Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars  Apps     EBooks
   AFCEA logo
 

Cyber

A New Emphasis on Intelligence Support to the Cyber Domain

October 1, 2013
By Kent R. Schneider

In the most recent U.S. defense guidance of January 2012, signed for emphasis by both the president and the secretary of defense, cyber was one of the few areas that received both emphasis and increased funding—no small feat in the current budget environment. Part of that emphasis and increased funding goes to the intelligence community to support the cyber domain. Such support requires an expansion of the intelligence mission set, new processes and tools, and new interfaces to the operational community now emerging to command and control the cyber domain.

Full support to the cyber domain requires an expansion of scope as well, as the federal lead for cybersecurity lies with the U.S. Department of Homeland Security, the Defense Department and the Department of Justice with involvement by others. Also, commercial interests heavily own the cyber infrastructure and other elements of the critical infrastructure of the United States. In some categories, more than 90 percent of the infrastructure resides in the private sector. Clearly, new processes and new relationships must be developed by the intelligence community to support this diverse and complex mission.

Software Assists Signal Officers

September 30, 2013
By George I. Seffers

U.S. Army researchers are developing a software program that will provide signal corps officers will an improved common operating picture of the network, enhance the ability to manage the plethora of electronic systems popping up on the modern battlefield, advance information sharing capabilities and allow warfighters to make more informed and more timely decisions. In short, the system will assist in planning, building, monitoring and defending the network.

As the number of electronic devices on the modern battlefield rapidly expands, the job of the battalion and brigade signal officer, known as the S-6, grows increasingly complex. The S-6 oversees the deployment of all communications equipment. The communications officer is responsible for the supervision of all automated information systems, network management, computer network defense, electromagnetic spectrum operations and information assurance.

Sometimes, however, it is not possible for the communications officer to even know what devices, or how many, are connected to the network. And many factors, such as terrain, weather, technical difficulties and enemy activities, including jamming or cyber attacks, can disrupt the network. But the S-6 Associate software being developed at the Army Communications-Electronics Research, Development, and Engineering Center (CERDEC) will consolidate information on existing systems and simplify network monitoring. Among other benefits, S-6 Associate improves data sharing between systems used by the S-6 and the intelligence (S-2) and training and operations (S-3) functions.

Biometrics' Unprecedented Public Integration

September 19, 2013
By Rita Boland

Biometrics is on the verge of becoming more pervasive than ever in everyday life, setting the stage for personal identifiers to take the place of other common security measures. The expansion mirrors increased usage in fields such as military operations, citizen enrollment and public safety.

 

Ask the Expert: The Current Cybersecurity Work Force

October 1, 2013
By Dr. Ernest McDuffie

This is an important question for a number of reasons. Popular media often talk about the growing shortage of skilled cybersecurity workers needed to fill critical open positions both in government and the private sector. This is true, but employers need specific details on the work force so they can make informed decisions about whom to hire and potential employees need to know what to study to position themselves to be hired. The problems of a lack of common language and terms, a complex new field and the ever-changing technology that enables much of cybersecurity combine to make analysis of this work force particularly difficult.

For the past few years, the federal government, by way of its National Initiative for Cybersecurity Education (NICE), has been hard at work on these and many other issues related to cybersecurity education, training, awareness and work force development. A major achievement of NICE has been the creation of the National Cybersecurity Workforce Framework (NCWF). This document was developed to provide a common understanding of and lexicon for cybersecurity work. Defining the cybersecurity population consistently using standardized terms is an essential step in ensuring that our country is able to educate, recruit, train, develop and retain a highly qualified work force.

In designing the framework, “Categories” and “Specialty Areas” were used as organizational constructs to group similar types of work. The categories, serving as an overarching structure for the framework, group related specialty areas together. Within each specialty area, typical tasks and knowledge, skills and abilities are provided. In essence, specialty areas in a given category typically are more similar to one another than to specialty areas in other categories.

Committed to Cloud Computing

October 1, 2013
By George I. Seffers

Recent insider security breaches have put increased scrutiny on the U.S. intelligence community’s cloud computing plans. But cloud computing initiatives remain unchanged as the technology is expected to enhance cybersecurity and provide analysts with easier ways to do their jobs in less time.

With cloud computing, reams of data reside in one location rather than in a variety of repositories. Combining data leads to greater efficiencies for intelligence analysts, but in the view of some, it also means greater vulnerabilities. “There’s a school of thought that says if you co-locate data, you actually expose more of it in case of an insider threat than if you keep it all in separate repositories by data type,” explains Lonny Anderson, National Security Agency (NSA) chief information officer. “The onus is on us to convince the rest of the community, the rest of the Defense Department, that we can secure their information in the cloud in a way that they simply can’t secure it today.”

Anderson acknowledges that the recent insider leaks have increased doubts within the intelligence community about cloud computing, but he expresses confidence that the agency and the intelligence community are on the right path. “I think everybody is a little more nervous and a little more security conscious.

“Everything we’ve learned so far of [NSA leaker Edward Snowden’s] activities has reinforced for us that the path we’re already on is the right path. The lesson we’ve learned is the need to share information but to share selectively, only with those with a need to know,” Anderson says. “The leaks actually reinforced the need to move to the cloud and move there more quickly.”

A New -INT Looms for Social Media

October 1, 2013
By Robert K. Ackerman

The Arab Spring, which rose from street-level dissent to form a mass movement, might not have come as a surprise to intelligence agencies if only they had been able to read the tea leaves of social media. The characteristics of social media that differentiate it from other messaging media are compelling intelligence officials to change the way they derive valuable information from it. As a result, experts are calling for the creation of a new discipline that represents a separate branch of intelligence activity.

The type of information found on social media is far different from that intercepted via any other type of messaging media. It is pushed by its sender out to large numbers of people. It often consists of information about individuals that is not readily available elsewhere. And, it can represent an indication of groupthink that is not discernible from traditional intercepts.

Sir David Omand is a visiting professor, Department of War Studies, King’s College, London. He is a former U.K. intelligence and security coordinator and the former director of the U.K. Government Communications Headquarters (GCHQ), which provides both signals intelligence (SIGINT) and information assurance as one of the United Kingdom’s three intelligence agencies.

“This is more than a shift from one kind of communications medium to another,” Omand declares. He points out that SIGINT experts have accommodated the shift from copper wires to fiber because the same messages were being carried by the different media. The only change was the transport mode.

Cybersecurity Technologies Ready for Prime Time

September 18, 2013

Eight emerging cybersecurity technologies ready for transition into commercial products will be unveiled at the Mayflower Renaissance Hotel on October 9. The U.S. Department of Homeland Security (DHS) Science and Technology Directorate is hosting the event, which will feature intrusion detection, removable media protection, software assurance and malware forensics capabilities.

The Department of Energy’s national laboratories developed the technologies that the DHS’ Transition-to-Practice program will showcase during the Technology Demonstration for Investors, Integrators and IT Companies East event.

Cybersecurity professionals and technology investors from private industry will learn about these new technologies through presentations, demonstrations and discussions with the research teams that produced them. Attendees also will have an opportunity to schedule a private one-on-one discussions with the researchers to discuss opportunities for commercializing the technologies and areas of interest to drive further cybersecurity research.

Attendance is free, but registration must be received by October 7.

Increase Future Cyber Staff Savvy

September 16, 2013
By Maryann Lawlor

AFCEA International’s Corporate Member Only Forum will focus on current and future cybersecurity staff needs. A panel of experts will discuss what it takes to ensure network security through knowledge. Dr. Earnest McDuffie lead for the National Initiative for Cybersecurity Education, National Institute of Standards and Technology, will moderate the discussion.

ICITE Builds From the Desktop Up

September 9, 2013
By Robert K. Ackerman

As the intelligence community moves into the cloud, it launches the first step at the desktop level.

Personal Identification Cards Become More Powerful

September 9, 2013

 

Federal employees and contractors are receiving updated identity management tools to log onto federal computers or to enter government facilities. The National Institute of Standards and Technology issued new versions of the Personal Identity Verification (PIV) Card as mandated by revised standards. The stronger authentication credential combines cutting-edge technology with lessons learned from federal agencies. Improvements include a derived PIV credential option for use in mobile devices, an optional on-card fingerprint comparison capability, use of iris pattern as a biometric with or without fingerprints, optional secure messaging between cards and readers, and remote updating of the card’s credentials.

Pages

Subscribe to RSS - Cyber