Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

Security

FBI Creates New Cyber Information Sharing Portal

July 30, 2013
By Robert K. Ackerman

The FBI has created an information sharing portal for cyber defense modeled on its Guardian counterterrorism portal. Known as iGuardian, the trusted portal represents a new FBI thrust to working more closely with industry on defeating cyberthreats. It is being piloted within the longtime InfraGard portal, according to an FBI cyber expert.

 

Security Measures Need to Raise the Cost of Operations for Hackers

July 30, 2013
By Robert K. Ackerman

Hackers need to pay a greater price for intrusions if network security is to be effective, said a former director of national intelligence. Adm. Dennis Blair, USN (Ret.), who also is a former commander of the U.S. Pacific Command, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the nation needs to raise the cost to the hacker without breaking the bank for the defender.

The admiral emphasized that he is not advocating the legalization of counter-cyber attacks—as much as the concept appeals to him. Instead, he called for legalization of “a myriad of nondestructive counter cyber attacks” that would raise the minimal cost to these hackers.

Some measures might involve empowering cyber operators to take action against hackers. Adm. Blair suggested establishing the cyber equivalent of private surveillance cameras with the ability to turn evidence over to the authorities, and maybe even creating the digital equivalent of a citizen’s arrest.

Other defensive measures could thwart cyber marauders. These might take the form of documents that self destruct when unauthorized users try to open them, for example, and the digital equivalent of indelible ink that is used for marking money.

The former head of the U.S. Pacific Command cited China as an example of a cyber adversary that should be impressed with the need for supporting cybersecurity rules and laws. “We need to put more penalties into the equation instead of relying on Chinese maturing,” he offered. “How many U.S. companies must go out of business, how many billions of dollars must be lost, before the Chinese realize it’s in their best interest to cooperate in cybersecurity?”

Senate to Bring Cyber Bill Mirroring House Effort

July 30, 2013
By Robert K. Ackerman

The U.S. Senate is moving on a cyber bill that is more in line with the approach being taken by the House, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum at the National Press Club in Washington, D.C., that this bill may be marked up by the Senate Commerce Committee this week. It would turn to standards established by the National Institute of Standards and Technology (NIST) for private sector guidelines.

Thornberry reflected on how the House passed four separate cyber bills a year ago, but they died in the Senate as that body pursued a single large bill. The congressman endorsed the House concept of legislating cybersecurity in “discrete, bite-size chunks” that reach across the relevant government committees and agencies.

The congressman called for greater cooperation between Congress and the White House, saying that this can produce a cyber policy that benefits the nation as a whole. The more the administration and Congress work together, the more their work becomes the policy of the nation rather than that of any particular administration, Republican or Democrat. “Only with this partnership can we have the solutions the country needs,” he declared.

Asymmetric Cyberwarfare Demands a New Information Assurance Approach

July 1, 2013
By Paul A. Strassmann

The planners of the Defense Department Joint Information Environment, or JIE, must specify the requirements that can cope with the surges in asymmetric cyberwarfare—now. Asymmetric warfare describes conflicts in which the resources of the two belligerents differ in terms of their weapons and organization. The opponents will attempt to exploit each other’s weaknesses.

To defend against asymmetric warfare requires the imposition of a unified intelligence that is applicable to all U.S. Army, Navy, Marine Corps and Air Force applications. Proceeding with comprehensive protective solutions is required prior to completing facility consolidations. Fixing applications before consolidating computer processing has become one of the primary requirements for safe cyber operations.

Proceeding with only enhancements of legacy operations will not be sufficient. For example, placing emphasis on data center consolidations without a simultaneous re-engineering of applications cannot deflect targeted cyber attacks.

Cyberwarfare has evolved over the past 40 years. Information security methods, which used to protect computer systems, now are inadequate. Thousands of unknown global cyber attackers examine millions of dispersed targets, but only hundreds of defenders protect tens of thousands of applications located in fixed positions. The disparity between many unknown attackers compared with a few known defenders has created a situation where asymmetric warfare is the prevalent condition under which system operations now take place.

Information Agency 
Changes Security Approach

July 1, 2013
By Robert K. Ackerman

The increasing use of readily available and inexpensive commercial technologies by the military is changing the way the Defense Information Systems Agency provides information assurance. As these technologies are integrated into the Defense Department information infrastructure, the agency is adjusting its approaches to providing security for its networks and the data that reside on them.

Future Is Bright for U.S. 
Information Assurance

July 1, 2013
By George I. Seffers

While many cybersecurity experts preach the gloom and doom of more advanced adversaries attacking U.S. networks, one government official contends that U.S. network defenders can meet the challenge. Training, education and technological improvements are showing dividends in a better-prepared cyber workforce.

Cyber Commander Calls for Consolidated Activities

June 12, 2013
By Robert K. Ackerman

In the midst of a raging controversy over widespread National Security Agency (NSA) monitoring, the head of the NSA and U.S. Cyber Command defends cyber surveillance efforts and calls for greater consolidation of cyber activities among diverse organizations.

Cyber, Security Focuses for Marine Forces Pacific

June 12, 2013
By Rita Boland

Cyberwarfare is a primary concern for the U.S. Marine Corps as it continues its rebalance toward the Asia-Pacific region. With the growing involvement of cyber in every operation along with specific concerns of virtual attacks from large nations in the region, emphasis on the new domain is becoming increasingly important.

The Bottom Line: Military Operational Paradigm Shifts

June 17, 2013
By Maryann Lawlor

Up until now, elected officials, in consultation with military and intelligence experts, have made strategic national decisions about the role of the United States in global security. But the current congressional budgeting approach is turning this procedure on its head: military leaders will tell the elected what they can accomplish with the appropriated resources.

Cyber Command Redefines the Art

June 1, 2013
By Robert K. Ackerman

The U.S. Cyber Command is developing a strategy that acknowledges the convergence of network systems by empowering a similar convergence of military disciplines to help place U.S. cyberspace operators on a level field with their malevolent counterparts. This strategy acknowledges that the structure of the cyberforce has not kept pace with technology developments. As all types of information management—networking, communications and data storage—became digitized, previously disparate disciplines assumed greater commonality. With more common aspects, these disciplines share similar vulnerabilities as well as potential solutions.

Pages

Subscribe to RSS - Security