June 6th Daily Policy Monitoring

JUN 6 - DoD: Defense Federal Acquisition Regulation Supplement (DFARS) Cyber Incident Reporting and Cloud Computing

• The Department of Defense (DoD) is announcing the proposed extension of a public information collection requirement and is seeking public comment on the provisions.
• The Defense Federal Acquisition Regulation Supplement (DFARS) provisions and clauses in question facilitate mandatory cyber incident reporting requirements in accordance with statutory regulations.
• The provisions and clauses cover Safeguarding Covered Defense Information and Cyber Incident Reporting, Compliance with Safeguarding Covered Defense Information Controls, Representation of Use of Cloud Computing, and Cloud Computing Services. 
• DoD is looking for comments on whether the proposed collection of information is necessary for the proper performance of the functions of DoD, the accuracy of DoD's estimate of the burden of the information collection, ways to enhance the quality and clarity of collected information, and ways to minimize the burden of information collection on respondents.
• DoD will consider all comments received by August 5, 2025.

JUN 5 - NSF: Predictive AI Model Could Help Forecast Neurodegenerative Diseases

• The National Science Foundation (NSF) is supporting a team of researchers at the University of Southern California who have developed an Artificial Intelligence (AI) system capable of generating a future Magnetic Resonance Image (MRI) of a person's brain from a single scan.
• The technology opens the door to identifying subtle changes that may signal the earliest stages of neurodegenerative diseases, potentially years before traditional diagnostic methods could detect them.
• The team combined advanced AI techniques, a 3D diffusion model and a ControlNet, which allow the system to take a baseline brain MRI as input and predict a realistic simulation of how the brain may look years later.
• The implications of the work are significant for early detection of Alzheimer's and other neurodegenerative diseases, significant reduction of health care costs, and improvement to the quality of life of patients and caregivers.
• Neurodegenerative diseases like Alzheimer's are a growing concern in the U.S., with over 7 million Americans living with Alzheimer's disease today. By 2060, that number is expected to grow, affecting nearly 13 million people.

JUN 4 - DoD: Service Leaders Talk Emerging Technologies at AI Expo

• Senior leaders from each military branch spoke about changing battefield technology and their service's current transformation efforts during the AI+ Expo this week in Washington.
• Leaders discussed how the Army needs to be more agile in procurement to keep up with the changing technological landscape.
• Air Force chief of staff David Allvin stated that the Air Force is planning human-machine teaming using both manned and unmanned aircraft, adding that assimilating AI into areas such as data fusion, predictive maintenance, and strategic decision-making are ways the service is experimenting with technology.
• Vice Adm. James Pitts, deputy chief of naval operations for warfighting requirements and capabilities, stated that the Navy established its disruptive capabilities office to develop and scale robotic and autonomous systems.
• Space Force Gen. B. Chance Saltzman, chief of space operations, stated that the Space Force plans to establish a futures command later this year to assess the potential operating environment over the next 12 to 15 years and identify how the U.S. can counter any emerging threats.

June 05th Daily Policy Monitoring

JUN 5 - GAO: Release of Recommendations for the DOE Chief Information Officer 

• The U.S. Government Accountability Office (GAO) published cybersecurity and IT management recommendations for the Department of Energy’s (DOE) Chief Information Officer (CIO).
• GAO oversees federal agency performance and issued this guidance to help the DOE strengthen its cybersecurity posture and IT investment effectiveness.
• The recommendations urge the DOE CIO to establish a full cybersecurity risk management strategy, implement government-mandated event logging, and improve visibility over software licensing and cloud asset management. These steps aim to address national cybersecurity vulnerabilities and optimize federal IT efficiency.
• From a cybersecurity compliance standpoint, GAO cites gaps in DOE's logging practices and SLA development, which risk nonalignment with Office of Management and Budget (OMB) policies and hinder DOE's ability to monitor threats to high-value cloud assets.
• The report states that DOE has nine open recommendations that call for the attention of the CIO. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation and (2) Improving IT Acquisitions and Management.

MAY 28 – House: Hearing at Stanford’s Hoover Institution on US Cybersecurity Posture

• The House Committee on Homeland Security hosted a hearing on May 28th entitled “Innovation Nation: Leveraging Technology to Secure Cyberspace and Streamline Compliance.”
• The hearing examined issues impacting the U.S. cybersecurity posture and solutions to address them, including around critical infrastructure resilience, technological innovation, and regulatory harmonization.
• Witnesses included former national security advisor Lt. Gen. H.R. McMaster; Wendi Whitmore, Chief Security Intelligence Officer of Palo Alto Networks; Jeanette Manfra, Global Director for Security and Compliance at Google Cloud; and Jack Cable, CEO and Co-Founder of Corridor.
• Jack Cable, CEO and Co-Founder of Corridor, highlighted the importance of Secure by Design explaining that, “Rather than placing the burden on end-users to take care of these problems, software manufacturers can build their products to be secure by design and thus raise costs on our adversaries. Secure by design software is our best hope to defend against PRC cyber threats.”
• Wendi Whitmore of Palo Alto Networks emphasized the Company’s commitment to cyber innovation, explaining that “innovation—with AI at its core—can disrupt the status quo of the cybersecurity industry simultaneously.” Whitmore also explained that Palo Alto Networks invested $1.8 billion in research and development in AI in the past year.

MAY 23 – Senate: Senators Introduce Legislation to Strengthen Federal Cybersecurity Measures that Implement Mandatory Vulnerability Disclosure Policies

• U.S. Senators Mark R. Warner (D-VA) and James Lankford (R-OK) introduced the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025, which aims to strengthen federal cybersecurity by ensuring that federal cyber contractors adhere to guidelines set forth by the National Institute of Standards and Technology (NIST).
• The Federal Contractor Cybersecurity Vulnerability Reduction Act also requires the Office of Management and Budget (OMB) to oversee updates to the Federal Acquisition Regulation (FAR) to ensure federal contractors implement a vulnerability disclosure policy consistent with what is already required by federal agencies.
• Vulnerability Disclosure Policies (VDP) provide a way for organizations to receive unsolicited reports of vulnerabilities within their software so that they can be patched before an attack takes place.
• Currently, civilian federal agencies are required to have VDP’s, however there is no requirement for federal contractors to have VDP’s for the information systems used in the fulfillment of their contracts. This legislation would require the implementation of VDPs among federal contractors and formalize actions to accept, assess, and manage vulnerability disclosure reports in order to help reduce known security vulnerabilities among federal contractors.

June 4th Daily Policy Monitoring

JUN 3 – Commerce: Statement on US AI Safety Institute

• The U.S. Department of Commerce Secretary announced plans to reform the agency formerly known as the U.S. AI Safety Institute into the Center for AI Standards and Innovation (CASI).
• CASI will serve as industry’s primary point of contact within the U.S. Government to facilitate testing and collaborative research related to harnessing and securing the potential of commercial AI systems.
• CASI will continue to operate within the National Institute of Standards and Technology (NIST) and regularly collaborate and coordinate with other organizations within NIST, including the Information Technology Laboratory, as well as other bureaus within the Department of Commerce, including the Bureau of Industry and Security.
• CASI will establish voluntary agreements with private sector AI developers and evaluators and lead unclassified evaluations of AI capabilities that may pose risks to national security with a focus on risks such as cybersecurity, biosecurity, and chemical weapons.
• CASI will also coordinate with other federal agencies and entities, including the Department of Defense, the Department of Energy, the Department of Homeland Security, the Office of Science and Technology Policy, and the Intelligence Community to develop evaluation methods, as well as conduct evaluations and assessments.

JUN 2 – DARPA: Ag x BTO Special Topic Available for Submission on ERIS Marketplace

• The Defense Advanced Research Projects Agency (DARPA) Biological Technologies Office (BTO) released a solicitation for ideas through a new initiative called Ag x BTO, which is aimed at developing new solutions that can protect our nation’s food security.
• The Ag x BTO Special Topic Area seeks solutions in five key areas, including: advances to early warning systems for chemical and biological threat surveillance and detection; rapid-response agricultural countermeasures to defend against threats; and massively accelerated and expanded crop protections for long-term threat defeat.
• Additional topics include integrated and comprehensive threat prediction modeling for agriculture systems and novel methods to assess the occurrence of human intervention and to attribute provenance.
• The submission process involves a video pitch, supplemental slides, and a submission form, all adhering to ERIS Marketplace guidelines.
• The topic area will be open for submissions through August 31, 2025.

JUN 2 – FDA: FDA Launches Agency-Wide AI Tool

• The U.S. Food and Drug Administration (FDA) launched a generative AI tool called Elsa, which is designed to help employees work more efficiently.
• Elsa is designed to aid in the reading, writing, and summarizing of internal FDA documents. The tool also summarizes adverse events to contribute to safety assessments, generates faster label comparisons, and creates code to develop databases for nonclinical applications.
• The FDA is using Elsa to accelerate clinical protocol reviews, shorten the time needed for scientific evaluations, and identify high-priority inspection targets.
• The large language model is hosted within a GovCloud environment to ensure the safety of the internal documents it can access.
• The tool was rolled out ahead of the originally planned June 30 rollout date.

June 3rd Daily Policy Monitoring

MAY 30 – GSA: White House Proposes $100M Annual Technology Modernization Fund Funding Model

• The US General Services Administration (GSA) published a new budget document, which focuses on streamlining federal operations, consolidating resources, and providing efficient, essential services that allow Government agencies to focus on their core mission.
• The FY 2026 budget request includes a new funding model for the Technology Modernization Fund (TMF) that could provide the fund with up to $100 million in funding per year.
• The TMF is run by the General Services Administration (GSA) and was created in 2017 under the Modernizing Government Technology (MGT) Act to provide money to Federal civilian agencies to undertake tech modernization projects.
• The TMF Program Management Office (PMO) obligations will come from American Rescue Plan Act funding until the end of FY 2025, and in FY 2026 the White House and GSA want PMO obligations to come from a new proposed funding model.
• The TMF currently manages more than $1.07 billion worth of systems upgrades and modernization projects totaling 69 investments across 34 Federal agencies.

MAY 30 – DHS: CISA Fiscal 2026 Budget Request Details Proposed Changes to Cybersecurity and Infrastructure Programs

• The Cybersecurity and Infrastructure Security Agency (CISA) released a fiscal 2026 budget request justification document, which includes cuts to specific cyber services and risk management activities.
• CISA requested $2.4 billion to fund its operations for fiscal 2026, representing a $495 million decrease from the prior year.
• The document highlights CISA plans to reduce staff in the upcoming fiscal year by 1,083 positions, shrinking the agency to 2,649 positions.
• The 2026 fiscal budget request also outlines plans to strengthen CISA’s Continuous Diagnostics Mitigation program.
• CISA is proposing to cut $70.4 million from risk management operations, a $14 million proposed cut to the Joint Cyber Defense Collaborative program, and a $30.8 million cut to vulnerability assessment efforts.

MAY 29 – OPM: Merit Hiring Plan

• The US Office of Personnel Management (OPM) released a governmentwide hiring plan that instructs agencies to hire employees more quickly, focusing on early career STEM talent.
• The Merit Hiring Plan was mandated by Executive Order 14170, Reforming the Federal Hiring Process and Restoring Merit to Government Service and directs agencies to hire Federal employees in under 80 days.
• Applicants will need to respond to several short essay questions during the recruitment process such as “How would you help advance the President’s Executive Orders and policy priorities in this role? Identify one or two relevant Executive Orders or policy initiatives that are significant to you and explain how you would help implement them if hired.”
• The plan also directs agencies to focus on recruiting qualified, early career talent by holding regular meetings with agency talent teams, the Federal chief information officer (CIO), the White House Office of Science and Technology Policy, cross-agency councils such as the CIO Council and Chief Data Officer Council. 
• Beginning on June 30 and continuing on the last business day of each month, each agency will need to prepare a report to updated OPM and the Office of Management and Budget on their implementation progress.

June 2nd Daily Policy Monitoring

MAY 29 – House: Hearing to Examine the Federal Government’s Artificial Intelligence Technology

• The House Committee on Oversight and Government Reform announced a hearing on “The Federal Government and the Age of Artificial Intelligence” on Thursday, June 5 at 10:00 AM ET.
• The hearing will explore the global landscape of artificial intelligence, focusing on the importance of the federal government deploying AI to drive efficiency, reduce fraud, and provide better customer service to American taxpayers.
• Members will also examine how outdated legacy information technology (IT) systems, a lack of AI literacy within the federal workforce, a cumbersome procurement process for new technologies, and poorly managed data have hindered government adoption of AI technology.
• Witnesses include Yll Bajraktari, President of the Special Competitive Studies Project; Bhavin Shar, Founder and CEO of Moveworks; Linda Miller, Founder and Chief Growth Officer or TrackLight; and Adam Thierer, Senior Research Fellow at R Street Institute.
• This hearing follows the President Trump’s Executive Order on Removing barriers to American Leadership in Artificial Intelligence, which focuses on AI innovation in the United States and aims to reduce barriers in the AI field to ensure America’s dominance on the international stage.

MAY 29 – FCC: FCC CSRIC IX Meeting

• The Federal Communications Commission (FCC) announced that the Communications Security, Reliability, and Interoperability Council IX (CSRIC IX) announced a meeting on June 12 at 1:00 PM ET.
• The CSRIC provides recommendations to the FCC regarding ways the FCC can help to ensure security, reliability, and interoperability of communications systems.
• At the meeting, two reports will be presented for deliberation and a vote. Working Group 1 will present a Report on Threats Posed by Artificial Intelligence/Machine Learning Systems to the security, Reliability and Integrity of Networks and Recommendations on How to Overcome Them. Working Group 2 will present a Report on Connecting Stalled 911 Calls Through Alternative Network Options.
• The third working group will make a presentation on their progress in addressing the task on Preparing for 6G Security and Reliability.