Cybersecurity

September 23, 2015
By Sandra Jontz

The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) awarded nearly $3.7 million for three pilot projects that seek to fortify online financial transactions and enhance privacy protections for health care, government services, transportation and the Internet of Things.

The studies, awarded by the agency's National Strategy for Trusted Identities in Cyberspace (NSTIC) office, address specific cyber-based missions such as reducing tax refund theft, ensuring better protections of medical information, devising mobile ticketing solutions for use on mass transit and providing secure online data storage, according the agency.

October 9, 2015

Barbaricum LLC, Washington, D.C. (FA8075-16-D-0011); Baum, Romstedt Technology Research Corp., Vienna, Virginia (FA8075-16-D-0012); Data Systems Analysts Inc., Fairfax, Virginia (FA8075-16-D-0013); Professional Project Services Inc.

October 8, 2015
By Bob Gourley
The iCub humanoid robot at IDSIA's robotics lab in Switzerland tries to reach for a blue cup.

Remember this scene from The Graduate?
Mr. McGuire: I just want to say one word to you. Just one word.
Benjamin: Yes, sir.
Mr. McGuire: Are you listening?
Benjamin: Yes, I am.
Mr. McGuire: Plastics.

Turns out, plastics was pretty hot. Great tip, Mr. McGuire. I wonder what, if anything, Benjamin did with that tip. More importantly, what is the one word for today?

I think I have it. The word is Cambric. Cambric the finely woven linen? No, CAMBRIC the finely woven acronym:

October 5, 2015
By Robert B. Dix Jr.

Most cyber practitioners and many users agree that assessing and managing the risk attributed to cybersecurity and critical infrastructure protection is a shared responsibility between and across a wide array of stakeholders—including government, industry, academia, the nonprofit community and individual citizens.

September 21, 2015
By Sandra Jontz

The U.S. government's effort to provide a common baseline of cybersecurity tools across civilian agencies now is available to 97 percent of the departments—a milestone hit after the Department of Homeland Security (DHS), through the General Services Administration, awarded three orders under the Continuous Diagnostics and Mitigation (CDM) program. The orders now bring the number of federal agencies using the tools and services to shore up cyber vulnerabilities to 17. 

The orders were awarded to Booz Allen Hamilton for $82 million, Northrop Grumman for $32 million and Hewlett Packard Enterprise Services for $21 million.

August 13, 2015
By Sandra Jontz
Marines conduct civil-military operations and collect, process, analyze and share information using software from a smartphone.

The Defense Department’s much-anticipated capability solution to access classified voice and email up to the secret level from mobile devices finally migrated from the pilot stage and now is operational within the department and several federal agencies, says Kimberly Rice, program manger for the Defense Information Systems Agency’s (DISA's) Mobility Program Management Office.

July 14, 2015
Maryann Lawlor

Everyone who believes that what was dubbed “The Great Technical Glitch of July 8” was incontrovertibly a mere coincidence and not a coordinated cyber attack, raise your hands. Before you shake your head and stop reading, consider this: The institutions those IT mishaps shut down represent the economy (New York Stock Exchange), transportation (United Airlines) and communications or freedom of speech (The Wall Street Journal). Not to go all X Files on you or propose conspiracies around every corner, but dismissing the possibility that it was more than mere chance isn’t so far-fetched.

July 1, 2015
By Lt. Gen. Robert M. Shea, USMC (Ret.)

The recent hack, reportedly by Chinese sources, of the personnel files belonging to current and past U.S. government employees puts a face on the cyberthreat affecting everyone today—about 4 million faces, if Office of Personnel Management assessments are correct. Yet this hack is just one example of the looming cyberthreat, and while it offers valuable lessons to be learned, it should not serve as the exclusive template for securing networks and data.

June 5, 2015
By Sandra Jontz

The significant federal government cyberbreach that let hackers swipe the personal data of more than 4 million current and former federal employees has all the trappings of a targeted nation-state attack aimed at gleaning critical information on federal workers; and current cyber protection methods might not be enough to prevent future attacks, one expert says.

Hackers breached computer systems of the Office of Personnel Management (OPM) in December, stealing data including Social Security numbers, job assignments, performance reviews, insurance details and training certificates. Officials detected the breach in April.

May 11, 2015
By Dr. Wesley Kaplow

We are passing rapidly from the information technology dark ages of less than seven decades ago to what I call the "Uncharted Territory Age." Combined, the two critical ages through which we currently are moving may yield the largest explosion of cyber risks yet. The first age is the well-known, and hyped, Internet of Things (IoT), or now Internet of Everything. The second is the big data age. Both may have a synergistic effect on the growing cyberthreat.

May 1, 2015
By George I. Seffers

U.S. Deputy Secretary of Commerce Bruce Andrews announced today he will lead a delegation of 20 American companies on a Cybersecurity Trade Mission to Bucharest, Romania, and Warsaw, Poland, May 11-15. Assistant Secretary for Industry and Analysis Marcus Jadotte also will participate in the mission.

The trade mission is designed to help U.S. companies launch or increase their business operations in Central and Southeast Europe, specifically connecting them with businesses and government leaders in Romania and Poland. It also will introduce or expand the market presence of U.S. cybersecurity companies.

April 28, 2015
By Maryann Lawlor

Although cybersecurity has been getting a lot of well-deserved attention lately, 90 percent of companies recently surveyed admit that their organizations have invested in a security technology that was ultimately discontinued or scrapped before or soon after deployment. The survey also revealed that the most important metrics are the least reliable. For example, although 70 percent of respondents said return on investment and total cost of ownership are critical metrics for investment and measurement of a technology’s economic benefits, the same number said it is difficult to calculate these metrics.

April 15, 2015
By Ed Bender

Government information technology administrators long have been trained to keep an eye out for the threats that come from outside their firewalls. But what if the greatest threats actually come from within?

April 1, 2015
By Sandra Jontz

New methods of teaching cybersecurity might be the best hope for providing the necessary security experts to turn the tide against malicious cybercriminals who have launched constant battles against vital networks. In purely quantitative terms, the number of available information technology security experts falls critically short of what is necessary, while the number of hackers and cyber adversaries grows larger.

March 26, 2015
By Sandra Jontz
An example of neutron imaging: On the left, lilies photographed through an open cask. On the right, a neutron imaging system used to photograph the lilies through the lead walls of the cask. This image demonstrates the power of neutrons to easily pass through otherwise impenetrable materials.

The notion of nefarious scientists re-engineering the genetics of living organisms to then weaponize their new specimens has some researchers jostling for the upper hand, including those at the U.S. Defense Department’s main research agency.

February 24, 2015
By Maryann Lawlor

The National Security Agency’s third annual Best Scientific Cybersecurity Paper competition is now open. Scientific papers must have been published during 2014.

The papers will be judged on scientific merit and the the strength and significance of the work reported. In addition, the paper must exemplify the performance and reporting of cybersecurity scientific research.

February 20, 2015

Northrop Grumman Space Mission Systems Corp., San Diego, has been awarded a $6,926,501 modification (P00094) to previously awarded contract FA8726-09-C-0010 for risk management framework. Contractor will meet cybersecurity requirements using the new Risk Management Framework. Work will be performed in San Diego, and is expected to be complete by June 22, 2015. This award is the result of a sole-source acquisition. Fiscal year 2015-operations and maintenance funds in the amount of $6,926,501 are being obligated at the time of award. The Air Force Life Cycle Management Center, Hanscom Air Force Base, Massachusetts, is the contracting activity.

 

February 20, 2015
By Sandra Jontz
A cyber Joint Users Interoperability Communications Exercise, or JUICE, takes place at Aberdeen Proving Ground, Maryland.

As cybersecurity defenses improve, so do the breaching tactics and methods by adversaries driven to hack into commercial and government networks. And they are doing so at alarming speeds.

“The threat that I see currently from our adversaries of organized crime groups, terrorist organizations and nation-states is increasing at an unbelievably fast pace,” Shawn Henry, president and chief security officer of the cyberthreat tracking company CrowdStrike Services, told a gathering at AFCEA’s Emerging Professionals in Intelligence Committee (EPIC) speaker series.

February 11, 2015
By Sandra Jontz

The White House this week announced that it is creating a federal agency to keep tabs on and counter cybersecurity threats against the United States. The Cyber Threat Intelligence Integration Center will be the clearinghouse for collaborative offensive and defensive work performed by the FBI, the National Security Agency and the Department of Homeland Security.

February 9, 2015
By Sandra Jontz
Pat Hickey, an engineer with Galois Incorporated in Portland, Oregon, prepares to fly a mini drone with software rewritten to make it invulnerable to hackers. It is part of the DARPA-funded High-Assurance Cyber Military Systems. By Sandra Jontz

In case you missed it, CBS’s newsmagazine "60 Minutes" this weekend featured a segment with Dan Kaufman, director of the Information Innovation Office (I2O) for the Defense Advanced Research Projects Agency (DARPA), who talked about the office’s efforts to outsmart hackers, sex traffickers and those seeking to do harm to the United States.

Pages