Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

Networks

Cyber and Physical Protection Go Together

February 26, 2013
By George I. Seffers

Homeland Security Conference 2013 Show Daily, Day 1

All too often, cyber and physical protection are considered separately, when really they go hand-in-hand, according to experts speaking at the first day of the AFCEA Homeland Security Conference in Washington, D.C., February 26, 2013. The conference opened with a half-day of conversation about hackers, terrorists and natural disasters and addressed concerns involving both physical infrastructure and the cyber environment for all kinds of attacks, be they physical, virtual or even natural in origin.

Richard Puckett, chief security architect for GE, drove home the point that physical infrastructure, such as power plants, have a cyber component. “People want to be able to walk around a power plant with an iPad. They want to attach remotely to these systems, because it is an incredibly powerful and attractive tool. It’s very visceral to them,” he said. “What we’re concerned about as we see those increased patterns of connectedness is how to protect that.”

Puckett emphasized that the relationship between cybersecurity and physical infrastructure was a focus of government and military, noting that the term "cyber" means a lot of different things to different people and for the private sector was more connotative of personal and financial cybersecurity.

Paige Atkins, vice president of cyber and information technology research, Virginia Tech Applied Research Corporation, said that part of the problem is that cyber is a sometimes difficult concept. “Cyber is a little harder for us to understand and grasp because it is not as graphic," she said. "In my personal experience, the cyber-physical area is underappreciated and not fully understood.”

NIST Seeks Industry Information for Cybersecurity Framework

February 26, 2013
By George I. Seffers

The National Institute of Standards and Technology (NIST) released a request for information on Tuesday, February 26, for the cybersecurity framework demanded by the recent White House executive order.

Speaking on the cybersecurity panel at the AFCEA Homeland Security Conference in Washington, D.C., on Tuesday, Jeff Voas, a NIST computer scientist, said he received his first briefing on the executive order about a week ago and NIST already has begun putting together working groups. The request for information process should be concluded in about 45 days. “We’re only a week or two into this,” Voas said.

The panel included Darren Ash, deputy executive director for corporate management and chief information officer for the U.S. Nuclear Regulatory Commission, which regulates the civilian use of nuclear power. Ash said that most nuclear power plants in this country were built decades ago in an analog environment, whereas more recent applications to build nuclear facilities are grounded in a digital environment.

“We know that cyber is important. What we expected and required of these licensees was to establish their plans on how to address cyber,” Ash said. “What’s important is what we do with it.” Recent nuclear license requirements have been accepted, he reported, and just this fiscal year, the commission has begun to inspect the cybersecurity capabilities to ensure they are meeting the requirements.

Richard Puckett, chief security architect for GE, argued that the term “cyber” is too vague, meaning different things to different sectors. To private sector clients, for example, cyber refers to protection of credit card numbers and other personal information, whereas government and military customers are more concerned with the cyber activities of other nation states and the protection of critical infrastructure.

Experts Discuss Big Data Speed

February 15, 2013

A slow down in data transmission can be deadly in the military environment, where it can mean lost lives. In a white paper that compares available information transport technologies, experts from Aspera Incorporated tackle the topic of moving big data quickly over wide area networks.

Customs and Border Protection Agency Eyes the Cloud

February 1, 2013
By George I. Seffers

The U.S. agency responsible for customs and border protection has suffered from an unreliable infrastructure and network downtimes but already is seeing benefits from a fledgling move to cloud computing. Those benefits include greater reliability and efficiency and lower costs.

Customs and Border Protection’s (CBP’s) priorities include moving the agency to cloud computing and adopting greater use of mobile devices. The CBP Cloud Computing Environment (C3E) moves the agency away from a number of stovepipe platforms. “In the past, we’ve run about every kind of platform that’s out there. We are a large IBM mainframe legacy shop. We use a lot of AIX Unix and also Solaris Unix, so we’ve even got different flavors of Unix out there, and then obviously, big Windows farms,” reveals Charlie Armstrong, CBP chief information officer and assistant commissioner for the office of information and technology. “This new environment that we’re moving to collapses a lot of that down into a single environment and loses all of the mainframe, and it gets us out of building environments from scratch.”

Armstrong describes CBP as being in the early stages of its move to the cloud, but the agency already is seeing benefits, he says. He compares creating a computing environment to building cars. “Building an environment with yesterday’s approach was like going to the car dealership, buying all the parts and having to put the car together yourself. Now, what we’re trying to do is to buy a fully integrated product that allows us to stand up environments quicker and also improve performance,” he explains.

Researchers Organize to 
Share Data, Speed Innovation

February 1, 2013
By Max Cacas

To meet the challenge of implementing big data, a new international scientific organization is forming to facilitate the sharing of research data and speed the pace of innovation. The group, called the Research Data Alliance, will comprise some of the top computer experts from around the world, representing all scientific disciplines.

Managing the staggering and constantly growing amount of information that composes big data is essential to the future of innovation. The U.S. delegation to the alliance’s first plenary session, being held next month in Switzerland, is led by Francine Berman, a noted U.S. computer scientist, with backing from the National Science Foundation (NSF).

Meeting the challenges of how to harness big data is what makes organizing and starting the Research Data Alliance (RDA) so exciting, Berman says. “It has a very specific niche that is very complementary to a wide variety of activities. In the Research Data Alliance, what we’re aiming to do is create really tangible outcomes that drive data sharing, open access, research data sharing and exchange,” all of which, she adds, are vital to data-driven innovation in the academic, public and private sectors. The goal of the RDA is to build what she calls “coordinated pieces of infrastructure” that make it easier and more reasonable for people to share, exchange and discover data.

“It’s really hard to imagine forward innovation without getting a handle around the data issues,” emphasizes Berman, the U.S. leader of the RDA Council, who, along with colleagues from Australia and the European Union, is working to organize the alliance. Ross Wilkinson, executive director of the Australian National Data Service, and John Wood, secretary-general of the Association of Commonwealth Universities in London, are the other members of the council.

Joint Experimentation Enables Regional Cyber Protection

February 1, 2013
By Maj. Jose Gonzalez, USAF

Commanders wrestling with control of cyberspace elements now have a new tool to help them secure their corner of cyberspace in an operational setting. The Adaptive Network Defense of Command and Control concept of operations enables joint force commander control of key terrain in cyberspace, based on assessments at an operational tempo. To achieve a joint force command objective, network operators concentrate cybersecurity and monitoring of command and control systems to maintain the initiative against adversarial attacks and provide enhanced situational awareness.

This approach was developed by the Joint Cyber Operations Joint Test (JCO JT), under the auspices of the director, Operational Test and Evaluation. It developed and evaluated a concept of operations and tactics, techniques and procedures (TTP) to secure command and control (C2) systems with commercially available technologies.

The JCO JT tested the effectiveness of the Adaptive Network Defense of Command and Control (AND-C2) TTP for the Virtual Secure Enclave (VSE) TTP. The VSE TTP provides methods to establish and employ a community of interest virtual private network, with anomaly detection, for protection and defense of joint task force (JTF) C2 systems. The VSE TTP implements the AND-C2 concept of operations by using a virtual secure enclave for C2 protection.

The JCO JT employed a challenging test methodology for the VSE TTP. This methodology proved successful because of careful collaboration and deliberate planning. The JCO JT aligned testing with U.S. Pacific Command (PACOM) experimentation and a sister Joint Capability Technology Demonstration (JCTD) during a major theater exercise. Test planners closely coordinated with multiple red teams and created test conditions for quantitative analysis with statistical rigor.

Cyber, China Challenges Loom Large for U.S. Military

February 1, 2013
By Robert K. Ackerman

West 2013 Online Show Daily, Day 3

Quote of the Day: “Make no mistake: the PLAN is focused on war at sea and sinking an opposing fleet.”—Capt. Jim Fanell, USN, deputy chief of staff for intelligence and information operations, U.S. Pacific Fleet

Two separate issues, both on the rise, have become increasing concerns for U.S. military planners. The technology-oriented world of cyber and the geopolitical challenge of a growing Chinese military are dynamic issues that will be major focus points for the U.S. defense community in the foreseeable future.

Cyber security is becoming increasingly complex because of the plethora of new information technologies and capabilities entering the force. Security planners must strike a balance between effectively protecting these new information systems and imposing constraints that would wipe out most of the gains they offer.

China, the world’s rising economic power, is evolving into a military power with a reach that extends increasingly beyond its littoral waters. The U.S. strategic rebalance to the Asia-Pacific region is likely to enmesh U.S. military forces in local issues to a greater degree, and China’s steady growth in military strength will affect how international relations evolve in that vast region.

U.S. Navy Slows NGEN Award

January 31, 2013

The U.S. Navy now plans to award the Next Generation Enterprise Network (NGEN) contract(s) for transport and enterprise services in May rather than on February 12, as originally planned, service officials announced The delay is due to the complexities of the NGEN requirements and the need to complete a thorough review of the bids, Navy officials say. The continuing resolution and possibility of sequestration have not impacted the NGEN contract(s) award schedule; however, it is unclear how they might impact the NGEN award schedule in the future, officials add.

 

Many Issues Cloud the Future for the Military

January 31, 2013
By Robert K. Ackerman

 

 

 

U.S. Army Combines Key Acquisition Directorates

January 23, 2013
By George I. Seffers

Over the past month, the U.S. Army has consolidated two directorates in an effort to continue improving agile acquisition. Combining the offices is designed to allow more efficient and effective cooperation, enhance long-term planning capabilities and boost the service’s ability to acquire an overall system of systems.

The two directorates—System of Systems Engineering and System of Systems Integration—within the Office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology [ASA(ALT)] have been combined into the Systems of Systems Engineering and Integration Directorate. Heidi Shyu, the ASA(ALT), was briefed on the changes earlier this month.

Terry Edwards, who leads the new directorate, explains that under the previous organizational structure, no one was seeing the forest for the trees. “Unfortunately, these two processes weren’t connected optimally. The benefit first, for the Army, is the ability to look at a system of systems across the Army and to bring engineering and integration together,” Edwards says. “Nobody was looking at the system of systems.”

Additionally, he says, the former structure was too focused on the near-term. “The second benefit was to look at not just the near-term focused view of what we do for the Army, but also to look out at how we shape the Army’s architecture to be more capable but also more efficient in how we deliver that capability,” he says.

The ASA(ALT) officials have been developing long-term roadmaps toward the service’s future. “One thing Ms. Shyu has been doing is trying to establish this 30 year roadmap across all of our portfolios. One of the functions of our office will be to look across those portfolios and analyze how they align,” Edwards reveals.

Pages

Subscribe to RSS - Networks