Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

Cyber

A New -INT Looms for Social Media

October 1, 2013
By Robert K. Ackerman

The Arab Spring, which rose from street-level dissent to form a mass movement, might not have come as a surprise to intelligence agencies if only they had been able to read the tea leaves of social media. The characteristics of social media that differentiate it from other messaging media are compelling intelligence officials to change the way they derive valuable information from it. As a result, experts are calling for the creation of a new discipline that represents a separate branch of intelligence activity.

The type of information found on social media is far different from that intercepted via any other type of messaging media. It is pushed by its sender out to large numbers of people. It often consists of information about individuals that is not readily available elsewhere. And, it can represent an indication of groupthink that is not discernible from traditional intercepts.

Sir David Omand is a visiting professor, Department of War Studies, King’s College, London. He is a former U.K. intelligence and security coordinator and the former director of the U.K. Government Communications Headquarters (GCHQ), which provides both signals intelligence (SIGINT) and information assurance as one of the United Kingdom’s three intelligence agencies.

“This is more than a shift from one kind of communications medium to another,” Omand declares. He points out that SIGINT experts have accommodated the shift from copper wires to fiber because the same messages were being carried by the different media. The only change was the transport mode.

Cybersecurity Technologies Ready for Prime Time

September 18, 2013

Eight emerging cybersecurity technologies ready for transition into commercial products will be unveiled at the Mayflower Renaissance Hotel on October 9. The U.S. Department of Homeland Security (DHS) Science and Technology Directorate is hosting the event, which will feature intrusion detection, removable media protection, software assurance and malware forensics capabilities.

The Department of Energy’s national laboratories developed the technologies that the DHS’ Transition-to-Practice program will showcase during the Technology Demonstration for Investors, Integrators and IT Companies East event.

Cybersecurity professionals and technology investors from private industry will learn about these new technologies through presentations, demonstrations and discussions with the research teams that produced them. Attendees also will have an opportunity to schedule a private one-on-one discussions with the researchers to discuss opportunities for commercializing the technologies and areas of interest to drive further cybersecurity research.

Attendance is free, but registration must be received by October 7.

Increase Future Cyber Staff Savvy

September 16, 2013
By Maryann Lawlor

AFCEA International’s Corporate Member Only Forum will focus on current and future cybersecurity staff needs. A panel of experts will discuss what it takes to ensure network security through knowledge. Dr. Earnest McDuffie lead for the National Initiative for Cybersecurity Education, National Institute of Standards and Technology, will moderate the discussion.

ICITE Builds From the Desktop Up

September 9, 2013
By Robert K. Ackerman

As the intelligence community moves into the cloud, it launches the first step at the desktop level.

Personal Identification Cards Become More Powerful

September 9, 2013

 

Federal employees and contractors are receiving updated identity management tools to log onto federal computers or to enter government facilities. The National Institute of Standards and Technology issued new versions of the Personal Identity Verification (PIV) Card as mandated by revised standards. The stronger authentication credential combines cutting-edge technology with lessons learned from federal agencies. Improvements include a derived PIV credential option for use in mobile devices, an optional on-card fingerprint comparison capability, use of iris pattern as a biometric with or without fingerprints, optional secure messaging between cards and readers, and remote updating of the card’s credentials.

Learning Real-World Intelligence Analysis

September 6, 2013
George I. Seffers

Officials at Auburn University, Auburn, Alabama, are developing a program that allows students from any academic discipline to work closely with the U.S. intelligence community in a variety of actual national security-related problems. The university is on track to begin offering a minor in intelligence analysis in the relatively near future and a major in the next five years.

Implemented about a year ago, the program is described as a work in progress. In fact, it has not yet been officially named, but will likely be called the Intelligence Analysis Program. “The goal of the program is to train the future analysts for the intelligence community, the military and business. "What we are trying to do is to provide a learning environment in which students have to deal with real analytical problems,” reports Robert Norton, professor and director of the Open Source Intelligence Laboratory, Auburn University. “We’re not just using things like case studies. We’re actually working current problems. And we do so in an environment where they’re working under an operational tempo similar to what is experienced in the intelligence community.”

Future intelligence analysts learn how analytical products are put together, how data is validated and how to communicate findings in a timely manner. “What we say is that our students work on real problems with real customers. We are working with the intelligence community, we’re working with various combatant commands, and we’re working with various businesses,” Norton says.

Have We Gone Down the Rabbit Hole?

September 1, 2013
By Kent R. Schneider

Do you ever find yourself trying to reconcile with your environment? That is where I am now with regard to national security and reaction to leaks and programs designed to protect against terrorist threats.

In 2010, Julian Assange and his WikiLeaks organization got themselves on the world stage by publishing large volumes of classified documents, many provided by Pfc. Bradley Manning, USA, an intelligence analyst. At that time, and since, both Assange and Manning have been held up as villains by some and as heroes and whistle-blowers by others.

In May of this year, Edward Snowden, a computer analyst hired by Booz Allen Hamilton to work on U.S. National Security Agency (NSA) programs, leaked massive classified data to the British newspaper The Guardian concerning NSA intelligence-gathering programs. Again, Snowden is a traitor or a hero, depending on whom you talk to. A recent USA Today poll found 55 percent of Americans felt Snowden was a whistle-blower and hero.

The government continues to address these massive leaks, their implications to national security and the changes to law that may be needed. In the Manning case, the administration consistently has been determined to prosecute him for treason and aiding the enemy. On July 30, USA Today reported on its online front page with the headline, “Manning verdict redefines meaning of traitor.” While the military court ruled that Manning was guilty of a number of the charges, including parts of the Espionage Act, he was found not guilty of “giving aid to the enemy,” the most serious of the charges, because the prosecutors did not prove beyond a reasonable doubt that he had “a specific intent to aid or assist the enemy.” Legal analysts now are saying that Congress should review the Espionage Act in light of the pervasiveness of technology and its new role in warfighting and terrorism.

Ask the Expert: Evolutions in Cyberlaw

September 1, 2013
By Lt. Col. Carl Allard Young, USA

A great deal of discussion revolves around cyberspace, cyberwarfare, cybercrime, cyberdefense and cybersecurity, but what about cyberlaw, a critical component of societies’ abilities to address the other components successfully? “Cyber” is a global, multitrillion- dollar industry with annual cybercrime cost estimates ranging from $250 billion to $1 trillion. Determining how to define cybertransgressions; properly and accurately identify friendly, neutral and adversarial cyber actors; and develop the laws and international conventions to handle them are serious concerns for the future of civilian and national security and defensive realms. Such determinations have to properly balance corporate, security and defensive, property and privacy interests within frameworks consistent with U.S. legal ideals.

Government Seeks New Identity Markers

September 1, 2013
By Max Cacas

 

In the next few years, usernames and passwords could gradually fade from popular use as a way to conduct business online. A public/private coalition is working on a new policy and technical framework for identity authentication that could make online transactions less dependent on these increasingly compromised identity management tools. A second round of federal grants from the group, expected this fall, will lead to continued work on what is expected to become a private sector-operated identity management industry.

“The fact is that the username and password are fundamentally broken, both from a security standpoint as well as a usability standpoint,” says Jeremy Grant, senior executive adviser for identity management with the National Institute of Standards and Technology (NIST), an agency of the Department of Commerce. As a result of such security weakness, cybercrime is costing individuals and businesses billions of dollars every year. An estimated 11.7 million Americans were victims of identity theft of some kind, including online identity theft over a recent two-year period, according to NIST, the federal agency tasked with setting cybersecurity standards.

Transforming NATO's Information Technology Architecture

September 1, 2013
By George I. Seffers

 

NATO officials are laying the groundwork for a centralized enterprise networking architecture with invitations to bid expected to be released by year’s end. The new approach is expected to offer a number of benefits, including cost savings, improved network reliability, enhanced cybersecurity and greater flexibility for warfighters.

Officials at the NATO Communications and Information (NCI) Agency kicked off the alliancewide effort in August of last year shortly after the agency was created. The initial goal was simply to examine the alliance’s information technology infrastructure, how it could be modernized, where efficiencies could be gained and how to make the business case for modernization. The NCI Agency partnered with the Network Operations Industry Consortium (NCOIC) for the study. “We didn’t want to take just an academic view or an internal belly-button look. We wanted to get industry involved and find out what is within the realm of possibility today,” says Peter Lenk, chief, Capability Area Team Seven, NCI Agency.

The result will be a historical transition for the alliance. “We are for the first time, or one of the first times in NATO, looking at things as an enterprise. We’re starting to try to consolidate things across traditional boundaries,” Lenk says. “Through the creation of the NCI Agency, which has a mandate across all of the components of NATO, now we have within our grasp the ability to do this, and we can clearly see the advantages.”

Pages

Subscribe to RSS - Cyber