Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

Security

Cyber Commander Calls for Consolidated Activities

June 12, 2013
By Robert K. Ackerman

In the midst of a raging controversy over widespread National Security Agency (NSA) monitoring, the head of the NSA and U.S. Cyber Command defends cyber surveillance efforts and calls for greater consolidation of cyber activities among diverse organizations.

Cyber, Security Focuses for Marine Forces Pacific

June 12, 2013
By Rita Boland

Cyberwarfare is a primary concern for the U.S. Marine Corps as it continues its rebalance toward the Asia-Pacific region. With the growing involvement of cyber in every operation along with specific concerns of virtual attacks from large nations in the region, emphasis on the new domain is becoming increasingly important.

The Bottom Line: Military Operational Paradigm Shifts

June 17, 2013
By Maryann Lawlor

Up until now, elected officials, in consultation with military and intelligence experts, have made strategic national decisions about the role of the United States in global security. But the current congressional budgeting approach is turning this procedure on its head: military leaders will tell the elected what they can accomplish with the appropriated resources.

Cyber Command Redefines the Art

June 1, 2013
By Robert K. Ackerman

The U.S. Cyber Command is developing a strategy that acknowledges the convergence of network systems by empowering a similar convergence of military disciplines to help place U.S. cyberspace operators on a level field with their malevolent counterparts. This strategy acknowledges that the structure of the cyberforce has not kept pace with technology developments. As all types of information management—networking, communications and data storage—became digitized, previously disparate disciplines assumed greater commonality. With more common aspects, these disciplines share similar vulnerabilities as well as potential solutions.

DISA to Spend Summer Exploring Security in the Cloud

May 24, 2013
By Max Cacas

A hand-picked group of Defense Department’s top information technology experts will work with a giant in the cloud computing industry to determine how security will play a part on the military’s migration to the cloud.

NIST Releases Latest Catalog of Security and Privacy Controls for Federal Systems

May 3, 2013
by Max Cacas

A government-wide task force led by NIST is out with the latest catalog of security and privacy controls for federal information systems, including some new thinking when it comes to addressing insider threats that go beyond technology.

Cloud Industry Group Issues Mobile Computing Guidelines

March 1, 2013
By Max Cacas

When it comes to popular smartphones and tablets, security can be a many-layered and necessary endeavor

The growing use of advanced mobile devices, coupled with the increase in wireless broadband speed, is fueling demand by employees to bring their own devices to the job. This situation has opened a new set of security challenges for information technology staff, especially when it comes to the use of apps.

As the popularity and capability of mobile devices expands, standards are necessary to ensure that personal devices can function securely on enterprise networks. To address this need, the Cloud Security Alliance (CSA) organized its Mobile Working Group last year. The group recently released guidance to members on how enterprise administrators can successfully integrate smartphones and tablets into their work environment. The CSA is a not-for-profit organization of industry representatives focused on information assurance in the cloud computing industry.

Cyber and Physical Protection are Intrinsically Linked

February 28, 2013
By George I. Seffers

The recently signed executive order on cybersecurity and the presidential directive on critical infrastructure protection are not separate documents. In fact, they are part of the same overall effort to protect the nation, said Rand Beers, undersecretary for the National Protection and Programs Directorate, U.S. Department of Homeland Security. Beers discussed the effort on Thursday at the AFCEA Homeland Security Conference in Washington, D.C.

The two documents are “part and parcel of a whole of government and whole of society concept. The executive order is focused on cybersecurity, but the presidential policy directive takes the cybersecurity element and places it within the broader context of critical infrastructure protection in the sense that cyber and physical critical infrastructure are linked to one another,” Beers said. He added that a cyber attack that shuts down the electric grid could shut off access to water and to communications, which could affect the economy. “I’m not here to suggest cyber Armageddon is about to happen, but we have enough of a warning to understand that concerns about cybersecurity are not being overhyped.”

Beers revealed that the government is working to identify critical cyber nodes within the country, just as it has inventoried physical facilities that make up the nation’s critical infrastructure.

He added that the administration would still like Congress to pass cyber legislation. “We would still very much prefer legislation. We need to incentivize the private sector to take on the needed best practices,” Beers said. He suggested that legislation should include a safe harbor element providing liability protection to those in the private sector who adopt best practices but still suffer outages during a catastrophic event.

Chinese and Iranian Cyberthreat Growing

February 27, 2013
By George I. Seffers

Gen. Michael Hayden, USAF (Ret.), former director of the CIA, indicated an astounding extent of Chinese cyber espionage and said he believes the Iranians are attacking U.S. banks with unsophisticated but pervasive cyber attacks.

Regarding the Chinese, Gen. Hayden said he believes the government solution to cyber espionage should be economic rather than cyber. “We have cyber espionage coming at us, and they’re bleeding us white. The reason the Chinese are doing this is economic. I think the government response should be economic. We can punish China in the economic sphere,” Gen. Hayden told the audience at the AFCEA Homeland Security Conference in Washington, D.C., on Wednesday.

He added that some believe we cannot punish China economically because the Chinese own too much U.S. debt. Gen. Hayden indicated he disagrees.

The general also said the U.S. engages in cyber thievery as well, but he indicated that it is more for security reasons than economic reasons. “We steal other people’s stuff, too. And we’re better at it. We’re number one. But we self-limit—we and a small number of other countries around the world, all of whom speak English,” Gen. Hayden said.

Regarding the Iranians, Gen. Hayden said the number of attacks on the U.S. banking industry has ballooned. “My sense is that we’ve seen a real surge in Iranian cyber attacks. The Iranians have committed distributed denial of service attacks against American banks. I’ve talked to folks in the game here, and they’ve reported to me there’s nothing sophisticated about the attacks, but they say they’ve never seen them on this scale,” Gen. Hayden revealed.

Cyber and Physical Protection Go Together

February 26, 2013
By George I. Seffers

Homeland Security Conference 2013 Show Daily, Day 1

All too often, cyber and physical protection are considered separately, when really they go hand-in-hand, according to experts speaking at the first day of the AFCEA Homeland Security Conference in Washington, D.C., February 26, 2013. The conference opened with a half-day of conversation about hackers, terrorists and natural disasters and addressed concerns involving both physical infrastructure and the cyber environment for all kinds of attacks, be they physical, virtual or even natural in origin.

Richard Puckett, chief security architect for GE, drove home the point that physical infrastructure, such as power plants, have a cyber component. “People want to be able to walk around a power plant with an iPad. They want to attach remotely to these systems, because it is an incredibly powerful and attractive tool. It’s very visceral to them,” he said. “What we’re concerned about as we see those increased patterns of connectedness is how to protect that.”

Puckett emphasized that the relationship between cybersecurity and physical infrastructure was a focus of government and military, noting that the term "cyber" means a lot of different things to different people and for the private sector was more connotative of personal and financial cybersecurity.

Paige Atkins, vice president of cyber and information technology research, Virginia Tech Applied Research Corporation, said that part of the problem is that cyber is a sometimes difficult concept. “Cyber is a little harder for us to understand and grasp because it is not as graphic," she said. "In my personal experience, the cyber-physical area is underappreciated and not fully understood.”

Pages

Subscribe to RSS - Security