Welcome to the February Edition of The Edge
As security threats continue to evolve, so must strategies, technologies, and policies designed to protect critical assets. This month, we explored key developments across cybersecurity, defense, and infrastructure, starting with the Cybersecurity and Infrastructure Security Agency (CISA) Budget Increase, which reinforces national security efforts through expanded investments in cyber defense and infrastructure protection. In defense, we examine The Iron Dome for America—a new initiative aimed at enhancing missile defense capabilities in response to global threats.
Artificial intelligence remains a dominant force in security discussions, with our coverage of AI and Its Impact on Cybersecurity Regulatory Developments detailing the increasing need for governance and risk mitigation. In healthcare, we break down the Proposed Revisions to the HIPAA Security Rule, a significant overhaul aimed at strengthening protections for sensitive medical data.
Additionally, we highlight the Executive Order on AI Data Centers, a move to bolster the nation’s AI capabilities, and take an in-depth look at Tyndall Air Force Base and the “Installation of the Future” Program, where cutting-edge technology is redefining military security and infrastructure resilience.
Stay informed, stay secure, and stay ahead with The Edge.
The now approved 2025 Homeland Security Appropriations bill allocates $2.93 billion for CISA, approximately $100 million more than the agency’s current budget. This increase underscores the critical role CISA plays in defending civilian agency networks and coordinating critical infrastructure security and resilience.
Key Allocations:
1. Cybersecurity Initiatives:
-
- Continuous Diagnostics and Mitigation (CDM) Program: Allocated $469.8 million, the CDM program aims to strengthen the security posture of federal government networks by providing real-time monitoring and risk management capabilities.
- Joint Collaborative Environment (JCE): With a budget of $394.1 million, the JCE facilitates centralized cyber threat information sharing among federal, state, local, tribal, territorial (SLTT), and private sector stakeholders, enhancing collective defense mechanisms.
2. Infrastructure Security:
-
- National Risk Management Center: Receiving $139.6 million, this center provides infrastructure consequence analysis and decision support, aiding in the identification and mitigation of risks to critical infrastructure.
3. Emergency Communications:
-
- Interoperability Initiatives: An allocation of $130.3 million is designated to ensure interoperable emergency communications, providing assistance to SLTT stakeholders and maintaining priority telecommunications services.
4. Stakeholder Engagement and Risk Management:
-
- Integrated Operations: With $254.9 million, this funding supports CISA’s field teams in their efforts to collaborate with various stakeholders to enhance infrastructure resilience.
- Stakeholder Engagement and Requirements: Allocated $98.4 million, this initiative aims to improve coordination and cross-sector risk management across all critical infrastructure sectors.
Alignment with CISA’s Strategic Objectives:
The increased funding aligns with CISA’s strategic goals outlined in its 2023-2025 Strategic Plan, which includes:
- Cyber Defense: Enhancing the security and resilience of federal systems and critical infrastructure against cyber threats.
- Risk Reduction and Resilience: Identifying and mitigating risks to strengthen the nation’s critical infrastructure.
- Operational Collaboration: Fostering partnerships and information sharing among government entities and the private sector.
- Agency Unification: Integrating functions and capabilities to operate as a cohesive agency.
Potential Impacts:
The budget increase is expected to bolster CISA’s capacity to:
- Enhance Cybersecurity Posture: Improved monitoring and mitigation strategies will lead to a more robust defense against cyber threats targeting federal and critical infrastructure systems.
- Strengthen Infrastructure Resilience: Focused investments in risk management will aid in safeguarding essential services and assets from both physical and cyber threats.
- Improve Emergency Response: Enhanced emergency communication systems will ensure more effective coordination during crises, thereby reducing response times and potential impacts.
- Foster Collaborative Efforts: Increased funding for stakeholder engagement will promote a unified approach to national security, leveraging the strengths of various partners across sectors.
The FY 2025 budget augmentation for CISA is poised to significantly advance the agency’s mission to protect the nation’s critical infrastructure through enhanced cybersecurity measures, improved infrastructure resilience, and strengthened collaborative efforts.
“The Iron Dome for America”
On January 27, 2025, President Donald Trump signed an executive order titled “The Iron Dome for America,” initiating the development of a next-generation missile defense shield for the United States. This initiative draws inspiration from Israel’s Iron Dome system, renowned for intercepting short-range rockets and artillery. This initiative echoes President Ronald Reagan’s 1983 Strategic Defense Initiative (SDI), commonly known as “Star Wars,” which sought to develop a space-based missile defense system. While SDI faced technical and political challenges, advancements in technology may now render such a defense system more feasible.
Key Objectives of the Executive Order:
- Comprehensive Defense: The directive aims to protect the U.S. against a spectrum of threats, including ballistic, hypersonic, and advanced cruise missiles, as well as other aerial attacks.
- Technological Advancements: The order emphasizes accelerating the development and deployment of various technologies, such as:
-
- Hypersonic and Ballistic Tracking Space Sensor Layers
- Proliferated space-based interceptors
- Proliferated Warfighter Space Architecture
- Non-kinetic missile defense capabilities
- Underlayer and terminal-phase intercept capabilities
- Supply Chain Security: Ensuring the security of supply chains for all components of the proposed defense system is a priority.
- International Collaboration: The order calls for a review to enhance missile defense cooperation with allies, focusing on technology development, capability enhancement, and operational integration.
Implementation Timeline:
The executive order mandates that Defense Secretary Pete Hegseth submit an implementation plan within 60 days, detailing the design, architecture, requirements, and deployment strategy for the missile defense shield.
Challenges and Considerations:
- Technical Feasibility: Developing a missile defense system capable of protecting the entire U.S. from diverse threats poses significant technical challenges.
- Cost Implications: The financial investment required for research, development, deployment, and maintenance of such an extensive system is substantial.
- Strategic Stability: The deployment of an advanced missile defense system may influence global strategic stability, potentially affecting arms control agreements and international relations.
President Trump’s executive order represents a significant policy shift toward enhancing national missile defense capabilities, aiming to protect the U.S. from evolving aerial threats through advanced technological solutions.
The cybersecurity landscape is undergoing significant regulatory transformations, particularly concerning artificial intelligence (AI). Organizations must navigate these changes to maintain compliance and robust security postures.
Regulatory Developments in AI and Cybersecurity
In October 2023, President Joe Biden issued the “Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence,” addressing AI’s integration into critical infrastructure and emphasizing AI-enhanced cybersecurity measures. The order mandates rigorous testing and evaluation of AI systems to ensure safety and security, underscoring the importance of protecting critical infrastructure from AI-related threats.
The Cybersecurity and Infrastructure Security Agency (CISA) has developed a Roadmap for Artificial Intelligence, aligned with the national AI strategy. This roadmap aims to promote beneficial uses of AI to enhance cybersecurity capabilities, ensure AI systems are protected from cyber-based threats, and deter the malicious use of AI capabilities that could threaten critical infrastructure.
The National Association of State Chief Information Officers (NASCIO) has identified AI and cybersecurity as top federal advocacy priorities. This highlights the pressing need for policies that address the intersection of AI and cybersecurity, ensuring that state-level implementations align with federal guidelines and effectively manage emerging risks.
Case Study: DeepSeek AI
The emergence of DeepSeek, a Chinese AI startup, has raised significant security concerns. DeepSeek’s AI application has been reported to collect and store U.S. user data on servers located in China, prompting national security apprehensions similar to those previously associated with TikTok. Since its launch on January 15, 2025, DeepSeek has been downloaded over 2 million times. Experts warn that, unlike other chatbots that store data locally, DeepSeek poses significant risks due to its data handling practices. Members of the U.S. military have been cautioned against using DeepSeek due to potential security threats. Additionally, the chatbot exhibits signs of censorship, avoiding topics sensitive to the Chinese government. These concerns have led some legislators to advocate for stricter controls on critical technologies and question whether the U.S. is losing its competitive edge in AI to China.
Furthermore, DeepSeek has reported experiencing large-scale cyberattacks, which have disrupted its services. The company has claimed that these attacks are malicious and have significantly impacted its operations.
Implications for Organizations
The DeepSeek incident underscores the critical importance of due diligence when integrating third-party AI solutions. Organizations must assess the data handling practices and security measures of AI providers to mitigate potential risks. This includes understanding where and how data is stored, ensuring compliance with relevant regulations, and being aware of any geopolitical factors that may influence data security.
As AI technologies evolve, so too do the associated cyber threats. Regulatory bodies are increasingly focusing on establishing frameworks to govern AI deployment, emphasizing the need for robust cybersecurity measures. Organizations should proactively engage with these developments, adapting their security strategies to address AI-specific risks and ensure compliance with emerging regulations.
Staying informed about regulatory changes and understanding the security implications of AI technologies are essential steps for organizations aiming to maintain resilience in an increasingly complex cybersecurity landscape.
(Healthcare) Proposed Revisions to the HIPAA Security Rule
On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking (NPRM) to amend the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This proposal aims to enhance cybersecurity measures for electronic protected health information (ePHI) in response to the increasing frequency and sophistication of cyberattacks targeting the healthcare sector.
Key Proposed Modifications:
1. Elimination of “Addressable” Implementation Specifications:
- The current Security Rule differentiates between “required” and “addressable” implementation specifications, allowing entities some flexibility in how they achieve compliance. The proposed rule seeks to remove this distinction, making all specifications mandatory.
2. Mandatory Multifactor Authentication (MFA):
- Entities would be required to implement MFA for accessing ePHI, adding an extra layer of security beyond traditional password-based authentication.
3. Enhanced Data Encryption:
- The proposal mandates encryption of ePHI both at rest and in transit, ensuring that data remains secure and unreadable to unauthorized individuals even if intercepted or accessed improperly.
4. Regular Risk Assessments:
- Covered entities and business associates would be required to conduct comprehensive risk analyses to identify potential vulnerabilities in their systems and implement appropriate measures to mitigate identified risks.
5. Development of Incident Response Plans:
- The proposed rule emphasizes the need for entities to establish and maintain robust incident response plans to effectively address and manage security breaches involving ePHI.
6. Annual Security Reviews:
- Entities would be required to perform annual reviews of their security measures to ensure ongoing compliance and to adapt to evolving cybersecurity threats.
Rationale Behind the Proposed Changes:
The OCR cites a significant increase in cyberattacks within the healthcare sector as a primary motivator for these proposed modifications. Between 2018 and 2023, reports of large breaches resulting from hacking and ransomware attacks increased by 102%, with the number of individuals affected rising by 1,002%. These statistics underscore the urgent need for strengthened cybersecurity measures to protect sensitive health information.
Public Comment Period:
Stakeholders, including healthcare providers, business associates, and the general public, are encouraged to review and comment on the proposed rule. The comment period is open until March 7, 2025. Feedback received during this time will be considered before finalizing the rule.
You can submit any comments here: federalregister.gov
These proposed changes represent the most significant overhaul of the HIPAA Security Rule in over a decade, reflecting the evolving landscape of cybersecurity threats and the necessity for more robust protections of electronic health information.
In the final days of his administration, on January 14, 2025, President Joe Biden issued Executive Order 14141, titled “Advancing United States Leadership in Artificial Intelligence Infrastructure.” This directive is aimed at expediting the development of large-scale artificial intelligence (AI) data centers on federal lands to bolster the nation’s AI capabilities and maintain competitiveness, particularly against countries like China.
Key Provisions of Executive Order 14141:
- Leasing Federal Lands: The order authorized the Departments of Defense and Energy to lease federal sites to private sector entities for the construction of AI data centers. These centers are intended to support advanced AI operations and are to be powered by new, clean energy sources to address the substantial power requirements of such facilities.
- Public-Private Collaboration: The initiative encouraged collaboration between federal agencies and private companies to accelerate the establishment of AI infrastructure, emphasizing the need for rapid development to maintain the United States’ leadership in AI technology.
Subsequent Developments Under the Trump Administration:
Upon assuming office, President Donald Trump initiated a review of existing executive orders related to AI. On January 20, 2025, he revoked a 2023 executive order signed by President Biden that sought to mitigate risks associated with AI, citing concerns that it imposed unnecessary burdens on innovation.
However, President Trump’s administration has indicated support for the development of AI infrastructure. Reports suggest that the Trump administration is considering maintaining or modifying aspects of Executive Order 14141 to align with its policy objectives, particularly those that promote private sector involvement and reduce regulatory constraints.
In summary, while the original executive order aimed to strengthen the nation’s AI infrastructure through federal support and public-private partnerships, the current administration is reviewing these initiatives to ensure they align with its emphasis on deregulation and private sector leadership in technological advancement.
Tyndall Air Force Base and the “Installation of the Future” Program
Rising security costs and the introduction of the DNP Efficiency Bulletin (SEC040) prompted the Salem-Hope Creek Nuclear Generating Station to reevaluate its defensive strategies. To address these challenges, the facility turned to a cutting-edge solution: leveraging the PEP model alongside quantitative security evaluations powered by modeling and simulation software.
In October 2018, Tyndall Air Force Base in Florida suffered catastrophic damage from Hurricane Michael, a Category 5 storm that devastated infrastructure and facilities. In response, the U.S. Air Force initiated the “Installation of the Future” program, aiming to rebuild Tyndall as a state-of-the-art, resilient base incorporating advanced technologies to enhance operational capabilities and security.
Rapid Design and Evaluation:
As part of this initiative, Tyndall AFB partnered with ARES Security Corporation to deploy AVERT Physical Security (PS) software, enabling rapid analysis of security designs and capability assessments. This advanced platform provides granular insights into security measures, evaluating the effectiveness of stacked security deployments as well as individual sensors, systems, guard posts, and response routes. AVERT PS facilitates the development of targeted mitigation strategies by identifying vulnerabilities with precision. Through simulations of potential threats—ranging from terrorist attacks to natural disasters—the software validates security procurements or modifications before implementation, ensuring resources are allocated efficiently while maintaining robust protection. By leveraging AVERT PS to optimize security infrastructure, Tyndall AFB not only accelerated its rebuilding process but also set a benchmark for future military installations to swiftly evaluate and integrate advanced security technologies.
Deployment of Ghost Robotics Q-UGVs:
A key component of the enhanced security measures at Tyndall is the deployment of “robotic dogs,” or Q-UGVs developed by Ghost Robotics. These semi-autonomous robots are equipped with up to 14 sensors, providing 360-degree awareness, and are capable of operating in extreme temperatures ranging from -40 to 131 degrees Fahrenheit. They feature advanced mobility modes, including a crouch mode for lowering their center of gravity and a high-step mode for navigating challenging terrains. The Q-UGVs are designed to patrol remote or hazardous areas of the base, thereby enhancing situational awareness and force protection while allowing human defenders to focus on other critical tasks.
Enhanced Security Operations:
The AVERT Digital Twin used for security design and assessments also facilitated the seamless integration of advanced pathing and extensive site knowledge for the Ghost Robotics’ Q-UGVs. The 325th Security Forces Squadron conducted a perimeter security exercise utilizing AVERT MPO which involved deploying multiple robotic dogs to patrol the flightline perimeter, with AVERT MPO serving as the remote command and control node. This integration provided a comprehensive operational picture, allowing for swift decision-making and effective threat response. The integration of AVERT MPO with Ghost Robotics’ Q-UGVs represents a significant advancement in base security operations. The AVERT MPO platform provides a common operational picture, integrating intelligent sensors from the Q-UGVs and unmanned aerial systems (UAS). This setup enables operators to control numerous robotic sentries, update missions in real-time, monitor sensor feeds, and coordinate responses effectively. During the exercise, the system successfully detected simulated intrusions, allowing security forces to respond promptly and efficiently.
Through the “Installation of the Future” initiative, Tyndall Air Force Base is setting a new standard for military installations by incorporating cutting-edge technologies to enhance security, resilience, and operational efficiency.
A collection of recent articles from The ARES Blog highlighting key advancements, insights, and trends in security and defense.
