The secretary’s order, signed Friday but first made public Tuesday, came after an eye-opening investigation by ProPublica revealed Microsoft had been relying on China-based engineers to support DOD cloud computing systems.

Short on specific details, Hegseth’s order enlists the CIO — with the support of the department’s heads of acquisition and sustainment, intelligence and security, and research and engineering — to “take immediate actions to ensure to the maximum extent possible that all information technology capabilities, including cloud services, developed and procured for DoD are reviewed and validated as secure against supply chain attacks by adversaries such as China and Russia.”

Hegseth first referenced his order in a video posted to X on Friday, in which he said, “some tech companies have been using cheap Chinese labor to assist with DoD cloud services,” calling for a “two-week review” to make sure that isn’t happening anywhere else in the department’s tech supply chains.

The secretary, in both his video and the new memo, stopped short of calling out Microsoft specifically. However, a spokesperson for the company has since stated publicly that it has made changes to “assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”

“This is obviously unacceptable, especially in today’s digital threat environment,” Hegseth said in the Friday video, claiming that the system at the center of the incident is “a legacy system created over a decade ago during the Obama administration.”

He added: “We have to ensure the digital systems that we use here at the Defense Department are ironclad and impenetrable, and that’s why today I’m announcing that China will no longer have any involvement whatsoever in our cloud services.”

The memo itself calls on the department to “fortify existing programs and processes utilized within the Defense Industrial Base (DIB) to ensure that adversarial foreign influence is appropriately eliminated or mitigated and determine what, if any, additional actions may be required to address these risks.” Specifically, it cites the Cybersecurity Maturity Model Certification (CMMC) — the final rule for which, as of Wednesday, is undergoing regulatory review with the Office of Management and Budget — acting CIO Katie Arrington’s new Software Fast Track program, and the FedRAMP process as existing efforts the Pentagon CIO should rely on to ensure the department’s tech is secure.

Within 15 days of the order’s signing, DOD’s Office of the CIO must issue additional implementing guidance on the matter, led by department CISO Dave McKeown.

On top of that, it taps the undersecretary of defense for intelligence and security to “review and validate personnel security practices and insider threat programs of the DIB and cloud service providers to the maximum extent possible.”

The post Hegseth calls on DOD CIO to protect tech supply chain from influence of China appeared first on DefenseScoop.

The DOD currently maintains more than 2 million Microsoft 365 E5 licenses across two separate programs — the Defense Enterprise Office Solution (DEOS) and the Enterprise Software Initiative (DOD ESI). Through the established contracts, Pentagon components can purchase software licenses for commercial Microsoft products, including Office 365 applications and other collaboration tools.

But ongoing efforts spearheaded by the Department of Government Efficiency (DOGE) have prompted the Defense Department to review how many of those licenses it actually needs, Katie Arrington, who is performing the duties of Pentagon CIO, told DefenseScoop.

“Our Microsoft 365 contract [is a] very big contract here in the Department of Defense. Does every individual in the Department of Defense need an [E5] license? Absolutely not,” Arrington said June 6 in an exclusive interview.

With the department’s Deputy CIO for the Information Enterprise Bill Dunlap, Arrington has been working alongside her DOGE representative to review individual position descriptions and multi-level securities to determine what level of Microsoft 365 E5 license that person needs, she said. Other criteria being considered include user and mission requirements for office productivity software, as well as collaboration capabilities, a DOD CIO spokesperson told DefenseScoop.

CSRA, which is owned by General Dynamics IT, has served as the lead integrator for the DEOS contract since 2020, when the company received a 10-year blanket purchase agreement from the General Services Administration and Defense Department. The program allows Pentagon components to purchase individual licenses for cloud-based Microsoft 365 email and collaboration tools on a monthly basis.

Although the GDIT-led team, which also includes Dell Marketing and Minburn Technology Group, initially received the award in 2019, the department was forced to re-compete the contract following two bid protests by competitor Perspecta. The procurement battle resulted in the GSA and Pentagon giving the contract to GDIT at an estimated value of $4.4 billion — much lower than its originally projected $7.6 billion value.

The department can also purchase licenses for software products — including from Microsoft and other vendors, such as Oracle — using an Enterprise Software Agreement (ESA) contract vehicle, which is managed by the DOD ESI. Instead of buying individual licenses through DEOS, an ESA is used to purchase software via resellers in bulk and on an annual basis.

Arrington did not say how many Microsoft licenses are on the chopping block, but emphasized that the effort is geared toward “optimizing the licenses that we have.”

A reduction in E5 licenses would be yet another cut to the Pentagon’s IT enterprise prompted by the department’s work with DOGE. Along with reductions to its civilian workforce, the Defense Department has ordered several of its IT consulting contracts be cancelled and replaced by internally sourced services — an action also being taken by some of the military departments, as well as the DOD CIO.

“On an average day we would probably put out a contract for consulting on how to optimize or automate the RMF. We didn’t do that. We went internally. We did it ourselves, and we’re going to use our partners in the industry to help, because they would be the beneficiaries,” Arrington said, referring to her ongoing push to overhaul the Pentagon’s Risk Management Framework (RMF).

The office is also reviewing its contracts with systems integrators to ensure there are no duplicative efforts underway, as well as pushing for more use of commercial-off-the-shelf capabilities, she added.

Despite challenges that may come from DOGE-inspired cuts, Arrington said that she believes the work will help the Pentagon be on a “level playing field” moving forward.

“[The Defense Department] is as energized as I’ve ever seen it. But that doesn’t mean there’s no concern,” she said. “Change is hard, but it’s definitely needed.”

The post EXCLUSIVE: Pentagon CIO reviewing Microsoft 365 licenses as part of DOGE-related cuts appeared first on DefenseScoop.

DIU — a Silicon Valley-headquartered organization which has embedded personnel at Indo-Pacom and Eucom to help tackle some of the combatant commands’ tech-related challenges.

On Wednesday, DIU announced that Scale AI was awarded a prototype contract for the new Thunderforge capability, which will include the company’s agentic applications, Anduril’s Lattice software platform and Microsoft’s large language model technology.

“The Thunderforge technology solution will provide AI-assisted planning capabilities, decision support tools, and automated workflows, enabling military planners to navigate evolving operational environments. By leveraging advanced large language models (LLMs), AI-driven simulations, and interactive agent-based wargaming, Thunderforge will enhance how the U.S. military prepares for and executes operations,” the unit said in a release.

DIU issued a solicitation for the program last year via its commercial solutions opening contracting mechanism.

“The joint planning process is complex, time-consuming, and resource-intensive. Planners and other staff members must synthesize large amounts of information from diverse sources, consider multiple courses of action (COA), and produce detailed operational plans and orders – often under significant time pressure. As the operational environment becomes more complex and dynamic, there is a need to accelerate and enhance joint planning capabilities while maintaining rigor and human judgment,” the document stated.

In a statement Wednesday, Bryce Goodman, Thunderforge program lead and contractor with DIU, noted that current military planning processes rely on decades-old technology and methodologies.

The U.S. military wants new tech that can quickly ingest, process and summarize large volumes of information relevant to military planning; identify key insights, patterns and relationships; produce draft operations plans, concept plans and operations orders; and perform automated wargaming of courses of action and provide comparative analysis of advantages, disadvantages and risks.

“Our AI solutions will transform today’s military operating process and modernize American defense. Working together with DIU, Combatant Commands, and our industry partners, we will lead the Joint Force in integrating AI into operational decision-making. DIU’s enhanced speed will provide our nation’s military leaders with the greatest technological advantage,” Scale AI founder and CEO Alexandr Wang said in a statement.

According to DIU, initial deployments of the system to Indo-Pacom and Eucom are expected to support “mission-critical” planning activities such as campaign development, theater-wide resource allocation and strategic assessment.

If the tech meets expectations, plans call for scaling the Thunderforge capability across the U.S. military’s combatant commands in the future.

The post Combatant commands to get new generative AI tech for operational planning, wargaming appeared first on DefenseScoop.

IVAS has been one of the service’s highest-priority modernization initiatives, with Microsoft as the prime contractor. The system — which includes ruggedized headgear and software with night-vision, thermal-sensing and augmented reality capabilities, among others — was inspired by the company’s HoloLens 2 device. The Army aims to use the equipment for training and battlefield operations for dismounted troops. The program was projected to be worth as much as $21.9 billion if it reaches full fruition.

“Through this partnership agreement, and pending Department of Defense approval, Anduril will assume oversight of production, future development of hardware and software, and delivery timelines. This agreement also establishes Microsoft Azure as Anduril’s preferred hyperscale cloud for all workloads related to IVAS and Anduril AI technologies,” the companies said in a joint press release. “Anduril’s mission focus on innovation in defense technology, deep understanding of military requirements, and unique approach to manufacturing defense products will ensure future program development specifically tailored to the evolving needs of the Army as well as production at scale and at lower unit cost.”

The firms have already been teaming on IVAS. In September 2024, Anduril announced that its Lattice platform was being incorporated into the system. Lattice can be employed as a situational awareness tool that uses capabilities such as AI, computer vision, edge computing and sensor fusion to detect, track and classify objects of interest for users, according to a product description.

The Army has been rolling out different variants of IVAS to soldiers for experimentation and to get their feedback on the technology. The latest iteration developed by Microsoft is known as IVAS 1.2. Microsoft had already been making enhancements to IVAS equipment and software, some of which were prompted by soldier complaints about early versions.

The Army requested $255 million from Congress for fiscal 2025 to buy more IVAS systems — including 3,162 IVAS 1.2 heads-up-display platforms — as well as $98 million for research, development, test and evaluation related to the technology.

Anduril founder Palmer Luckey previously launched Oculus VR, the startup known for its commercial virtual reality headset which went on to be acquired by Facebook.

“For me, this announcement is deeply personal. Since my pre-Oculus days as a teenager who had the opportunity to do a tiny bit of work on the Army’s BRAVEMIND project, I’ve believed there would be a headset on every soldier long before there is a headset on every civilian. Given that America loses more troops in training than combat, the Squad Immersive Virtual Trainer (SiVT) side of IVAS alone has the potential to save more lives than practically anything else we can imagine building,” Luckey wrote in a blog — titled “Turning Soldiers into Superheroes” — published Tuesday.

Anduril is also building a variety of drones and other high-tech tools, such as “edge data integration services capabilities,” for the Pentagon. In December, it announced that it was forming an alliance with Palantir and a new “consortium” to merge AI capabilities for defense customers.

Meanwhile, Microsoft is touting its ability to deliver cloud capabilities to boost Anduril’s products.

“Microsoft’s advanced cloud infrastructure and AI capabilities will continue to provide a robust backbone for the [IVAS] program, enabling seamless data integration and real-time insights critical to soldier effectiveness. Artificial intelligence will be foundational to all technical innovations for national security missions, and the cloud is essential to successfully delivering AI whenever and wherever it is needed. Through this agreement, Anduril will establish Azure as its preferred hyperscale cloud to support its AI development. Azure, through its commercial, U.S. government and classified clouds, provides high resiliency, sophisticated capabilities, flexibility and advanced security, designed to meet the stringent compliance requirements of the nation’s most sensitive data,” the companies said in a release.

Microsoft is already a major cloud vendor for the Pentagon. It’s one of four companies  — along with Google, Oracle and Amazon Web Services — that were chosen to compete for task orders for the $9 billion enterprise Joint Warfighting Cloud Capability (JWCC) program.

It’s unclear if the DOD will approve the program handover that Microsoft and Anduril are proposing for IVAS.

The new partnership agreement comes at a critical time for the IVAS program. The plan was to transition it to a major capability acquisition pathway no later than October 2025.

However, Army officials are preparing to potentially recompete the IVAS  effort via an initiative known as IVAS Next.

Last month, the service released a request for information for IVAS Next, seeking information from vendors to determine their capabilities to act as a prime contractor in the development and manufacturing of the technology.

“This RFI does not constitute a Request for Proposal (RFP) or a promise to issue an RFP in the future,” officials noted.

Companies were asked to include information about the design and features of their IVAS Next solution.

“The narrative should cover Heads Up Display (HUD), body-worn compute, night vision capability, company-level communications network, and any software supporting services or systems (e.g., Cloud or Edge computing),” officials wrote.

Vendors were also asked to lay out a program management approach for their IVAS Next solution, including identifying teaming arrangements and key subcontractors and suppliers.

The Microsoft and Anduril announcement was released on the same day that the Army had scheduled a virtual industry day for IVAS Next.

“The purpose of this event is to inform interested companies of the IVAS Next requirements and acquisition path and to hold an open forum for discussion of IVAS Next capability requirements,” officials wrote in a special notice.

Last year, DefenseScoop asked Anduril officials if the company was considering competing as a prime contractor for IVAS Next.

“We’re closely following the developments around IVAS-next and are confident that the combined strengths of Anduril and Microsoft can deliver a solution that enhances both soldier survivability and lethality. We will continue to monitor IVAS-next, and as always, we are committed to positioning ourselves to do what’s best for the warfighter, staying true to our mission of delivering the most effective solutions,” an Anduril spokesperson said.

The post Microsoft plans to hand over reins of Army’s IVAS program to Anduril appeared first on DefenseScoop.

Microsoft announced Thursday it received authorization for 26 additional products in its top-secret cloud environment, meeting Intelligence Community Directive (ICD) 503 standards and allowing agencies — particularly those in the intelligence community and Defense Department — to use them for the government’s most classified information. Those added tools include Azure OpenAI Service — which provides Azure customers access to OpenAI’s generative AI large language models — and Azure Machine Learning, among others.

Douglas Phillips, Microsoft corporate vice president, wrote a blog post announcing the news that Azure OpenAI “allows agencies and authorized partners operating in Microsoft’s Azure Government Top Secret cloud to benefit from multimodal generative AI models, such as GPT-4o, while meeting the rigorous security and compliance requirements necessary for the nation’s most sensitive data. Authorized users can easily access and integrate Azure OpenAI Service and further ground it on their data for more specialized and accurate intelligence.”

GPT-4o is an OpenAI model that can be used for natural language understanding and processing, text summarization and classification, sentiment analysis, question answering, conversational agents and more. It is the foundational model that the popular commercial generative AI tool ChatGPT is built on.

The announcement comes after Azure OpenAI received FedRAMP High authorization last August. 

Last May, William Chappell, Microsoft’s chief technology officer for strategic missions and technologies, told DefenseScoop that the company  had deployed OpenAI’s GPT-4 to an isolated, air-gapped Azure Government Top Secret cloud for use by the Department of Defense for testing. However, the model wasn’t accredited for wider use at the time. The accreditation announced Thursday would now make that possible.

Chappell told DefenseScoop the availability of GPT-4 in the top-secret environment would help DOD officials deal with vast amounts of data.

It’s about “making sure you have the right information at the right time,” he said. “So whether it’s geospatial or any amount of data, we’re swimming in data, we’ve got sensors everywhere. How do you actually make sense of the information that is within your organization? Whether that’s proposals or all sorts of different types of paperwork that we all have to do — how do you simplify and how do you sort through that … data that’s mission focused or data that’s more back office and human resource-focused?”

The post OpenAI’s GPT-4o gets green light for top secret use in Microsoft’s Azure cloud appeared first on DefenseScoop.

IVAS has been one of the Army’s highest-priority modernization initiatives, with Microsoft as the prime contractor. The system — which includes ruggedized headgear and software with night-vision, thermal sensing and augmented reality capabilities, among others — was inspired by the company’s HoloLens 2 device. The service aims to use the equipment for both training and battlefield operations for dismounted troops. The program could be worth as much as $21.9 billion if it comes to full fruition.

On Thursday, Anduril announced that its Lattice solution has been incorporated into the system. Lattice can be employed as a situational awareness tool that uses capabilities such as AI, computer vision, edge computing and sensor fusion to detect, track and classify objects of interest for users, according to a product description.

“Soldiers wearing Lattice-enabled IVAS headsets are rapidly warned of incoming autonomously-detected airborne threats, enhancing survivability in complex, contested environments. The integration of Anduril’s systems, alongside third-party technologies, is set to propel the IVAS mission capabilities forward,” Anduril officials stated in a press release.

The Army has been rolling out different variants of IVAS to soldiers for experimentation and to get their feedback on the technology. The latest iteration developed by Microsoft is known as IVAS 1.2.

An Anduril spokesperson told DefenseScoop that that Lattice has been integrated with IVAS 1.1 and IVAS 1.2 systems.

“We are proud of the collaborative progress on this effort,” the spokesperson said.

In a statement, company co-founder Palmer Luckey said the project is his “top priority” at the organization, which is also working on other high-profile Pentagon initiatives such as the Air Force’s collaborative combat aircraft program and Replicator.

“It’s one of the Army’s most critical programs being fielded in the near future, with the goal of getting the right data to the right people at the right time,” he said about IVAS. “This is Anduril’s bread and butter, and we’ve been building the backbone for this for years.”

Before co-founding Anduril, Luckey launched Oculus VR, the startup known for its commercial virtual reality headset which went on to be acquired by Facebook.

Microsoft had already been making enhancements to IVAS equipment and software, some of which were prompted by soldier complaints about early versions.

“IVAS is more than the sum of its parts. Through integration across existing and new software and sensors, IVAS brings a full picture of the battlefield to every soldier, enabling safer and more effective operations. Our collaboration with Anduril to integrate their suite of critical sensors, along with their groundbreaking Lattice system into IVAS, demonstrates the transformative capability of this fighting goggle and will allow us to further expand the impact IVAS will have for every U.S. soldier,” Robin Seiler, Microsoft’s corporate vice president of mixed reality, said in a statement.

The Army requested $255 million from Congress for fiscal 2025 to buy more IVAS systems — including 3,162 IVAS 1.2 heads-up-display platforms — as well as $98 million for research, development, test and evaluation related to the technology.

The service’s R&D plans for this year included developing software for IVAS “that enables soldiers to intuitively relay reconnaissance intent to a team of autonomous sensors and quickly interpret feedback from the systems and make targeting decisions,” according to budget justification documents. For 2025, it aims to make improvements related to the heads-up-display design, thermal and low-light sensors, IVAS extensibility, form factor, reliability, reducing weight, and developing AI data integration and applications.

The plan was to transition IVAS to a major capability acquisition pathway no later than October 2025.

However, Army acquisition chief Doug Bush recently said the service hasn’t decided whether Microsoft will remain the prime contractor for the program as officials consider a potential next stage of the modernization effort, which some have dubbed “IVAS Next.”

“Haven’t determined that yet,” Bush told reporters during a roundtable earlier this month. “We are … working with [IVAS] 1.2 going through a series of evaluations to gain knowledge about whether it is good enough to go to production. So that’s the purpose of doing all that testing is to gain confidence and go, ‘Yes, this is ready to go to production and field to operational units.’ So that’s what we’re doing right now. The potential, though, for future competition is there because, you know, I think there’s so many companies in this space and there’s so much dynamic tech here, that we certainly need to preserve the option of having a competition in the future if other people come with good solutions. … The decision hasn’t been made yet to, for sure, go that route, but we’re setting conditions to where, if we decide to, we can.”

“In the meantime, Microsoft is doing a good job with its current contract. The evaluations are going broadly pretty well. But … we’re working with prototypes, we’re learning the good and the bad. So we’re still hoping to get there. I think the broad goal of bringing this kind of wearable tech in a military form factor to infantry units to make them more effective, is something everyone in the Army, almost everyone, agrees on. How do we get there is the issue — is this exact version of IVAS that version, or do we need another spin of development?” he said.

DefenseScoop asked Anduril officials if the company was considering competing as a prime contractor for IVAS Next.

“We’re closely following the developments around IVAS-next and are confident that the combined strengths of Anduril and Microsoft can deliver a solution that enhances both soldier survivability and lethality. We will continue to monitor IVAS-next, and as always, we are committed to positioning ourselves to do what’s best for the warfighter, staying true to our mission of delivering the most effective solutions,” an Anduril spokesperson said.

The post Anduril integrates AI tech into Army IVAS headsets appeared first on DefenseScoop.

In December 2022, the Pentagon awarded Google, Oracle, Amazon Web Services and Microsoft contracts spots on the $9 billion JWCC program — an effort that pivoted away from contracting a single vendor for the department’s first enterprise cloud capability under the Joint Enterprise Defense Infrastructure (JEDI), and instead sought a multi-vendor acquisition approach. 

Since then, the department has awarded over $1 billion worth of task orders to vendors on the program, DISA Director Lt. Gen. Robert Skinner said Wednesday. Speaking during a keynote speech at the annual Department of the Air Force Information Technology and Cyberpower conference, Skinner noted the agency is now looking at how to build upon the initial program for its next phase, dubbed JWCC 2.0.

“What I would offer is, what it’s going to bring is even faster commercial cloud capability, greater diversity — where we can hope that we can have even more cloud services providers — and potentially have an option of not having task orders competed,” Skinner said. He did not elaborate on how many additional vendors DISA is considering adding to the program.

Under the current contracting mechanism for JWCC, the four cloud service providers are able to bid on task orders from various Defense Department components. The contract vehicle allows the department to buy commercial cloud capabilities that best fit customers’ needs directly from the service providers.

Skinner noted that moving forward, future JWCC iterations could include both task order competitions as well as a potential indefinite delivery/indefinite quantity (IDIQ) contract vehicle as a way to provide “greater diversity and flexibility for the capability that we know we all need and are driving for.”

IDIQ contracts allow the Pentagon to purchase an unspecified amount of products or services under a specific timeframe, enabling the ability to place orders as needed up to a defined maximum amount specified in the initial contract.

DISA has not given a clear timeline on when the requirements for JWCC 2.0 will be released. Former DOD Chief Information Officer John Sherman previously told DefenseScoop that he directed his office to conduct an after-action review of the entire JWCC effort prior to his departure in June.

“While I’m a huge fan of it, I know it’s not perfect,” he said. “What can we do better for JWCC 2.0? Are there things we can put into place to make [software-as-a-service] offerings easier to manage?”

The post DISA mulls adding vendors, different contract types for JWCC 2.0 appeared first on DefenseScoop.

“DoD is aware of the reporting and personnel are monitoring our networks for possible impacts. For operational security reasons, we do not comment on the status of our network operations, information systems or operations to assess cyber threats,” a department spokesperson told DefenseScoop in an email.

U.S. Cyber Command gave DefenseScoop the same statement as the Office of the Secretary of Defense.

A software update from cybersecurity software company CrowdStrike has caused outages for thousands of Microsoft Windows users worldwide, with banks, airports, health care organizations and several other industry sectors reporting disruptions in operations as a result. CrowdStrike CEO George Kurtz posted a message on X on Friday that the outages were not the result of a cyberattack.

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” Kurtz wrote. “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

Several DOD components use Microsoft Windows products for cloud storage, cybersecurity and other administrative and IT services — including Microsoft 365, Power BI, Microsoft Defender for Endpoint and Microsoft’s Azure cloud. A company status page noted that Microsoft 365 admin center and Power BI may currently be impacted by the outage, and that Microsoft Defender for Endpoint and others have already recovered.

The Department of the Navy’s public affairs office noted that the DON “does not discuss the service’s networks” due to security reasons, but DefenseScoop has learned the Navy and Marine Corps are not reporting any interruptions to services at this time. Officials from the Department of the Air Force and the Department of the Army have not yet responded to DefenseScoop’s queries.

Separately, a Defense Health Agency spokesperson said the organization “does not utilize the affected software and no issues have been reported.” The Pentagon Inspector General’s Office and U.S. Transportation Command also reported no issues related to the CrowdStrike outage.

Speaking at the Aspen Security Forum on Friday, Chairman of the Joint Chiefs of Staff Gen. Charles “CQ” Brown said he’s been told there’s currently “no impact” on U.S. military operations.

“I was made aware of the situation on the airplane flying back to the United States [from an overseas trip]. For all reports I have right now, no impact on DOD operations. But I will also share with you, I mean this just gives you an indication of, you know, how important cybersecurity, how we use our software, how we use our tools is important and the things that we do, particularly in DOD to protect our capabilities to ensure that we can still protect the nation even when you have a — whether it’s a glitch or an attack — that we be best postured to be able to support,” he said.

“We all know how dependent we are all on cyber and the tools that it provides for us just to make our day-to-day lives easier. But when you have something like this, this should be a reminder to us of why it’s important to, you know, from a cybersecurity piece, not only at the governmental level but all the way down to your local homes, to protect ourselves and be best postured. Because, you know, I’m sure our adversaries are looking at this as a way to, I would say, put sand into gears if we’re trying to generate combat power to go to respond for — to a crisis anywhere around the world,” he added.

Mark Pomerleau and Jon Harper contributed to this story.

Updated on July 19, 2024, at 1:35 PM: This story has been updated to include comments from Gen. Charles “CQ” Brown.

The post DOD ‘monitoring’ networks in wake of CrowdStrike outage appeared first on DefenseScoop.

The summit, which kicks off Tuesday, is expected to include discussions and potentially major announcements about the road ahead for digital capabilities

Gen. Chris Badia, NATO’s deputy supreme allied commander transformation, noted that the transatlantic partners need to plan for warfighting in five domains — air, land, sea, space and cyber. However, cyber capability is “not at the level it should be,” he said at the FP Security Forum on Monday.

“You have to have dominance in three major steps. First of all, you need … information dominance. If you have information dominance, then you get into the decision dominance. And once you have that, then you have engagement dominance overall. So really, the first question is: What do you need for new technology when you go into information dominance? And then … it comes into space and it comes into cyber,” he said. “It’s assured access to space and it’s data security. This is what we are after, this is [where] you have to invest. And this is where we need to come closer a lot more and cooperate much more. So those are the systems we’re looking for.”

One way that NATO is trying to bolster its capabilities is through the Defense Innovation Accelerator for the North Atlantic (DIANA) initiative, which launched last year to help find and accelerate dual-use technologies that could address contemporary and emerging security challenges.

DIANA is currently accepting applications from startups and other organizations for its second cohort. One of the five “challenge areas” is data and information.

“One of the challenges last year and this year includes data security and interoperability because we want to get really sort of the bright engineers and scientists and entrepreneurs that can have ideas that they can put forward that have an impact, not only in defense and security but also the commercial area … These are areas that are just as important in the commercial realm for information security as it is for the military security. So the ideas that can come forward here, we need to not only be able to elicit it from the human capital across the NATO alliance but then to also be able to accelerate its development, accelerate the business itself so that we can get these solutions out into the market and out into use for NATO allies. So this is a very, very important area,” Barbara McQuiston, chair of the DIANA board of directors, said at the FP Security Forum.

Across the alliance, officials are looking for defensive cyber tools amid digital transformation, she noted.

“We’re more and more reliant on the data and on the capabilities that we need to have in the field and at the edge of where we operate. So this is something that is a large theme of all the activities, touches on NATO across the board, but being able to have the dual-use technology come in and very quickly play a role and very quickly be able to give you capabilities in the field, and also be able to accelerate these ideas as we need them to keep at the pace of change and adoption that’s needed for secure defense,” McQuiston said.

“In many ways, we’re looking at information security and interoperability across the alliance, and also looking at zero-trust systems and a lot of the security implications that defense and security think about when they’re putting things in the field and information in the field, with AI technologies, sort of making sure that we can have a robust system that’s defendable even with different and new attack surfaces,” she added.

Zero trust is a cybersecurity framework that assumes networks have already been penetrated by adversaries, and therefore organizations need tools to constantly monitor and authenticate users and their devices as they move through a network. The U.S. Defense Department is aiming to meet its own target levels for zero trust by the end of fiscal 2027.

Meanwhile, artificial intelligence-enabled cyberattack capabilities are a growing concern for NATO countries worried about defending their networks.

Tom Burt, corporate vice president for customer security and trust at Microsoft, said U.S. companies working on AI are keeping an eye on potential adversaries that might look to exploit these types of technologies.

Currently, nations such as Russia and China appear to be using AI more for their disinformation operations than network attacks, he suggested at Monday’s forum.

However, “in the longer run, we have to be very vigilant for what we’re seeing our adversaries do and be prepared to work with governments on how we respond to that, to minimize the risks,” Burt added.

In the future, AI technologies will likely provide more of an advantage to defenders than attackers when it comes to cyber, Burt said, noting the large amount of private sector investment going into artificial intelligence.

“I have this great confidence that in the intermediate term … that AI is going to provide cybersecurity defenders with an asymmetric advantage over our attackers. And there’s several reasons for that. The first reason is to do AI, you need the world’s best data scientists, and the private sector … we have that. The second thing is unbelievable financial resources. So Microsoft is committing more than $12 billion every quarter to building the data centers with the GPUs that we need around the world to both train and operate these AI models. And … our competitors are making similar investments,” he said. “It’s coming from companies that have great financial resources. When you think about that, and you think about the ability of the cybercrime syndicates or even most of the world’s governments, they can’t compete with the need to build those systems, which they require to be able to do the work that they’re going to want to do to counter the defenses we can build. So that gives us a significant advantage. And it takes the number of even governments that you have to be thoughtful about in this area down to a small number.”

A third factor is that large companies like Microsoft are already working with large data sets and receiving trillions of “signals” from end-user devices, cloud services and everything in between, Burt said.

“That is a unique data set that we can train defensive AI models against. And we’ve seen that be successful in Ukraine with our Defender for Endpoint, identifying Russian wiper malware and blocking it — not because we had a signature, not because we’d seen it before, because the algorithm said, ‘Wait, this code is up to no good.’ We’re going to be able to build more sophisticated algorithms that are going to look at that stream of data and see adversary activity before it impacts customers and block it. I’m confident that that’s going to be a capability. I know our teams are working on those capabilities now. And I’m confident that in that three-to-seven-year time frame, if we don’t create a significant asymmetric advantage, we won’t have done our job,” he said.

The post NATO looking to bolster data security as leaders gather in Washington appeared first on DefenseScoop.

During a presentation at DefenseTalks in May 2024, Wes Anderson, vice president, defense operating unit, at Microsoft Federal, not only highlighted AI’s far-reaching impact across sectors but also its implications for the Department of Defense (DOD).

“We all know this is a time of great power competition, one with unprecedented near-peer competitors that have the will, economic means and an industrial base to enable their ambitions,” said Anderson. “One of the questions I often get is, how can you help the DOD bring innovation to their mission, and how can you help us accelerate pace? An area where we’re seeing that potential is with AI.”

AI in action

A pivotal moment in AI’s advancement was the emergence of ChatGPT, which demonstrated AI’s capability to achieve mass adoption rapidly. While technologies like mobile phones took 16 years to reach 100 million users and the Internet took 7 years, ChatGPT achieved this milestone in just 60 days in January 2023. “This swift adoption highlights a significant leap from traditional AI to generative AI, powered by advanced foundational models trained on vast datasets using cloud-based supercomputers,” he said.

Anderson cited a collaboration between Microsoft’s Azure Quantum team and Pacific Northwest National Labs to reduce dependency on lithium by developing new battery materials. Traditionally, this process would take years, but with AI and cloud-based supercomputers, the team reduced 30 million candidate elements to one viable electrolyte in just two weeks. “This breakthrough illustrates AI’s potential to revolutionize research and development timelines across various fields, including the defense sector,” said Anderson. “Ultimately, these models can help us make informed decisions across massive amounts of disparate data and will benefit how the Defense Department does business and executes its mission.”

AI’s impact also extends to enhancing workforce efficiency. Anderson cited Microsoft and LinkedIn’s 2024 Work Trend Index Annual Report, which revealed that two-thirds of employees feel they lack the time or energy to complete their work, hindering innovation and strategic thinking. AI can alleviate this burden by automating routine tasks and enabling workers to focus on more critical, value-added activities. In the defense sector, Anderson said AI can help the U.S. address the shortage of people and skills to help defend the nation by enabling better decision-making and upskilling. 

Secure and ethical AI implementation

However, Anderson also acknowledged that the DOD faces unique challenges in adopting AI, particularly concerning data security. To address this, he discussed the deployment of GPT-4 within secure environments, ensuring that sensitive information remains protected while leveraging AI’s capabilities. “This approach exemplifies how AI can be integrated into critical operations without compromising security, thereby driving innovation and efficiency within the defense sector,” said Anderson.

In addition, ethical considerations are paramount when it comes to AI deployment within the DOD. Anderson stressed the need for responsible and ethical AI practices that align with the DOD’s guidance. “Implementing guardrails ensures AI is used in ways that are safe, fair, and beneficial to all stakeholders,” he said.

Adapting to an AI-driven future

Anderson also underscored the importance of cultural and organizational change alongside technological adoption. AI’s full potential can only be realized if the workforce adapts to new ways of working. “It’s not just about the technology. The technology can enable you to move really quickly, but it’s only going to be as quick as your workforce can move,” said Anderson. “So, you have to change the culture. You have to change how people work by bringing them along from the start and letting them get comfortable with AI.”

While AI holds transformative potential across industries and within the DOD, realizing its full benefits requires a balanced approach that integrates technology with cultural and ethical considerations and prioritizes both technological advancement and workforce adaptation.

Learn more about how Microsoft can help government organizations transform in the era of AI, sign up for news and updates at https://aka.ms/AIforGovUpdates.

This article was produced by Scoop News Group and sponsored by Microsoft.

The post How the DOD can harness AI for innovation and efficiency appeared first on DefenseScoop.