Government IT News

FAA reauthorization would create NextGen czar UPDATED

David Perera — Thu, 02 Feb 2012 13:06:54 -0500

A four year, $63.6 billion Federal Aviation Administration authorization bill agreed to by a conference committee of House and Senate lawmakers would require creation of a Chief NextGen Officer. The bill would also authorize the agency to spend nearly $16 billion annually on the air traffic control modernization effort.

Already being dubbed the "NextGen czar," the officer will report to the FAA administrator, should Congress approve the bill and the president sign it. The bill is likely to gain approval on both fronts and could pass Congress as early as Feb. 3. The bill would end a series of short-term authorizations the agency has operated under since 2008. During a month-long period in mid-2011, the agency underwent a partial shutdown after Congress failed to approve another temporary extension.

The authorization bill also affirms the agency's decision to require ADS-B Out avionics on board most airplanes by 2020, and doesn't make the deadline 2015 as previous authorization had required. Language from an earlier version of the authorization bill making ADS-B In mandatory also is not included in the final, conference version. ADS-B is the backbone of NextGen, which seeks to largely replace radars with Global Positioning System-derived data for tracking aircraft positions.

The bill also requires the Transportation secretary to accelerate the integrating of unmanned aerial vehicles into national airspace by producing a plan within 270 days of the bill's passage into law. The plan would be incorporated into the NextGen implementation plan.

UPDATED Feb. 2, 3:00 p.m.: NextGen authorization figures added to story.

For more:
- download the FAA authorization conference bill (.pdf)
- download the conference committee's joint explanatory statement (.pdf)

FBI calls cyber attacks a top terror threat; HASC Chairman: Kill BRAC;

Molly Bernhart Walker — Thu, 02 Feb 2012 12:34:45 -0500

> HASC Chairman: Kill BRAC. Article (DoD Buzz)
> $638M contract to deliver Navy ships with common computing network. Article (NextGov)
> White House pushes Congress to fast track reorganization authority. Article (Federal Times)
> FBI calls cyber attacks a top terror threat. Article (InfoWeek)
> MyTSA mobile app expanding. Article (FedScoop)

And Finally... Inside the offices of LEGO. Article (Dezeen)

DHS authority would increase under Lungren cybersec bill

Molly Bernhart Walker — Thu, 02 Feb 2012 12:07:35 -0500

Cybersecurity legislation now moving through the House would increase the Homeland Security Department's authority to coordinate cybersecurity activities across government, identify risks and performance standards throughout the private sector, and establish a cyber-threat information sharing body.

Despite having the same bill number, H.R. 3674 (.pdf), and sponsor, the bill passed Feb. 1 by the House Homeland Security subcommittee on cybersecurity, infrastructure protection and security technologies was an amendment in the nature of a substitute offered by subcommittee chairman Rep. Dan Lungren (R-Calif.)--indicating significant changes from the December version. In addition, the subcommittee agreed to eight amendments before a unanimous voice vote on the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011, or the PRECISE Act.

Lungren's bill draws heavily from recommendations made by a cybersecurity task force, led by Mac Thornberry (R-Texas) in October 2011.

"We know voluntary guidelines simply have not worked," said bill co-sponsor Rep. Jim Langevin (D-R.I.) in a statement, adding that government must set "security guidelines and ensure they are followed" by federal agencies and critical infrastructure companies.

If passed in its current state, DHS will make a determination on what is and is not considered "critical infrastructure" that requires federal cybersecurity oversight. DHS's ability to enforce cybersecurity standards is unclear, however, as the bill would not allow DHS to penalize or fine critical infrastructure companies that do not follow it's guidance.

If approved in its current state, DHS would be required to stand up the National Information Sharing Organization, or NISO. This industry controlled, non-profit group would facilitate best practices, provide technical assistance, and information sharing across critical infrastructure and the federal government.

DHS would also establish a federally-run, online portal for existing groups to coordinate online training, best practices, and other cybersecurity integration efforts. DHS would have to coordinate a plan for using federal cyber assets for disaster response efforts.

Among the approved amendments to the rewritten version of H.R. 3674 is a requirement, proposed by Rep. Michael McCaul (R-Texas), that DHS report to Congress which foreign actors and terrorist groups pose the most significant cybersecurity threat to critical infrastructure. Another accepted amendment, from Rep. Patrick Meehan (R-Penn.), seeks to eliminate redundant requirements on agencies and critical infrastructure once reviewed against DHS-identified risks.

H.R. 3674, as amended during the Feb. 1 markup, will be sent to full committee.

"As for the process, after we report this bill out to the whole House it's a bit unclear," said to Kevin Gronberg, senior counsel to the House Committee on Homeland Security.

Cybersecurity-related bills from various committees could be passed separately off the floor and conferenced with the Senate bill, or they could be held in the house and combined for a broader bill, Gronberg said.

An adviser to Senate Majority Leader Harry Reid (D-Nev.) recently committed to bringing up cyber legislation early this year.

For more:
- download H.R. 3674 as introduced in subcommittee (.pdf)
- see the Langevin press release
- see a statement from the House Homeland Security Committee

EU official says identity management must be based on multiple biometrics

David Perera — Thu, 02 Feb 2012 10:33:20 -0500

Identity management in the European Union must be based on the collection of biometric information from individuals, said Frank Paul, head of unit for large scale IT systems and biometrics within the European Commission's directorate general of home affairs.

"We also believe that in an ideal world, you have to take 13," he added, referring to data collections of 10 fingerprints, two iris scans and one facial image. Paul spoke Feb. 1 during a panel of an identity management conference hosted by the Center for Strategic and International Studies in Washington, D.C.

A robust biometrics-based identity management system could replace identity cards, Paul added. "You might as well use the biometrics as your authentication. You don't need any token," he said.

The notion of a national identity card, particularly one containing biometric information, is politically contentious within the United States. When in 2006 the federal government began issuing passports with a chip containing digitized photos, a minor controversy arose. Paul, however, said the U.S. passport doesn't contain enough biometric information.

"You have digitized the information that has been around 100 years. You've digitized the biographic information on the data page and you've digitized the photo"--a level of information, Paul said, that "will not take us to the necessary level that we require."

A passport with more biometric data could permit automated border crossings, Paul added.

During the same panel, Ruth Annus, head of migration and border policy department within the Estonian ministry of the interior, said her country's national identity card does not contain biometric information.

A lost or stolen identity card could be used by a third party online, she said, if its owner also kept with it the two certificates the government also issues, a personal identification certificate and a digital signature certificate.

"If people act properly and at least don't keep together the PIN codes with the card, then the card is useless," she said. "Of course, it is one of the challenges to tell people not to keep your passwords or your PIN codes together with the certificate," she added.

For more:
- go to a CSIS webpage with archived recordings of the identity management conference

NIST releases NSTIC pilots solicitation

David Perera — Wed, 01 Feb 2012 23:45:37 -0500

Federal efforts to build an online identity ecosystem moved forward Feb. 1 with a National Institute of Standards and Technology call for proposals for five to eight pilot projects lasting up to 2 years.

NIST manages a program known as the National Strategy for Trusted Identities in Cyberspace, which seeks to create a new web-based authentication methodology. NSTIC envisions the creation of two types of intermediaries that together would verify the identity and eligibility of an Internet user wishing to conduct a secure transaction, such as accessing sensitive information. Identity providers would provide a credential, such as a downloadable certificate, verifying that a person is who he says he is, while attribute providers would store characteristic information about that individual--things such as age.

In a federal funding opportunity (.pdf), NIST says it has money enough to make pilot project cooperative agreement awards worth between $1.25 million and $2 million annually. Among the barriers that have prevented robust identity management solutions from taking root so far that NIST says the pilot projects will explore options to overcome is a lack of common standards for privacy protection and data re-use.

NIST also wants pilot projects to address matters such as interoperability standards, liability in case of identity system failure and usability.

"I certainly like smart cards and one-time passwords, but the reality is a lot of folks in the consumer market completely rejected them," said Jeremy Grant, NIST senior executive advisor for identity management, while speaking the same day at an event put on by the Center for Strategic and International Studies in Washington, D.C.

NSTIC, he said, is not an attempt to abolish privacy on the Internet.

"The government has no problem with dogs on the Internet. In fact, dogs on the Internet are often a great thing," he said.

Rather, NSTIC is meant to boost confidence in identity assertions when needed for sensitive transactions, Grant said.

Among the technologies NIST says it could fund are "identity exchange hubs that can quickly validate and process strong credentials" and solution that show interoperability between technologies such as smart cards, one-time passwords, or digital certificates.

Commercial and non-profit organizations, as well as state and local governments are eligible to submit proposals, the funding opportunity says. NIST plans to hold a proposer's conference on Feb. 15; proposals are due on March 7.

For more:
- download the NSTIC federal funding opportunity
- go to a NIST press release on release of the funding opportunity
- download the NSTIC strategy paper

Berry: Paper and pencil for now in retirement processing

David Perera — Wed, 01 Feb 2012 21:33:38 -0500

Retirement benefits processing at the Office of Personnel Management will remain paper-and-pencil bound "for the foreseeable future," OPM Director John Berry Feb. 1 while testifying before a Senate panel.

The agency unveiled a plan (.pdf) in mid-January to eliminate the claims backlog (currently 62,000) by July 2013 and to reduce by then the time it takes to process retirement claims to 60 days or less from the 156 days OPM says on average it takes today. The plan also calls for the agency to pursue "partial, progressive information technology improvements" rather than make a fifth attempt at modernizing all its legacy IT systems.

The agency's immediate priority is to hire additional staff to deal manually with claims, Berry said. He testified before the Senate Homeland Security and Governmental Affairs subcommittee on oversight of government management.

Staff numbers at the agency, Berry added, were reduced in anticipation of a modernization effort succeeding, and when the latest attempt failed in February 2011, OPM was left shorthanded.

"I just need the bodies back, get them trained, to get us through the next few years until we can get more IT solutions up and running," he said.

OPM faces much skepticism of its ability to modernize anything.

"The deficit in the IT management capability is very extreme at OPM," said Valerie Melvin, Government Accountability Office director of information management and human capital.

The backlog reduction plan does "not address how the agency intends to modify the many legacy systems" OPM has and the agency must actively work to address the IT management deficiencies that led to past failures, she said.

OPM Inspector General Patrick McFarland said retirement adjudication requires the use of 80 different IT systems that interface with approximately 400 external systems.

Berry, in response to a question, said a commercial-off-the-shelf-system is not a viable replacement for OPM's legacy systems. The last attempt, dubbed RetirEZ, was meant to be a COTS solution but personnel found that the federal retirement system has too many variations, he said.

"What they found was they could not modify the off the shelf system to accommodate all of these unique variables that existed in the federal process."

Berry also said some of the data used to calculate retirement pay arrives at OPM in paper form. "We're still managing thousands of--millions of--pieces of paper on an annual basis," he said.

For more:
- go to the hearing webpage (prepared testimonies and webcast available)

DARPA developing Terminator contact lenses; Documents lost as part of Energy.gov redesign;

Molly Bernhart Walker — Wed, 01 Feb 2012 14:05:26 -0500

> Gingrich: 'Grandiose' space plans are possible. Article (Florida Today)
> NATO networks vulnerable to cyber attack. Article (Danger Room)
> Rockefeller pushes for scaled-down rollout of new top level domains. Article (NextGov)
> Documents lost as part of Energy.gov redesign. Article (FCW)
> DARPA developing Terminator contact lenses. Article (GCN)

And Finally... First sign of the apocalypse? Embedded video

Clapper sounds alarm on cyber capabilities of Iran, China and Russia

David Perera — Wed, 01 Feb 2012 13:48:54 -0500

In unclassified testimony Jan. 31, top U.S. intelligence official James Clapper revealed little new but sounded alarm bells against an increasingly aggressive Iran and the cyber-intelligence capabilities of China and Russia.

"Iran's intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity," said Clapper in his prepared testimony before the Senate Select Committee on Intelligence. Clapper has served as director of national intelligence since August 2010.

Foreign intelligence services have perpetuated network operations that have gone undetected, Clapper also said, adding that the focus of network penetrations has broadened to include harder-to-reach classified networks.

Russia and China have gained a global reputation over the past decade for directly, or indirectly through in-country proxy hackers, conducting cyber espionage on a massive scale. "Russia and China are aggressive and successful purveyors of economic espionage against the United States," Clapper said. Chinese officials in particular have denied their government is involved in state-sponsored hacking and have also accused the United States of perpetuating it against them.

That last claim is contested by cyber expert James Andrew Lewis in a recent report from the Brussels-based think tank the Security & Defence Agenda.

"Our laws don't allow us to favor one company over another," he said, making a state-sponsored campaign of intellectual property theft unlikely.

"Secondly, until recently they didn't have much in the way of technology we would want to steal," he added.

During his testimony, Clapper also sounded a warning about the insider threat, stating that "trusted insiders using their access for malicious intent represent one of today's primary threats to U.S. classified networks."

Among the greatest of challenges facing the intelligence community in regard to cyber threats in the next two years are providing timely and actionable warnings that include attribution information and vulnerabilities associated with the information technology supply chain used within U.S. networks, Clapper added.

For more:
- download Clapper's prepared testimony (.pdf)
- download the new SDA report (.pdf)

Survey: Federal IT skeptical of cloud computing benefits

Molly Bernhart Walker — Wed, 01 Feb 2012 13:15:36 -0500

Seventy one percent of federal IT workers say pressure to rapidly adopt cloud-computing technology creates security risks for their organizations, according to a survey from Ponemon Institute, conducted in September 2011 and published Jan. 12 by SafeGov.org.

Given that only 61 percent of respondents said their agencies use FISMA to assess cloud providers, it's no surprise 54 percent expect their agency to experience a security breach within 12 months from an insecure cloud provider. Twenty percent of IT professionals say one of their cloud service providers already suffered a security breach in the past 12 months.

The survey is based on responses from 432 federal employees from 20 agencies that already use or expect to use cloud solutions within 12 months. Seventy-one percent are agency managers or executives, 51 percent work in IT-related jobs and 49 percent are non-IT workers.

According to federal IT respondents, cost savings and security aren't the most reason for moving to the cloud. Rather, 69 percent say "political mandate" is the most important reason for moving to the cloud, followed by cost savings, 35 percent; interoperability, 34 percent; improved efficiency, 31 percent; and increased security, 4 percent.

Even though cost-savings rank second in order of importance, federal IT workers aren't convinced agencies understand the true long-term cost of migrating on-premise applications and data to a cloud environment. Sixty-five percent say they were not confident in their agency's understanding of long-term cost, while only 8 percent are very confident in their understanding.

Respondents also don't expect much in the way of cost savings from cloud migration. Only 6 percent say they expect "significant cost savings," 21 percent expect "some cost savings" and 39 percent expect spending to remain neutral. Twenty-four percent actually say moving to a cloud-computing environment will increase costs somewhat and 10 percent expect costs to increase significantly.

The survey shows federal IT professionals as skeptical of cost savings and sensitive to the potential risks associated with cloud computing.

"To improve confidence, the lead federal agencies such as OMB and GSA should...provide greater transparency about cloud security and more credible data about the true cost of cloud services," wrote Ponemon Institute Founder Larry Ponemon and Peerstone Research Chief Executive Jeff Gould in a blog post.

Ponemon and Gould say leadership should also provide agencies with information on total cost of ownership--not just initial acquisition. TCO includes the "costs of migration, training, business process reengineering, customization, unplanned implementation delays, and the mitigation of unexpected security threats," they add.

For more:
- download the survey results (.pdf)
- see the blog post

White House standards memo sends strong signal, says Saunders

David Perera — Wed, 01 Feb 2012 11:21:23 -0500

A Jan. 17 White House memo on the importance of private sector involvement in standards-setting sends an important message to federal agencies and foreign governments, said Mary Saunders, director of the standards coordination office in the National Institute of Standards and Technology.

Senior executives of three White House Offices--the offices of Science And Technology Policy and Information And Regulatory Affairs, and the U.S. Trade Representative--signed the memo, which articulates principles for federal agencies to follow when developing standards.

Most standards developed and used in U.S. markets are created with little or no government involvement, the memo notes, and federal policy continues to be one of "reliance on private sector leadership, supplemented by federal government contributions to discrete standardization process," it adds.

Until the memo was signed, "we've never had out of the White House a strategic statement about the importance of standards to innovation, about the importance of the private sector-led system," Saunders said in an interview.

The federal government has taken a lead role in the development of standards for some industries in which there exists a national interest, including electronic health record systems and smart grid technologies. Standards-setting agencies within the federal government include the departments of Defense, Health and Human Services, the Food and Drug Administration and NIST itself.

The memo says agencies should ensure cooperation among each other, should clearly articulate priorities and ensure that the government has an exit strategy from the standards process development, said Saunders.

"That's a very important signal to set internationally, because we have other governments that take different approaches in this area, which we feel may stifle innovation," Saunders said.

The memo is the outcome of a 2010 NIST request for information soliciting feedback on federal standards-making practices. Respondents to the RFI brought up additional issues not dealt with in the memo, Saunders said, such as treatment of intellectual property, that could be the subject of follow up guidance.

For more:
- download the memo, M-12-08 (.pdf)
- go to standard.gov, which includes links to the 2010 RFI, comments received on it and policy recommendations produced in response to the comments

Panel: Even the best cyber legislation won't fix security problems

Molly Bernhart Walker — Wed, 01 Feb 2012 11:09:33 -0500

In 3 to 4 weeks, Senate Majority Leader Harry Reid (D-Nev.) plans to introduce cybersecurity legislation, but it won't truly fix anything--at most legislation will "raise the price of admission for the cyber battle," said Tommy Ross, Reid's senior intelligence and defense advisor.

"There's simply not going to be a technological solution that stops the most sophisticated foreign actors from successfully carrying out cyber attacks if they chose to do so," said Ross Jan. 17, while speaking at the State of the Net conference in Washington, D.C.

"The best we're going to do is put in place a system that [makes it harder and more expensive for a] less sophisticated actor," said Ross. And for more sophisticated actors, the United States will have to rely "on diplomacy, on deterrence, on intelligence and on other sorts of national policies that help us engage with foreign adversaries that might wish to carry out cyber attacks on that level," he said.

The cybersecurity conversation on the Hill has come a long way in the last year, said panelists. Most lawmakers now understand that passing a cyber bill won't signal completion and then they can be done with it, said Kevin Gronberg, senior counsel to the House Committee on Homeland Security. "This might as well be called the congressional work programs," Gronberg joked.

Ross agreed that legislation will have to be iterative and will rely heavily on the amendment process.

In addition to Reid's forthcoming proposal in the Senate, House committees are also working on legislation.

"The Lieberman-Collins bill [introduced in the previous Congress] was cut and pasted, introduced in the house and referred to nine different committees, which gives nine different chairman abilities to change or stop that bill completely. The speaker recognized this was a problem," said Gronberg.

A cybersecurity task force, led by Mac Thornberry (R-Texas) formulated cyber guidance and passed it along to committees in October 2011, asking each committee to draft legislation that applies to their area. On Feb. 1 the House Homeland Security subcommittee will mark up a draft, with a full committee having a markup shortly thereafter, said Gronberg.

"As for the process, after we report this bill out to the whole House it's a bit unclear," said Gronberg.

The bills could be passed separately off the floor and conferenced with the Senate bill. Or they could be held in the house and combined for a broader bill, Gronberg said.

The White House does agree with the House cybersecurity task force's recommendations to each committee "in concept," said Christopher Finan, director for cybersecurity legislation on the White House National Security Staff.

For more:
- watch an embedded video from the session

Agencies not sharing enough information, says Karen Evans

David Perera — Wed, 01 Feb 2012 09:43:45 -0500

Even by federal internal measures, information sharing remains a challenge, said Karen Evans, who occupied the position of federal chief information officer during most of the George W. Bush administration, while speaking Jan. 26 during a Washington, D.C. conference.

Reading aloud from the appendix of the Information Sharing Environment's 2011 annual report (.pdf) to Congress, Evans noted that a number of agencies have yet to create interconnection plans for sensitive but unclassified or controlled unclassified information in order to support the ISE.

"Here's one agency that has responded no. DoD--DoD has said ‘No, I do not have a plan to share the information,'" she said. Evans was on a panel during an all-day event hosted by the Center for Strategic and International Studies .

"Department of State--'No, I don't have a plan.' HHS--'No, I don't have a plan. NCTC reported, 'No, I do not have a plan to interconnect,'" she added.

The question of whether agencies participating in the ISE have a plan for sharing terrorism and homeland security information across SBU/CUI networks garner even fewer positive responses.

"DNI, no. DOE, no response. Okay, Department of State, no. HHS, no. NCTC, no," Evans said.

The performance metrics included in the report appendix, Evans noted, were developed in 2007. ISE efforts in suspicious activity reporting have been successful, she said, but added that long-standing issues in information sharing have yet to be resolved.

Among them are access control to information. WikiLeaks' posting of diplomatic cables, she said, was not a problem of information sharing, but one of making sure that information is shared among people who have the correct roles and responsibilities. Another is the congressional appropriations process.

"There are more and more requirements that come from Congress about doing things horizontally, yet we're still authorized, and we're still appropriated vertically."

Alex Joel, civil liberties protection officer within the Office of the Director of National Intelligence said that technology still remains a stumbling block--at least to the extent of the federal government being able to afford it.

"Whenever I ask for something from a technology perspective, I'm told, 'Gee, it's not in the budget,'" he said.

For more:
- go to a CSIS webpage with archived video, audio and a partial transcript of the all-day event
- download the 2011 annual ISE report to Congress (.pdf)

Aneesh Chopra to leave federal CTO post; ONC launches contests around EHR access;

Molly Bernhart Walker — Mon, 30 Jan 2012 13:40:50 -0500

> NASA launches multi-player Facebook game "Space Race Blastoff." Article (TheNextWeb)
> Aneesh Chopra to leave federal CTO post. Statement (White House)
> Obama to "hangout" on Google+ on Jan. 30. Article (O'Reilly Radar)
> ONC launches contests around EHR access. Article (ModernHealthcare)
> OPM introduces telework training tool. Article (NextGov)

And Finally... Apple uses fake products to ensure new employees can be trusted. Article (Gizmodo)

NARA, agencies revisit millions of pages to ensure proper declassification

Molly Bernhart Walker — Mon, 30 Jan 2012 13:06:27 -0500

In the 2 years since the National Archives and Records Administration created the National Declassification Center, 70 percent of its document backlog was assessed, but review efforts could slow or even miss the backlog-elimination deadline because agencies have to revisit millions of pages of documents.

The findings come from a bi-annual NDC report (.pdf) covering the reporting period from July 1, 2011 to Dec. 31, 2011.

NDC is concerned that some records in the backlog--including some already assessed prior to NDC's formation--lack the required Kyl-Lott review. The "Kyl-Lott Amendment" to the 2009 National Defense Authorization Act requires additional review for nuclear weapons-related restricted data and formerly restricted data prior to its declassification.

Now, NARA personnel are working with several agencies, including the State Department and Department of the Navy to conduct required page-level reviews.

"Agencies, including Army, DIA, USAF, NSA, CIA, JCS, and WHS, are willingly undertaking the RD/FRD page-level review not yet done in the records of other agencies that should have been done prior to the stand up of the NDC," according to the NARA review.

From mid-November 2011 to the end of the year, nearly 4 million pages were addressed using this inter-agency model, writes NARA.

Executive Order 13526, issued Dec. 29, 2009, stood up the NDC and instructs it to eliminate NARA's backlog of records currently accessioned but not fully-processed for public release by Dec. 31, 2013. At the time the backlog was 400 million-pages.

With the Kyl-Lott quality assurance review underway, report authors said more documents are being added to the backlog for review. NARA is unsure whether the once on-track backlog elimination effort will meet its Dec. 31, 2013 deadline.

For more:
- download the NARA report (.pdf)

Panetta: DoD cyber spending won't be cut

David Perera — Mon, 30 Jan 2012 12:49:47 -0500

Defense spending on cyber capabilities won't be subject to cuts as the Pentagon attempts to reduce its budget by $487 billion over the next decade, Defense Secretary Leon Panetta told reporters during a Jan. 26 press conference.

Cost cutting measures will include reducing by the end of fiscal 2017 active personnel in the Army down to 490,000 from 562,000 and the Marine Corps to 182,000 from 202,000, Panetta said, as well as the cancelation of some weapons systems.

However, cyber capabilities, special operations, ballistic missile defense, "the ability to project power in denied areas," and anti-weapons of mass destruction efforts will see their budget stay stable or grow, Panetta said.

The Pentagon will request $525 billion for its base budget during the coming fiscal year, Panetta said and $88.4 billion for overseas contingency operations--the latter being money that funds U.S. activities in Afghanistan and Iraq. Defense base funding is $531 billion in the current fiscal year, he added, and overseas contingency operations funding is $115 billion.

"The budget also seeks to retain the most flexible, versatile and technologically advanced platforms that we will need for the future. That involves unmanned systems, satellites, submarines, helicopters, aircraft carriers and fifth-generation aircraft," Panetta said.

For more:
- read a transcript of Panetta's Jan. 26 press conference