorists are communicating via TerrorTime, a custom Android secure messaging app. Those who attempt the challenge will be required to reverse engineer and develop new exploitation capabilities against TerrorTime to enable message spoofing, user masquerades, and message decryption.

Release: NSA Launches Latest Codebreaker Challenge

Food Safety 2.0: FDA shares its vision for a digital, transparent food safety system

Photo: U.S. Food & Drug Administration
Photo: U.S. Food & Drug Administration

In an interview with the agency, the Food and Drug Administration Deputy Commissioner Frank Yiannas discussed its latest efforts to “leverage new and emerging technologies to prevent contamination and rapidly trace the origin of a tainted food to its source.”

FDA announced the New Era of Smarter Food Safety initiative in April 2019, and the agency will hold an public meeting on the program October 21.

Key excerpts from the interview:

This isn’t just a slogan or a tagline. Instead, it’s a new approach to food safety, one that recognizes and builds on the progress made in the past, but also incorporates the use of new technologies that are being used in society and business sectors all around us. These include blockchain, sensor technology, the Internet of Things, and Artificial Intelligence to create a more digital, traceable, and safer food system. This new approach creates shared value for all stakeholders — farmers, food producers, regulators, consumers, and the planet.

That said, while technology is an important part of Smarter Food Safety, it’s more than that. It’s about simpler, more effective and modern approaches and processes. It’s about leadership and creativity. It’s also about working within and outside of FDA to foster a food safety culture that transcends borders between the public and private sector.

In my view, today’s food system is amazing, but it does have one major Achilles heel: A lack of traceability and transparency.

When it comes to food traceability, some are stuck in a past in which each segment in the food system is responsible for keeping track of food, one step forward to identify where the food has gone and one step back to identify the source. And it’s largely done on paper.  However, with the emergence of new digital technologies, the proliferation of the Internet of Things, and the continued advancement of sensor technology, many believe the one-step forward and one-step back model of food traceability is an outdated paradigm for the 21st Century. 

When FSMA was conceived and launched, it brought people to the table, both public and private partners. A New Era of Smarter Food Safety is doing the same. Now we plan to accelerate based on that foundation. How do we continue to modify and adapt? I foresee a more digital, data-driven, and transparent system that’s more precise and efficient.

Read more: Deputy Commissioner Champions More Digital, Transparent Food Safety System

‘The woeful state of government technology’

Photo: U.S. Department of Energy

San Francisco Chief Digital Services Officer Carrie Bishop published an excellent commentary piece that touches on several issues we in the digital government industry don’t talk much about, or at all.

Particularly, her pointed thoughts on the dismal state of government technology are something we as an industry need to discuss more openly and deeply, and emphatically address if we truly care about the future of a healthy democracy.

This part of Carrie’s commentary speaks to me, and is something everyone in the industry should read, talk more about, actively get unsettled with and do something to change:

Looking at the woeful state of government technology it’s clear there is a crisis in our sector. The struggle of legacy technology is real, and the market is ripe for disruptors, but the lead times, the slow pace of change in the sector, and the age-old problem of procurement all make it a bleak market for new entrants.

The systems are rotting from the inside. Their molasses code, their disintegrating interfaces, and their putrifying business models are at the core of government service delivery, but they persist because they are so entrenched. In theory, it would be easy for a company to breeze through and disrupt the incumbents. The hard part is the change.

The true challenge is the time it takes to procure from cold contact to signed contract, and convincing people to go with an unknown entity instead of an entrenched inevitability. The hard work is helping cities imagine services that are designed around the people that use them, instead of department silos. Based on my experience as a vendor in this market I’d say that this process takes about two years from start to finish with just one city client.

The most viable option for governments is to build internal teams who can absorb the impact of this hostile environment. Expecting new vendors to have enough financial backing and mature enough products is too big of an ask. I have realized that there are some things only government teams can do. Only an internal team can build for the most complex use cases and the edge-cases, as well as the mainstream. Vendors, and even non-profits, especially new entrants to the market, are just not financially able to do this hard work, but this is exactly what government should be focused on.

For many legacy institutions, empowering democracy has become a secondary priority to maintaining the status quo for profit or personal stability, whether it’s the business model of a government-focused nonprofit organization or legacy vendor or a public sector leader that’s been in the same comfortable role for years. This isn’t meant to condemn, but more to emphatically point out that a sense of purpose for some needs to be re-established. This is tough for entrenched people and organizations.

There is a gray area with respect to internal digital service teams and external vendor support. What we don’t talk about much is that the reality is the smaller a government gets, the less likely they’re able to attract or afford digital talent, regardless of the sense of mission it brings.

Unfortunately, this is where we see even worse habits with respect to legacy organizations. We often conflate what is happening at the national, state or big city level to what everyone else (and there are a lot of everyone elses) can realistically accomplish on their own.

The state of government technology is woeful. The expectations we have for those in executive technology positions, as well as the legacy institutions (organizations and vendors) who have captured much of the market, are low. What’s unfortunate is that many inside government don’t realize how bad legacy vendor technology really is, judging it not by merit, but by an established relationship or how entrenched it is within the market.

As Carrie mentions, this environment makes it tough for civic entrepreneurs to get and stay excited about their potential to help re-imagine civics in their own way, in a way that serves everyone. Speaking from firsthand experience, it is a challenge for new entrant disruptors to gain a foothold, and there are many reasons for this. This is a conversation we need to have, and I’m thankful Carrie opened up that door.

I look forward to continuing it.

Read more: The same but different

White House adds ‘agile and responsive’ security practices to trusted internet connections updates

The White House
(Official White House Photo by Tia Dufour)

The White House announced updates to the federal government Trusted Internet Connections initiative with the intent to empower agencies with security practices that aim to remove barriers to modern technology adoption.

An Office of Management and Budget memo provides agencies with pilot program guidance and an implementation timeline.

From OMB:

The purpose of the Trusted Internet Connections (TIC) initiative is to enhance network security across the Federal Government. Initially, this was done through the consolidation of external connections and the deployment of common tools at these access points. While this prior work has been invaluable in securing Federal networks and information, the program must adapt to modem architectures and frameworks for government IT resource utilization. Accordingly, this memorandum provides an enhanced approach for implementing the TIC initiative that provides agencies with increased flexibility to use modern security capabilities. This memorandum also establishes a process for ensuring the TIC initiative is agile and responsive to advancements in technology and rapidly evolving threats.

One component of TIC is Pulse.cio.gov, the U.S. government’s program that monitors HTTPS protocol status of federal (.gov) domains.

From Matt “Mr. FedRAMP” Goodrich:

Memo: Update to the Trusted Internet Connections (TIC) Initiative

New center wants to help Congress grok deep space, deep fakes

U.S. Capitol

The U.S. Government Accountability Office launched a new Center for Strategic Foresight to help Congress better understand issues related to emerging notorious technologies, such as deep space and deep fakes, that impact a well-functioning democracy.

From the announcement:

“The Center for Strategic Foresight helps to keep us agile by encouraging creative and critical thinking on the latest trends facing government and society. Our goal is to stay focused on Congress’ top policy priorities and to help prepare policymakers for future challenges.”

GAO created the Center to enhance its ability to identify, monitor, and analyze emerging issues. Located in GAO’s Office of Strategic Planning and External Liaison, the Center is a unique entity in the federal government, one that reflects the non-partisan independent watchdog agency’s broad mandate to provide Congress with reliable, fact-based information for overseeing federal agencies and programs. 

Details: Deep Space & Deep Fakes: New “Center for Strategic Foresight” Launched

GAO tells Defense Department to ‘fully implement’ open source pilot program

Photo: U.S. Defense Department
Photo: U.S. Defense Department

The U.S. Government Accountability Office released a report assessing the lackluster status of the Defense Department’s open source pilot program, saying that until the agency effectively implements this, “the department will not be positioned to take advantage of significant cost savings and efficiencies.”

The Office of Management and Budget issued its federal source code policy in August 2016 requiring federal agencies to improve the way they buy, build, and deliver software solutions through the use of open source code. Part of the policy includes implementing agency-specific open source software pilot programs. The National Defense Authorization Act for Fiscal Year 2018 mandated that DOD initiate its pilot by June 2018.

Key excerpts:

A program manager from the Defense Information Systems Agency reported that the agency had identified an OSS solution that provided more functionality at less cost than the commercial solution provided through a vendor. The program manager explained that when the agency implemented the new OSS solution, it realized $20 million in annual savings over the commercial solution that had been maintained by a vendor.

A program manager from the Defense Information Systems Agency reported that the selection of an OSS solution rather than a COTS solution contracted through a vendor had resulted in increased efficiency. The official explained that the use of the OSS solution allowed the agency to develop and maintain in-house skills that would not have been available had they opted to contract with a vendor providing a skilled workforce.

In interviews with GAO, DOD personnel expressed mixed views on open source software with respect to security, however, “an official in the Office of the Assistant Secretary of the Air Force for Acquisition, Technology, and Logistics reported that, as long as OSS is properly vetted to ensure it is secure and free from malware, it offers an opportunity for the department to achieve cost savings and efficiencies.”

According to GAO, DOD says it will “update its OSS memorandum by the end of the 2019 calendar year and issue it as policy.”

Full report: DOD Needs to Fully Implement Program for Piloting Open Source Software

United Nations digital economy report gives comprehensive insight into global emerging tech trends and the future impact on us all

United Nations flag
Photo: sanjitbakshi

The United Nations published its 2019 Digital Economy Report that is a comprehensive must-read for civic leaders who want to understand how emerging technologies will impact the global labor market, security, privacy, economy and more.

Digital trends addressed include blockchain, three-dimensional printing, Internet of things, 5G mobile broadband, cloud computing, automation and robotics, and rtificial intelligence and data analytics.

From Secretary-General António Guterres:

Digital advances have generated enormous wealth in record time, but that wealth has been concentrated around a small number of individuals, companies and countries. Under current policies and regulations, this trajectory is likely to continue, further contributing to rising inequality. We must work to close the digital divide, where more than half the world has limited or no access to the Internet. Inclusivity is essential to building a digital economy that delivers for all.

Full report: 2019 United Nations Digital Economy Report