Wakelight Technologies Inc.,* Honolulu, Hawaii, was awarded $9,628,561 for firm-fixed-price task order N3225318F3000 under previously awarded contract N00178-14-D-8039 for information technology and cybersecurity services for Pearl Harbor Naval Shipyard. This contract will provide the government with information technology and cybersecurity capabilities that enhance the effectiveness, efficiency, productivity, and compliance to Department of Defense, Department of the Navy, and Department of Energy regulatory requirements and the availability, integrity, and confidentiality of the Pearl Harbor Naval Shipyard and Intermediate Maintenance Facility systems.
Although GPS-enabled activity-tracking applications like Strava may help warfighters keep fit, the applications may also reveal important information about military bases or soldier locations. One application revealed a concentration of U.S military personnel at a base overseas when shared as social media postings.
Given the rising concerns, officials at the Pentagon announced at a January 29 press conference the DOD would be looking into the issue, according to a report from Jim Garamone of DOD News.
Europe is taking on several socio-technological initiatives, including developing a digital single market and tackling consumer financial services reform. Add the need to balance privacy concerns and safeguards across 28 member countries of the European Union, and it may seem like a tall order for policy makers to help strengthen information security.
Enter the European Union Agency for Network and Information Security, the European Union’s cybersecurity agency known as ENISA. The agency, founded in 2004, equips the European Union (EU) to prevent, detect and respond to cybersecurity problems.
Although universities can be part of larger cyber attacks as unwitting victims like any other organization or enterprise, the institutions are distinguished by a collegial nature that renders them vulnerable. Academia has a more open atmosphere and a mindset of research and collaboration, making universities an enticing cyber target even for adversaries such as nation-states
Decisive Analytics Corp.,* Arlington, Virginia, is being awarded a $59,463,490 competitive cost-plus-fixed-fee contract for advisory and assistance services for cybersecurity compliance and risk management in support of technical, engineering, advisory and management support. The contract covers improved independent verification and validation analysis and reporting of the Ballistic Missile Defense System and Enterprise cybersecurity controls, and will expand information cybersecurity knowledge improving the system architecture, system life cycles, and authorization decisions for the Missile Defense Agency. The work will be performed in Colorado Springs, Colorado; and Huntsville, Alabama, with an estimated completion date of April 2023.
During the afternoon of the first day of AFCEA’s Cyber Education, Research and Training Symposium (CERTS), leaders from all five branches of the armed forces shared their perspectives on cyber education and training. Though all five laid out slightly different strategies and goals for their individual services, they all agreed they should leverage each other’s expertise and work together to figure out a way forward.
Col. Andrew O. Hall, USA, director, Army Cyber Institute, opened AFCEA’s first Cyber Education, Research and Training Symposium (CERTS) with a cyberthreat update.
“How can we make security effective and intuitive, yet usable?” Col. Hall asked attendees at the sold out conference. “Efficiency is an area of weakness and easy to hack,” he added. But it’s necessary to perform missions.
The emerging threats to cybersecurity are growing. Col. Hall focused on the global supply chain, artificial intelligence (AI) weapons factories, information warfare and critical infrastructure.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded 418 Intelligence Corporation of Herndon, Virginia $350,000 to develop a forecasting platform that will help critical infrastructure owners and system operators share and keep abreast of the latest developments in cybersecurity protection. The award was made through the S&T Cyber Security Division’s (CSD) Cyber Risk Economics (CYRIE) project. CSD is part of the Homeland Security Advanced Projects Agency. CYRIE supports measurement and modeling of the business, legal, technical and behavioral aspects of the economics of cyber-threats, vulnerabilities and controls.
No longer a curiosity, the Internet of Things has emerged as a highly sought-after technology advantage for organizations worldwide. The federal government has stepped up as an innovator within this space, generating profound advancements with seemingly unlimited promise to support national security missions. Those in doubt need look no further than research from the Center for Data Innovation, a nonprofit, nonpartisan institute, which reveals a broad range of eclectic, real-life implementations.
SiCore Technologies Incorporated, Farmingdale, New York, has been awarded a $47,900,000 modification (P00002) to a previously awarded contract (FA8650-16-D-1712) for research and development, to provide the investigation and development of methodologies, tools, techniques, and innovative solutions to identify susceptibilities and mitigate vulnerabilities in Air Force weapon systems, and protect those systems against cyber-attack. Work will be performed at Wright-Patterson Air Force Base, Ohio, with an expected completion date of March 29, 2023. This contract was a competitive acquisition and 23 offers were received. Air Force Research Laboratory, Wright-Patterson Air Force Base, Ohio, is the contracting activity.
More and more, U.S. federal agencies are seeing inappropriate Internet access breaches, rogue devices and denial of service attacks. A key reason why: federal agencies are hindered by budget constraints that prevent information technology (IT) improvements. Agencies also have to juggle competing priorities, complex internal environments and poor top-level decision-making when it comes to cyber management, asserts a recent study from Herndon, Virginia-based SolarWinds Worldwide. The company conducted a survey of 200 federal government IT professionals in July to assess their cybersecurity challenges during the past 12 months.
A team at the U.S. Army Research Laboratory has created four generalized linear models to predict the number of cyber intrusions a company or government will experience on its network. To design the models, the team used empirical data about successful cyber intrusions committed against a number of different organizations obtained from a cyber defense services provider that defended the organizations’ networks.
The U.S. Army has awarded a five-year, $182 million managed cybersecurity services contract to Fairfax, Va.-based InfoReliance LLC and Reston, Va.-based McAfee to enhance and modernize host based security and analytic technologies across the Army’s Endpoint Security System (AESS). The capabilities will be delivered under a managed platform as a service (PaaS) model for "near real-time situational awareness on a global basis," according to the companies. "The new platform will minimize the Army’s attack surface, increase endpoint protection and drive the automation of key reporting metrics to the U.S.
Booz Allen Hamilton, McLean, Virginia, is being awarded a $91,499,780 cost-plus-fixed-fee contract (including options) for advisory and assistance services for Ballistic Missile Defense System cybersecurity management (CSM) and computer network defense in support of technical, engineering, advisory and management support. This contract will ensure Missile Defense Agency (MDA) information technology services, management and resources are administered, acquired, managed and operated in compliance with the priorities set by the MDA director and the goals and directives of existing statutes and Department of Defense regulations. This procurement is managed by the MDA Consolidated Support Services Program office.
Cybersecurity solutions company Comodo has launched a new research service called Comodemia for university, government and nonprofit educators and researchers. It gives users access to the Comodo Threat Intelligence Laboratory's cybersecurity data repository, one of the largest in the world.
Comodo's threat data comes from millions of endpoints in more than 220 countries. In the first quarter of this year, the lab detected and cataloged more than 25 million malware incidents. By the second quarter, the total grew to 97 million incidents as the company expanded its research program.
In 2005, NBC News reported that the use of checks to pay bills was declining and that the majority of people writing them were old geezers such as me. That year, the Federal Reserve reported that an estimated 36 billion checks were written, with more than half of those paper checks written by consumers.
I’m a consumer and a baby boomer—an individual born between mid-1946 and mid-1964. Writing a check is something we boomers do. I was taught in 1965 in high school how to write checks, balance a checkbook and keep track of my bank account. It was a classroom activity.
Nearly everyone has heard a parent or grandparent refer to the good ol’ days. Tales usually begin either with, “When I was your age…” or “In my day, we didn’t have….”
While it seems appropriate that octogenarians and nonagenarians tell such stories, today they’re not the only generations sharing memories that begin with, “When I was young….” People in their 20s and 30s reflect on their youth wistfully because members of the younger generation—who, by the way, are only five or 10 years younger than they are—can communicate, play, buy and sell, and share life moments in ways that surprise even 20-somethings.
You’ve probably received a phone call that goes something like this: “Mr. Smith? I’m calling from ABC company, and there appears to be a security problem with XYZ operating systems. Are you at your computer right now? We can fix the problem for you. All you have to do open your computer, and I’ll take care of it.”
This article is the last in a two-part series on what Y2K can teach the world about cybersecurity. Read the first part here.
The Y2K event went out with a whimper and not a bang, but not because the issue wasn’t serious. The potential for massive data disruption was there, but government and industry rallied to address it before the January 1, 2000, deadline. The millennium bug was squashed because stakeholders with a lot to lose attacked it in a coordinated effort. That approach can serve as both a lesson and a model for the latest security challenge: the cyber bug.
As the Defense Department and other government agencies begin to recognize the benefits of working with smaller, innovative technology companies, the potential for insider threats and cyber attacks grows. And now, all federal contractors face a deadline to implement a step to protect against these outside cybersecurity risks and threats from the inside.
Beginning today, all cleared government contractors must complete insider threat employee awareness training prior to being granted access to classified information and every year thereafter. The mandate is part of NISPOM Change 2, a U.S. government regulation that requires insider threat programs for cleared federal contractors.