CYBERSECURITY

Defense Acquisition University's Chris Newborn Selected as SynED's May National CyberHero for Boosting Defense Contractors' Cyber Defense Systems

SynED | May 30, 2022

Cyber Defense Systems
SynED, a national non-profit organization that identifies emerging best practices for effective articulation between employers, job seekers, and education providers, announced that Christopher Newborn, recently retired Professor of Information Technology (Cybersecurity Emphasis) at Defense Acquisition University (DAU), is this month's CyberHero.

Chris's decades of experience and approach to his work positioned him to be an outstanding advocate for the protection of sensitive information in the U.S. Defense Industrial Base supply chain, the nation's private sector defense contractors. He worked with the acquisition workforce and Defense Industrial Base professionals who are responsible for acquiring, deploying, and maintaining cybersecurity capabilities and defending critical networks, systems, and data.

While at DAU, Chris provided critical support to the California Advanced Supply Chain Analysis and Diversification Effort (CASCADE and CASCADE II), established by the California Governor's Office of Planning and Research to bolster California's defense supply chain cybersecurity resilience.

Chris and I worked together on the CASCADE program, and he was incredibly helpful in demonstrating the challenges that defense suppliers face in meeting requirements and finding cybersecurity workers. His duty to country and helping others really shines through. I have no doubt that his 'retirement' will just mean he's starting a new chapter in his service to others and national security."

Liz Fraumann, Director and Senior Project Manager at synED

CASCADE has spurred projects that support business assistance programs and the growth of the cybersecurity workforce through cybersecurity-related education curricula, training, and apprenticeship programs.

Chris takes a hands-on, real-world approach to his work. "I always say, I'm not necessarily a professor, I'm a consultant," Mr. Newborn shared. "The reason I say that is, I will take things in a real world scenario and put it to how it applies to you, so you can come up with efficient and effective methods to counter the threat, or at least come up with trade-offs."

The U.S. government has responded to increasing threats to classified and unclassified information by issuing statutory and regulatory policies and procedures.  However, these cybersecurity guidelines and requirements have proven to be challenging for businesses to properly implement and execute.

"We have done a great job when we classify information as secret and above, we have great processes and procedures in place," added Mr. Newborn. "The problem is, when Controlled Unclassified Information (CUI) and other unclassified information is accumulated over a period of time, this information, when aggregated, can provide enough information to our foreign adversaries and competitors to get a leg-up."

The Defense Industrial Base supply chain is complex and layered, with prime contractors, subcontractors, vendors and manufacturers, with a wide spectrum of size, experience and capabilities at every level. "[Our adversaries are] not just after our prime contractors and sub-contractors, they're after our manufacturers and vendors," added Mr. Newborn said.

Many contractors, manufacturers, and vendors are small to medium-sized businesses that have limited staff and resources to meet ever-changing cybersecurity guidelines and requirements.  To help mitigate these challenges, the government has sponsored training to help them better understand the statutory and regulatory requirements.

While at DAU, Chris supported conferences and conducted workshops with Defense Industrial Base partners. With another DAU professor, Dr. Paul Shaw, Chris developed training content and supported multilateral "bootcamps" on acquisition topics, bringing in government employees, vendors, and academia to illuminate common issues and find solutions.

Laura Rodgers, Senior Manager for Cyber Compliance at the North Carolina Military Business Center, said Chris brings a unique perspective that can't be found anywhere else. "He puts some structure on this nebulous thing called cybersecurity, and then he's got the technical chops to help too. He's been very helpful to the North Carolina defense industrial base and we've benefitted greatly from his expertise and insight."

After meeting Laura on a webinar presentation, Chris offered to attend a weekly class put on by Laura so he can answer questions from her students. He attends each week and stays on late to answer questions. "There are just not many out there who are that committed to national security," added Ms. Rodgers.

Chris graduated from Atlanta's Morehouse College in 1982, a historically Black men's liberal arts college. That year, Chris joined General Dynamics, where he worked on early electrification efforts for the M1 Abrams tank and the development of the Bradley Fighting Vehicle.

While working at General Dynamics in Detroit, Chris joined the Navy, where he received valuable training and education that furthered his career. He remained in the U.S. Navy Reserve from 1984 to 1990. During Operations Desert Shield/Desert Storm, Chris was at the Tank Automotive Command where he oversaw all the secondary spare parts for the Army. Chris was the most senior person of color, having been promoted quickly to GS-14, the second-highest civilian Federal government employee ranking.

"I may not have a uniform on, but if I do my job to the best of my ability as an acquisition professional, giving the tools to the warfighter, then they have a chance of doing their duty and going home safely to their families," Chris said of his work during Operation Desert Storm. "That is my motto, and that is what I've been following ever since."

Chris was appointed to the Army's civilian staff at the Pentagon, where he worked on acquisition management from the government side. He says his time working at the Pentagon and living in the Washington, DC area was a career highlight. In 1997, Chris joined the Space and Naval Warfare Systems Command (SPAWAR)'s Cybersecurity and Program Management Office, just as the military command was transitioning from Crystal City, Virginia, to San Diego. His duty was to procure and manage cyber capabilities for the program offices at SPAWAR, becoming both a subject matter expert and an acquisition manager.

Then, after 30 years in government, Chris moved to DAU to pass on his knowledge. "I look at myself as a conduit of information, almost like a router. That is why I always come back and say, 'Sometimes you have to be that subject matter expert, sometimes you have to be the facilitator, and sometimes you just have to take notes."

After 37 years with the Department of Defense, Chris officially retired in April 2022 and recently moved to North Carolina. Chris plans to return to DAU as a part-time Intermittent Professor to complete his work on a curriculum for cybersecurity requirements in the Defense Industrial Base. There is no one better placed to strengthen cybersecurity in the Defense acquisitions supply chain and workforce.

He also hopes to be a bridge between the East and West Coasts' military businesses. In his spare time, he and his wife Agnes plan to volunteer with the local public school district to support teachers.

About SynED CyberHero's Series
SynED's CyberHero's series is a monthly column published nationally that highlights individuals who quietly go above and beyond in helping to secure our nation and communities by developing cyber talent. SynED is a national non-profit that identifies and highlights emerging best practices for effective articulation between employers, job seekers, and education providers. SynED is the proud recipient of the 2021 Association for Career & Technical Education Business-Education Partnership Award.

Spotlight

The Intelligence and National Security Alliance (INSA) is pleased to present this paper on counterintelligence (CI) to help frame the debate on an issue of high priority to US national security. The paper was prepared with input from a broad range of INSA members, many of whom had government careers in intelligence and law enforcement and now work for industries that support the US national security mission.


Other News
EMERGING TECHNOLOGY,GOVERNMENT BUSINESS

NIC State Partners Receive 2022 Government Experience Awards from the Center for Digital Government

Tyler Technologies | September 17, 2022

Tyler Technologies, Inc. (NYSE: TYL) is proud to announce that its NIC subsidiary’s state partners swept the 2022 Overall State Experience category, while several other NIC state partners won awards in the 2022 County and State Project Experience categories. The Government Experience Awards recognize the innovation of states, cities, and counties that excel at creating valuable online government services and applications. The Center for Digital Government is a national research and advisory institute on information technology policies and sets the standard for measuring best practices in state and local government. The Overall Experience category encompasses the entire experience of government and the provision of digital services across multiple channels. In the Overall State Experience category, NIC partner states swept the top five. Maryland took first place, Utah took second place, and Mississippi, Indiana, Louisiana, and Vermont rounded out third, fourth, and fifth. Among this category’s finalists were five NIC partner states: Arkansas, Hawaii, Maine, Oklahoma, and Oregon. For Maryland, this is the state’s second time taking the coveted top spot and the fifth consecutive year in the top three. In fact, NIC states remain prominent in this category year over year. In the last eight years, Maryland has placed in the top five category six times, while Utah, Mississippi, and Indiana have placed seven times. “We appreciate our longtime partners in the state of Maryland and congratulate the state on their exciting and well-deserved achievement, We look forward to continued collaboration with the Maryland Department of Information Technology and our state partners to deliver more innovative business and resident-centric digital government experiences.” -Nancy Schmid, general manager of NIC Maryland. In addition to the Overall Experience category, Project Experience awards have a single focus area and can include more than one interaction channel. NIC partner states were also awarded in the County and State Project Experience categories. Colorado, Hawaii, New Jersey, Rhode Island, and Wisconsin were honored for their county or state-related projects, developed in partnership with NIC: City and County of Honolulu, Hawaii’s HNLDOC Records Collection Web Site Colorado’s Colorado.gov Portal Website Redesign New Jersey State Police’s Firearms App and Registration System (FARS) Rhode Island’s Enterprise Content Management System (eCMS) Wisconsin Department of Transportation’s eMV PARTNER Plate and Sticker Auto-ordering “Tyler and NIC are proud to partner with each of these fifteen states in continuing to improve government experience and eliminate boundaries around service delivery, It is an honor to be recognized annually, along with our state partners.” -Elizabeth Proudfit, president of NIC. About Tyler Technologies and NIC: Acquired by Tyler Technologies (NYSE: TYL) on April 21, 2021, NIC is a leader in digital government solutions and payments, partnering with government to deliver user-friendly digital services that make it easier and more efficient to interact with government. NIC and Tyler are united in their mission to empower public sector entities to operate more efficiently and connect more transparently with their constituents and with each other. Tyler has more than 37,000 successful installations across more than 12,000 locations, with clients in all 50 states, Canada, the Caribbean, Australia, and other international locations.

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

ASGN Incorporated Acquires Iron Vine Security

ASGN | October 04, 2022

ASGN Incorporated (NYSE: ASGN), a leading provider of IT services and solutions, including technology and creative digital marketing, across the commercial and government sectors, announced today that it has acquired Iron Vine Security (“Iron Vine” or “the Company”), a leading cybersecurity company that designs, implements, and executes cybersecurity programs for federal customers. Iron Vine’s team of over 230 professionals will become part of ECS Federal, LLC, ASGN’s Federal Government Segment. Founded in 2008 and headquartered in Washington, DC, Iron Vine delivers end-to-end, next-generation cybersecurity and zero-trust solutions, including cybersecurity program development, security engineering, security operations center (SOC) management, securities controls testing, cloud infrastructure security and digital forensics. The Company is entrusted to protect the critical IT assets of federal clients, including the National Institutes of Health, the Centers for Medicare and Medicaid Services, the Securities and Exchange Commission, the Census Bureau, the Millennium Challenge Corporation, the Department of Education and the Department of State, amongst others. “We are very pleased to welcome Bill Geimer and his entire team of cybersecurity experts to ASGN, Iron Vine’s cybersecurity strength enhances ECS’ powerful solution set to enable the combined companies to capture some of today’s largest cybersecurity contracts across civilian, defense, and intelligence agencies.” -Ted Hanson Chief Executive Officer ASGN. ECS has enjoyed a longstanding partner relationship with Iron Vine, said John Heneghan, ECS president. We share a commitment to driving results for our customers by leveraging the latest technology along with leading cyber expertise. By combining and expanding our next-gen cybersecurity solutions and talented workforce, we strengthen our ability to deliver innovative solutions that protect our Nation’s most critical resources and move our customers’ missions forward. “We are very excited to join ECS and the broader ASGN family, Combining Iron Vine’s deep cyber expertise with ECS’ technical breadth will provide our combined customers access to an enriched offering of proven, innovative cybersecurity solutions and methodologies.” -Bill Geimer, CEO of Iron Vine. In connection with the closing, ASGN expects to grant restricted stock unit awards to 36 Iron Vine employees who are not executives of ASGN on January 3, 2023, covering a number of shares of ASGN common stock having an aggregate value of approximately $7 million on the grant date. Subject to continued service to ASGN, these restricted stock unit awards will vest: (a) one-half on the second anniversary of the closing, and (b) 25 percent on each of the third and fourth anniversaries of the closing. The restricted stock unit awards are granted as employment inducement awards pursuant to the New York Stock Exchange rules. About ASGN Incorporated: ASGN Incorporated (NYSE: ASGN) is a leading provider of IT services and solutions, including technology and creative digital marketing, across the commercial and government sectors. ASGN helps corporate enterprises and government organizations develop, implement and operate critical IT and business solutions through its integrated offering of professional staffing and IT solutions

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

German Firms Tighten Cybersecurity Against New Threats

ISG | September 12, 2022

Overlapping crises and technology trends have heightened cybersecurity concerns in Germany, leading enterprises to increase their investments in security products and services, according to a new research report published today by Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm. The 2022 ISG Provider Lens™ Cybersecurity — Solutions and Services report for Germany finds that cyber threats caused by the war in Ukraine, along with disruptions from the COVID-19 pandemic and increasing digitization of enterprises, have expanded attack surfaces and resulted in more cybersecurity breaches in Germany. As companies bring more data, communications and processes into the digital realm, cybersecurity is becoming a higher priority. “Holistic enterprise security is more than just a current trend, it’s vital to the successful operation of a business, German senior executives understand that cyberattacks can seriously threaten a company’s reputation and finances, so they are paying even greater attention to secure collaboration with third parties, secure core business processes and secure connected and digital products.” -Roger Albrecht, co-lead, ISG Cybersecurity. German companies and government agencies are defending themselves against increasingly sophisticated cyberattacks amid a shortage of IT professionals, especially in cybersecurity, the report says. As risks increase in Germany for both large and midsize enterprises, there is a growing need for guidance. Many organizations are engaging with strategic, technical and managed security service providers for help implementing and constantly honing their defenses. Also, because many attackers breach organizations through social engineering methods such as phishing, companies also turn to providers for consulting and employee training to prevent human errors. Because of strict data protection regulations, most German enterprises rely on providers with security operations centers in Germany. Remote and hybrid work, which emerged suddenly during the pandemic and is expected to become permanent, has made IT systems more vulnerable to attack as employees connect to enterprises from different locations and through their own devices. To manage this risk, German enterprises are investing in advanced identity and access management (IAM) capabilities, especially cloud-managed systems that can function across multiple cloud installations. “German companies need to manage more users, devices and digital services than ever, In many cases, service providers are taking on these roles.” -Jan Erik Aase, partner and global leader, ISG Provider Lens Research. The report explores a wide range of cybersecurity trends in Germany, including increasing use of zero-trust approaches, the growth of the midsize market and the evolution of endpoint protection from traditional antivirus solutions to AI-based behavioral analysis. The 2022 ISG Provider Lens™ Cybersecurity — Solutions and Services report for Germany evaluates the capabilities of 97 providers across six quadrants: Identity and Access Management (IAM), Data Leakage/Loss Prevention (DLP) and Data Security, Advanced Endpoint Threat Detection and Response (Advanced ETPDR), Technical Security Services (TSS), Strategic Security Services (SSS) and Managed Security Services. The report names IBM as a Leader in five quadrants and Atos as a Leader in four quadrants. It names Accenture, Axians, Capgemini, Deutsche Telekom and Microsoft as Leaders in three quadrants each. Bechtle, Broadcom, CANCOM, Computacenter, Controlware and Trend Micro are named as Leaders in two quadrants each. CrowdStrike, Deloitte, DriveLock, DXC Technology, Forcepoint, GBS, HCL, HelpSystems, Infosys, KPMG, Matrix42, Okta, Orange Cyberdefense, Ping Identity, PwC, RSA, SentinelOne, Sophos, TCS, Trellix, VMware Carbon Black and Wipro are named as Leaders in one quadrant each. About ISG Provider Lens™ Research: The ISG Provider Lens™ Quadrant research series is the only service provider evaluation of its kind to combine empirical, data-driven research and market analysis with the real-world experience and observations of ISG's global advisory team. Enterprises will find a wealth of detailed data and market analysis to help guide their selection of appropriate sourcing partners, while ISG advisors use the reports to validate their own market knowledge and make recommendations to ISG's enterprise clients. The research currently covers providers offering their services globally, across Europe, as well as in the U.S., Canada, Brazil, the U.K., France, Benelux, Germany, Switzerland, the Nordics, Australia and Singapore/Malaysia, with additional markets to be added in the future. About ISG: ISG (Information Services Group) (Nasdaq: III) is a leading global technology research and advisory firm. A trusted business partner to more than 800 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,300 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data.

Read More

EMERGING TECHNOLOGY,GOVERNMENT BUSINESS

iOffice + SpaceIQ Pursues FedRAMP Authorization for Workplace and Asset Management Technology

iOffice + SpaceIQ | August 17, 2022

iOffice + SpaceIQ, the global workplace technology company, today announced its intent to seek authorization from the U.S. Federal Risk and Authorization Management Program (FedRAMP) for its Integrated Workplace Management System Archibus. FedRAMP facilitates adoption of secure technologies across U.S. government agencies by standardizing assessment, authorization, and continuous monitoring of cloud-based products and services. The federal government owns and leases 130,000 properties — approximately 885 million square feet and $21B in annual operational expenditures — representing the largest real estate portfolio in the United States. With nearly 7% of government-owned properties underutilized or unused, iOffice + SpaceIQ's solutions address the critical need for space optimization, cost reduction, and enhanced decision-making capabilities for federal facilities. "There's been a major push to modernize operations and ramp up digital transformation efforts within the federal government, FedRAMP authorization will accelerate our ability to supply much-needed solutions to highly regulated government agencies and continue serving our existing federal customers." -Chief Dan DeRosa, Product Officer, iOffice + SpaceIQ. iOffice + SpaceIQ is already authorized to operate on secure high-side networks for several government agencies. The company has a robust federal distribution, reseller, and service provider network, meeting demand for centralized management of facility operations, maintenance, and occupancy while ensuring data security. iOffice + SpaceIQ's infrastructure is purpose-built to increase customers' resiliency against existing and future cybersecurity challenges. The business meets the highest standards for service and accessibility, including compliance with SOC 2 and a Voluntary Product Accessibility Template for Archibus. About iOffice + SpaceIQ: iOffice + SpaceIQ empowers how tomorrow will work, helping employees and companies adapt and thrive to produce better outcomes for the world. Our smart workplace technology enables over 10,000 organizations in 85 countries to improve business performance through intuitive, people-first space planning and operations. More than 2M end users rely on iOffice + SpaceIQ platforms to optimize more than 2B square feet of space valued at more than $64B, maintain mission-critical assets, and enhance how people interact with the workplace.

Read More

Spotlight

The Intelligence and National Security Alliance (INSA) is pleased to present this paper on counterintelligence (CI) to help frame the debate on an issue of high priority to US national security. The paper was prepared with input from a broad range of INSA members, many of whom had government careers in intelligence and law enforcement and now work for industries that support the US national security mission.

Resources