OMB Publishes Training Modules for Managing Federal Grants

View from Arch Street

The Office of Management and Budget (OMB) initially developed the Grants 101 Training for federal government employees, but now these eLearning materials are available free to the public.

This grants training is comprised of five modules, most of which contain multiple online lessons:

1 Laws, Regulations, and Guidance

2 Financial Assistance Mechanisms

3 Uniform Guidance Administrative Requirements

4 Cost Principles

5 Risk Management and Single Audit


View original post

NIST Releases Final Identity and Access Management Guide for Electric Utilities


The National Cybersecurity Center of Excellence (NCCoE) has released the final version of NIST Cybersecurity Practice Guide SP 1800-2, Identity and Access Management (IdAM).  This guidance helps provide electric utilities with a more secure and efficient way to manage access across their platforms.

The final guide goes beyond the traditional NIST standard document.  It is a detailed example of how an electric utility company can improve the security of its information technology and operational technology by creating a converged IdAM platform to provide a comprehensive view of all users and their access rights across the enterprise. This can reduce the risk of malicious or untrained people gaining unauthorized access to critical infrastructure components and interfering with their operation, thereby lowering overall business risk.

Arch Street is honored to have played a small role in the development of the guide as a member of the Energy Community of Interest which advised the NCCoE team on key elements of the IdAM guide.


The Dawn of a New Astronomy

Ice Cube
IceCube Neutrino Observatory — credit IceCube/NSF

Astronomers from the United States made a major discovery of the origin of cosmic rays made using a complex mix of high-tech instruments and observatories located around the globe including at the South Pole and in space.  This technique known as multi-messenger astronomy has the potential to unlock numerous mysteries of the galaxy and usher in a new era of science.

The lead observatory — the IceCube Neutrino Observatory — funded by the National Science Foundation and operated by the University of Wisconsin is a leading-edge detector that looks up through the earth to detect tiny neutrinos flowing through our planet and ourselves. It was conceived and built in the 1990’s when scientists theorized that neutrinos existed by were not yet detected. Tim Clancy of Arch Street helped advocate for IceCube funding as part of the NSF budget request and led delegations to the South Pole to inspect the construction of the experimental observatory.


Air Force to Focus on Business Acceleration, Incubation for Rapid Transition

The Air Force Research Lab is interested in incubator and accelerator programs that can help developers explore the potential military use of commercial technologies. AFRL Space Vehicles program manager, Air Force Captain Jacob Singleton noted in a recent interview that the lab currently works with accelerators that invest in space platforms while other AFRL directorates focus on other technology areas.

“Our strength is in bringing a new perspective to their product as a potential customer, letting them know what the Armed Forces needs and how they could adapt their product or service to make that happen,” he added.

Arch Street is pleased to work with NYSTEC which is an Air Force partner for commercialization and tech transfer through NYSTEC’s IgniteUNY initiative. We see greater interest in technology commercialization across all federal agencies and laboratories and look forward to expanding and extending the very successful IgniteU model to multiple federal research partners.




Cybersecurity and the States — What’s Working?

The New America Foundation has released a new report on U.S. cybersecurity efforts at the state-level. The report focuses on three key areas: responding to cyber incidents, protecting critical infrastructure, and supporting the development of a cyber workforce. One notable recommendation is a call for greater formalization and institutionalization of federal-state functions such as cyber information sharing. Such activities tend to succeed on personal relationships and connections but often decline when key individuals leave or change responsibilities.

Updating the NIST Risk Management Framework for Information Systems

The U.S. National Institutes of Standards and Technology (NIST) is taking public comments on its major risk management publication (SP 800-37) for information systems.  This document provides guidelines for applying the NIST Risk Management Framework (RMF) to information systems and organizations.

The RMF includes a disciplined, structured, and flexible process for organizational asset valuation; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring. It also includes activities to help prepare organizations to execute the RMF at the information system level. The RMF promotes the concept of near real-time risk management and ongoing system and common control authorization through the implementation of continuous monitoring processes; provides senior leaders and executives with the necessary information to make efficient, cost-effective, risk management decisions about the systems supporting their missions and business functions; and integrates security and privacy into the system development life cycle.  Use of the NIST RMF is mandated for federal information systems by the Federal Information Security Management Act (FISMA).

Comments are due by June 22nd.

Cybersecurity of DOD Critical Infrastructure Webinar, April 25th

The Cyber Security and Information Systems Information Analysis Center (CSIAC) will host a webinar on the cybersecurity of Department of Defense Critical Infrastructure on April 25 @ 12:00 pm EDT.

The presenter will be Dr. Paul Losiewicz, Senior Scientific Advisor at Quanterion Solutions Incorporated and the Cybersecurity and Information Systems Information Analysis Center (CSIAC).

The webinar will cover DoD policy concerns and current R&D efforts in the field of cybersecurity & critical infrastructure protection.  Topics will include Weasel Board being developed at Sandia National Laboratory, More Situational Awareness for Industrial Control Systems (MOSAICS), sponsored by PACOM and NORTHCOM, and recent policy concerns relating to cyber security and Utilities Privatization of Critical Infrastructure. This webinar will also report the results of a panel discussion from the DHS Joint Industrial Control Systems Working Group (JICSWG) meeting April 9-11 at Albuquerque NM.

To register please go to:  Cybersecurity of DoD Critical Infrastructure