Cybersecurity

September 20, 2017
By Kimberly Underwood
The winning computer in the DOD’s 2016 Cyber Grand Challenge, "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity,” highlights the department’s advanced cybersecurity abilities as a federal agency. A recent survey from SolarWinds found that DOD agencies are more prepared for cyber attacks as compared to civilian agencies. 

More and more, U.S. federal agencies are seeing inappropriate Internet access breaches, rouge devices and denial of service attacks. A key reason why: federal agencies are hindered by budget constraints that prevent information technology (IT) improvements. Agencies also have to juggle competing priorities, complex internal environments and poor top-level decision-making when it comes to cyber management, asserts a recent study from Herndon, Virginia-based SolarWinds Worldwide. The company conducted a survey of 200 federal government IT professionals in July to assess their cybersecurity challenges during the past 12 months.

September 20, 2017
By Maryann Lawlor
Army Research Laboratory researchers examined network activity data to determine likelihood of cyber attacks.

A team at the U.S. Army Research Laboratory has created four generalized linear models to predict the number of cyber intrusions a company or government will experience on its network. To design the models, the team used empirical data about successful cyber intrusions committed against a number of different organizations obtained from a cyber defense services provider that defended the organizations’ networks.

September 18, 2017

The U.S. Army has awarded a five-year, $182 million managed cybersecurity services contract to Fairfax, Va.-based InfoReliance LLC and Reston, Va.-based McAfee to enhance and modernize host based security and analytic technologies across the Army’s Endpoint Security System (AESS).  The capabilities will be delivered under a managed platform as a service (PaaS) model for "near real-time situational awareness on a global basis," according to the companies. "The new platform will minimize the Army’s attack surface, increase endpoint protection and drive the automation of key reporting metrics to the U.S.

August 17, 2017

Booz Allen Hamilton, McLean, Virginia, is being awarded a $91,499,780 cost-plus-fixed-fee contract (including options) for advisory and assistance services for Ballistic Missile Defense System cybersecurity management (CSM) and computer network defense in support of technical, engineering, advisory and management support. This contract will ensure Missile Defense Agency (MDA) information technology services, management and resources are administered, acquired, managed and operated in compliance with the priorities set by the MDA director and the goals and directives of existing statutes and Department of Defense regulations. This procurement is managed by the MDA Consolidated Support Services Program office.

August 10, 2017

Cybersecurity solutions company Comodo has launched a new research service called Comodemia for university, government and nonprofit educators and researchers. It gives users access to the Comodo Threat Intelligence Laboratory's cybersecurity data repository, one of the largest in the world.

Comodo's threat data comes from millions of endpoints in more than 220 countries. In the first quarter of this year, the lab detected and cataloged more than 25 million malware incidents. By the second quarter, the total grew to 97 million incidents as the company expanded its research program.

August 4, 2017
By David E. Meadows
Money comes in many forms. Are paper bills or checks the safest way to pay? (U.S. Army photo by Kristen Wong)

In 2005, NBC News reported that the use of checks to pay bills was declining and that the majority of people writing them were old geezers such as me. That year, the Federal Reserve reported that an estimated 36 billion checks were written, with more than half of those paper checks written by consumers.

I’m a consumer and a baby boomer—an individual born between mid-1946 and mid-1964. Writing a check is something we boomers do. I was taught in 1965 in high school how to write checks, balance a checkbook and keep track of my bank account. It was a classroom activity.

July 11, 2017
By Maryann Lawlor
Computers and credit cards are the new department stores, shopping malls and food marts.

Nearly everyone has heard a parent or grandparent refer to the good ol’ days. Tales usually begin either with, “When I was your age…” or “In my day, we didn’t have….”

While it seems appropriate that octogenarians and nonagenarians tell such stories, today they’re not the only generations sharing memories that begin with, “When I was young….” People in their 20s and 30s reflect on their youth wistfully because members of the younger generation—who, by the way, are only five or 10 years younger than they are—can communicate, play, buy and sell, and share life moments in ways that surprise even 20-somethings.

June 26, 2017
By Maryann Lawlor
Only about 15 percent of U.S. Internet fraud victims report the crimes to law enforcement.

You’ve probably received a phone call that goes something like this: “Mr. Smith? I’m calling from ABC company, and there appears to be a security problem with XYZ operating systems. Are you at your computer right now? We can fix the problem for you. All you have to do open your computer, and I’ll take care of it.”

June 1, 2017
By Maj. Gen. Earl D. Matthews, USAF (Ret.)

This article is the last in a two-part series on what Y2K can teach the world about cybersecurity. Read the first part here.

The Y2K event went out with a whimper and not a bang, but not because the issue wasn’t serious. The potential for massive data disruption was there, but government and industry rallied to address it before the January 1, 2000, deadline. The millennium bug was squashed because stakeholders with a lot to lose attacked it in a coordinated effort. That approach can serve as both a lesson and a model for the latest security challenge: the cyber bug.

May 31, 2017
By Julianne Simpson

As the Defense Department and other government agencies begin to recognize the benefits of working with smaller, innovative technology companies, the potential for insider threats and cyber attacks grows. And now, all federal contractors face a deadline to implement a step to protect against these outside cybersecurity risks and threats from the inside.

Beginning today, all cleared government contractors must complete insider threat employee awareness training prior to being granted access to classified information and every year thereafter. The mandate is part of NISPOM Change 2, a U.S. government regulation that requires insider threat programs for cleared federal contractors.

April 1, 2017
By John Leiseboer

The increase in cyberthreats from both internal and external sources has put the onus on government agencies, particularly at the federal level, to implement strong cybersecurity architectures. While encryption is an essential component, without careful implementation, criminals easily can exploit its weaknesses, and the emerging power of quantum computing could compound the problem.

April 1, 2017
By Sandra Jontz

Society’s insatiable appetite for connecting objects in the physical world to the Internet has industry’s wheels turning to fuel the materializing disruptive ecosystem called the Internet of Things, or IoT. But the good of convenience goes hand in hand with the bad of cyber risks, experts warn, spurring the U.S. government’s search for the self-healing networks of the future based on the automation tools of today.

March 22, 2017
By Sandra Jontz
Women leaders from the U.S. Defense Department speak during an AFCEA DC Chapter monthly breakfast. From l to r: moderator Mary Legere; Barbara Hoffman; Lt. Gen. VeraLinn "Dash" Jamieson, USAF; Brig. Gen. Patricia Frost, USA; and Lynn Wright.

Lt. Gen. VeraLinn “Dash” Jamieson, USAF, is thankful that her ears bleed in unpressurized aircraft cabins.

She might not otherwise have become an intelligence officer, and now the deputy chief of staff for intelligence, surveillance and reconnaissance and the Air Force’s senior intelligence officer. 

She entered the Air Force through the ROTC program at West Virginia University, and was awestruck by motivational leaders who helped her develop a yearning to become a pilot.

But her ears bled.

March 1, 2017
By Robert K. Ackerman
Power lines, such as these near the Celilo substation in Dallas Dam, Oregon, could go cold as a result of a cyber attack on the power grid. Adversaries already may have sown the seeds for shutting down power stations by embedding malware in a host of industrial control systems.

Enemy states and terrorist groups increasingly are developing the means to wage an attack on a nation’s power grid just as electric companies are relying more on automated information technology. Vulnerable supervisory control and data acquisition, or SCADA, systems offer access for attackers, who also are learning more devastating ways of bringing down a grid.

Small nation-states and organizations, in particular, are cultivating advanced methods of attacking electrical grids, and these groups may not be as inhibited about setting an attack in motion as the larger, well-known cyber superpowers. Many threats to the grid already may be in place, undetected and at work, ready for launching at will.

January 31, 2017
By Ray Rothrock
Image credit: www.bluecoat.com

As the nation deals with intelligence reports of Russian hacks of the U.S. presidential election, some of us in industry are pondering how President Donald Trump will tackle cybersecurity issues.

He already has a good road map. In December, the Commission on Enhancing National Cybersecurity issued its “Report on Securing and Growing the Digital Economy.” Kudos are in order. It is high time the executive branch dug deeply into cybersecurity issues.

March 10, 2017
By J. Wayne Lloyd

Do you work for a cyber company with federal government contracts? If so, hold onto your hat, because $210 billion in government information technology contracts will expire this year and be re-competed.

October 26, 2016
By Robert K. Ackerman

A repeat or expansion of the recent distributed denial of service (DDoS) attacks on Internet traffic firm Dyn could be prevented with just three simple security measures ranging from adoption of a secure network architecture down to basic cyber hygiene. These measures could forestall up to 99 percent of these types of cyber attacks, according to a Washington, D.C.-area chief information officer (CIO).

March 1, 2017
By Danny Ilic

If you can’t beat the hackers, join them—or at least act like them. By hacking a system from within, security experts can identify vulnerabilities and try to stay one step ahead of increasingly sophisticated cyber criminals. Thinking like an attacker cultivates an offensive mindset that leads to streamlined systems that incorporate the best of human skills and automated capabilities to shore up defenses from the inside out. 

March 2, 2017
By Sandra Jontz
John Hickey, director of the Cyber Development Directorate for DISA, kicks off the 6th annual Mobile Tech Summit hosted by AFCEA DC Chapter. Photo by Mike Carpenter

Ushering in full-blown mobility for the U.S. Defense Department will require key technology advances, particularly in areas of automation and security management. With mobile no longer a fringe idea, troops want to avail themselves of all the bells, whistles and efficiencies the ecosystem has to offer. But security concerns continue to crimp the department’s migration to what is otherwise commonplace in the private sector, experts shared Wednesday during the day-long AFCEA DC Chapter Mobile Tech Summit.

March 1, 2017
By Sandra Jontz

The Internet of Things has gone mainstream. Home refrigerators are chattier than ever, and emerging virtual home assistants can order wings for dinner, turn on lawn sprinklers, start the car and purchase pounds of cookies—all without users ever rising from the couch. Yet behind the headlines of these gee-whiz cyber technologies lurks a shortcoming. It is one that poses significant threats to national security but could be remedied fairly easily, some experts offer.

Pages