Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars  Apps     EBooks
   AFCEA logo
 

Cyber

Military Evaluates Future Cyberforce

June 1, 2014
By Rita Boland

Cybersecurity remains a priority for the U.S. Defense Department, with officials protecting resources for it in the face of overall budget constraints. Guidance from the National Defense Authorization Act for Fiscal Year 2014 directs a mission analysis of cybercapabilities not only in the active military, but also across partners, to help forces maintain their edge in protecting the nation.

China and Russia Pose an Array of Dangers to the West

June 1, 2014
By Rita Boland

China and Russia represent two of the most robust, comprehensive concerns to worldwide stability. Almost every major geostrategic threat—cyber attack, nuclear weapons, ballistic missiles, capable military forces, political influence, economic power, sources of and high demand for energy—is resident in those two countries that often find themselves at odds with the United States and its allies.

Korean Cybersecurity Becomes a Joint Endeavor

June 1, 2014
By Robert K. Ackerman

A new facility for cybersecurity is allowing U.S. Forces Korea to coordinate efforts with other U.S. commands as well as Republic of Korea civilian government and military forces. The Joint Cyber Center serves as the focal point for increasing international cooperation between U.S. and Korean forces in their defensive measures against increasing cyber aggression from North Korea. It blends activities from the local J-2, J-3 and J-6 along with input from other forces worldwide.

The cyber center coordinates through its headquarters and partners with its counterparts at the U.S. Pacific Command (PACOM). Through PACOM, the center works with the U.S. Cyber Command (CYBERCOM). Any direction the center receives from CYBERCOM would come through PACOM.

Col. Karlton D. Johnson, USAF, is the U.S. Forces Korea J-6 and senior communicator for U.S. forces in Korea. He says what is unique about this cyber center is its partnership with the Republic of Korea. Col. Johnson notes that, in March and June of 2012, cyber attacks hit the Korean national infrastructure and its banking sector. U.S. forces viewed the threat across the board to ensure they were defended, and it coordinated with Korean partners through the Joint Cyber Center (JCC).

The colonel emphasizes that the two countries do not share locations at the cyber center. They “share what is shareable” through their bilateral cooperation protocols. Earlier this year, Korean and U.S. forces held the first bilateral cyber tabletop exercise, in which the U.S. Forces Korea J-6 served as the synchronizing agent with Korean government and military agencies.

Col. Johnson continues that he has “an outstanding working relationship” with the commander of the Korean cyber command as well as with the Korean Joint Chiefs of Staff J-6 and the Korean Ministry of National Defense. All are focused on broad cyberdefense because Korea has been on the front lines of cyber, he notes.

National Security Agency Program Fills Critical Cyber Skills Gaps

June 1, 2014
By George I. Seffers

The first graduates are emerging from centers of excellence for cyber operations that teach the in-depth computer science and engineering skills necessary to conduct network operations. The program better prepares graduates to defend networks and should reduce the on-the-job training needed for new hires, saving both time and money.

The National Security Agency (NSA) initiated the Centers of Academic Excellence-Cyber Operations (CAE-CO) program in 2012. Eight schools were designated centers of excellence in the first two years with another round of announcements expected in mid-June. Agency officials say they hope eventually to have a total of 20 to 25 schools on the list.

The effort is a deeply technical, interdisciplinary, higher education program firmly grounded in the computer science, computer engineering and electrical engineering disciplines. “We had noticed that a lot of graduates coming out of universities didn’t have quite the same skills that they’ve had in the past,” recalls Steve LaFountain, dean of the College of Cyber, National Cryptologic School, and the distinguished academic chair for information assurance and cyber, NSA. “Some of the skills needed in the cyber operations field, such as low-level programming, deep knowledge of networks and network protocols and understanding of operating systems internals, were starting to become less emphasized by academic programs.”

The change in school curricula is understandable because a lot of jobs today are focused on Web applications and mobile applications and require a different skill set than today’s cyber operations, he adds. “Instead of doing C programming, they’re now doing Java, Perl and Python programming. We decided to create this program and focus the requirements on the skills necessary for cyber operations,” LaFountain explains.

Book Review: Cybersecurity and Cyberwar

June 1, 2014
Reviewed by Bob Fonow

Cybersecurity and Cyberwar: What Everyone Needs to Know

By P.W. Singer and Allan Friedman Oxford University Press, January 2014 (Brookings)

Much is written today about cybersecurity, cyberwarfare and cyberstrategy. Now a new compendium, written by two Brookings Institution academics, offers a serious and intelligent discussion of these overlapping themes and what they the mean to politics and defense discourse in the United States.

Cybersecurity and Cyberwar builds on Washington’s situational awareness in a dynamic factor of modern conflict and the dangers inherent in a politically decentralized global Internet. The authors give due regard to the positive results of global networks, but this book is more concerned with the risk of confrontation. It is a desktop reference on subjects as wide-ranging as how the Internet works, the Stuxnet worm, advanced persistent threats to critical infrastructure, global finance dependence on security systems and the undeclared cyberwar between the United States and China.

These are complex issues, and the book reflects some of the confusion displayed by the many actors in Washington and other capitals. How and where do the National Security Agency (NSA), the Department of Homeland Security and the Defense Department fit into the puzzle? Where does China’s penchant for Internet protocol theft become espionage worthy of a systematic response, which now ranges from a gentle diplomatic nudge to the discussion of powerful cyber and conventional weapons? As the authors say, the doctrine behind this thinking is going to take a long time to develop. We are in a time much like the early nuclear era of the 1950s and early 1960s before the Cuban Missile Crisis—thinking that we understood escalation issues, but now alarmed by some of the older writing and casual statements on the subject.

Guest Blog: A Brief Look into the Cybersecurity Framework

April 23, 2014
By Matthew Smith

Whether a well-established company or one just getting started with cybersecurity risk management programs, those in the industry often can use a little help navigating the cumbersome and technical systems. This snapshot features pointers to clarify existing guidance and help organizations manage cybersecurity risk.

Budget Problems Impact Science and Technology Personnel as Much as Programs

April 21, 2014
By Sandra Jontz

Gadgets and gizmos are not the only things beset by the U.S. Defense Department’s continued battle with shrinking budget dollars. While some projects may be delayed, and others even derailed, the civilian work force “is now showing the early signs of stress,” Alan Shaffer, acting assistant defense secretary for research and engineering, recently warned Congress.

Furloughs, the government shutdown and sequestration, and decreasing budgets have an adverse impact on the 100,000 personnel that make up the Defense Department’s science and technology (S&T) work force.

“Combined with summer furloughs triggered by sequestration, FY13 presented unique challenges to a work force that had grown for the previous three years to meet the department’s increasing demand for technical and engineering talent to lead the development of increasingly sophisticated weapon systems,” spokeswoman Jennifer Elzea says.

Young workers leave the federal government for better-paying, and more stable, jobs in the civilian sector, and those who stay contribute to a faintly aging civilian work force.

“We saw a number of young scientists and engineers leave in 2013, early in their career. In conducting exit interviews, our laboratory directors reported that these young workers consistently cited travel and conference restrictions, as well as perceived instability of a long-term career, as motivating factors for their departure,” Elzea says.

The average age of scientists went from 45.6 years to 45.7 years, and for engineers from 43.2 years to 43.9 years. “Although the change seems minimal over the past two years, it reverses the trend over the past decade, when we had been driving the average age down,” she says.

Just How Important Is the Joint Information Environment (JIE)?

May 1, 2014
by Kent R. Schneider

Anyone following the progress of the Joint Information Environment (JIE) knows by now that it is not a program of record. No one will see large procurements to provide the JIE. It definitely is a framework: it defines standards and architectures for consistency across the defense environment. It defines a core environment and interfaces for the connection of networks and systems to the core. The JIE leverages initiatives to consolidate networks and data centers, to establish enterprise services and to implement transitional technologies such as cloud implementations, mobility, security solutions, big data and analytics, and the Internet of everything. It is a coordinating effort, using existing and planned programs, contracts and initiatives to provide a common operating environment rather than start with new acquisitions.

It is important to understand the JIE extends well beyond the boundaries of defense. It provides the path for better information sharing with other federal, state, local and tribal networks and systems. It is vital to achieving interoperability and ease of information sharing along with security with U.S. coalition partners.

Recently, I was in Europe attending AFCEA TechNet International and NATO C4ISR Industry Days, which are fully integrated in a single program. Key to this conference is AFCEA’s partnership with the NATO Communications and Information (NCI) Agency. An important element of this conference was reporting on the state of development of the Federated Mission Network (FMN), an evolution of the Afghan Mission Network (AMN), the information sharing environment created in Afghanistan to support the International Security Assistance Force (ISAF). The FMN is intended to institutionalize the AMN experience to provide an adaptable framework for information sharing in future NATO engagements, whether combat or humanitarian assistance.

Joint 
Information Environment 
Logs Successes, 
Faces Snags

May 1, 2014
By Robert K. Ackerman

The Defense Department drive toward its Joint Information Environment is picking up speed as it progresses toward its goal of assimilating military networks across the warfighting realm. Individual services are developing solutions, some of which are targeted for their own requirements, that are being applied to the overarching goal of linking the entire defense environment.

Early successes in Europe have advanced Joint Information Environment (JIE) efforts elsewhere, including the continental United States. Some activities have been accelerated as a result of lessons learned, and they have been implemented ahead of schedule in regions not slated to receive them for months or even years.

However, significant hurdles remain, and not all participants are equally supportive of the effort. Overcoming major cultural challenges may be the most difficult task facing JIE implementation. And, the omnipresent budget constraints facing the entire Defense Department may extend into the JIE, even though it is not officially a program of record.

Senior Defense Department leaders do not hesitate to emphasize the importance of the JIE to future military operations. David DeVries, deputy Defense Department chief information officer (CIO) for information enterprise, describes the JIE as a unifying effort to do “the largest wholesale information technology modernization in the history of the department.”

Lt. Gen. Ronnie D. Hawkins Jr., USAF, director, Defense Information Systems Agency (DISA), avows, “The next type of enterprise that our Defense Department will be postured to utilize in the next conflict—be it kinetic or nonkinetic—the JIE will be an integral part of that environment.”

Mitigating the Heartbleed Cyberthreat

April 14, 2014
By Rita Boland

The Department of Homeland Security (DHS) has released guidance to help citizens protect themselves from the recent Heartbleed cyberthreat. This bug makes websites that use OpenSSL vulnerable to attacks that could be used to obtain names, passwords and credit card numbers.

Pages

Subscribe to RSS - Cyber