Cybersecurity

May 24, 2018
By Robert K. Ackerman
Credit: fuyu liu/Shutterstock

Domestic cybersecurity has some new potential vulnerabilities to defend, according to the Department of Homeland Security’s (DHS’s) 2018 Cybersecurity Strategy. In addition to conventional concerns such as the water and power grids and the financial sector, the burgeoning number of Internet-connected devices and the global supply chain have emerged as areas that must be protected against a growing threat from a variety of adversaries.

May 23, 2018
By Julianne Simpson
“Russia is not a resurgent power. Russia is a remonstrate power,” said Gen. Michael Hayden, USAF (Ret.), principal, the Chertoff Group, during his morning keynote at the AFCEA/GMU Critical Issues in C4I Symposium.

Gen. Michael Hayden, USAF (Ret.), principal, the Chertoff Group, shifted the weight of the conversation at the AFCEA/GMU Critical Issues in C4I Symposium from the direction of cyber narrowly defined to information broadly defined. Throughout his morning keynote he touched on Russian manipulation of the 2016 election, the U.S. moving into a post-truth culture and what cyber leaders can do in the future to help secure the nation.

May 22, 2018
By Julianne Simpson
During her morning keynote, Stempfley stressed the importance of using analytics to create situational awareness in cybersecurity.

Situational awareness is key to cybersecurity and using analytics can help create the situational awareness needed to defend the nation from adversaries. “Never before have we had the tools that we have today to understand the environment we’re in,” said Roberta “Bobbie” Stempfley, director, Carnegie Mellon University’s Software Engineering Institute, CERT Division, during her morning keynote at the AFCEA-GMU Critical Issues in C4I Symposium.

May 17, 2018
By Kimberly Underwood
Panelists at the Defensive Cyber Operations Symposium discuss directing change to organize the cyberspace warfighting domain.

Providing an information network that enables warfighters to perform global missions is not easy given the network itself is besieged constantly by cyber attacks. All U.S. Defense Department organizations use the complex technical infrastructure known as the Department of Defense Information Network (DODIN), and the responsibility to protect it 24/7 falls squarely on the shoulders of Joint Force Headquarters–Department of Defense Information Network (JFHQ-DODIN).

April 25, 2018
By Maryann Lawlor
Credit: ChromaWise/Shutterstock

A bug bounty program worth a total of $10 million aims at acquiring and developing active cyber-defense capabilities for some of the most popular software programs for Windows, MacOS, iOS and Android. The public program is offering payouts focusing on quality over quantity to identify and address some of the toughest problems.

April 6, 2018
By Julianne Simpson
Credit: American Corporate Partners

A common thread in the issue of U.S. cybersecurity today is the need for talent. Everyone—including industry and government—is struggling to keep up.

Timothy Cochrane and the team at American Corporate Partners (ACP) have developed a secret sauce to help combat the shortage of cybersecurity workers. And they have the stats to back it up.

Founded in 2008, ACP is a national nonprofit assisting post-9/11 veterans in their transition from the military to the civilian workforce. ACP focuses on mentoring, career counseling and professional networking.

March 29, 2018
By Kimberly Underwood
The Army is learning lessons as it makes its way through cybersecurity vulnerability identification of its major weaponry, according to Col. Bryan Stephens (2nd from l), USA, director, Cyber Focal, Army System of Systems Engineering and Integration, at a recent AFCEA Aberdeen event and interview with SIGNAL Magazine.

It goes without saying that technology plays a key role in military operations. The concern nowadays, however, is if technology is appropriately hardened from a cybersecurity standpoint. For the Army, this means taking a close look at supply chain management, according to one Army leader.

The government has to be a savvy consumer amid a risky cybersecurity atmosphere. And companies need to be able to back up the products that they are offering the government, Col. Bryan Stephens, USA, director, Cyber Focal, Army System of Systems Engineering and Integration, told SIGNAL Magazine in a recent interview. 

February 28, 2018
 

In a $350 million deal, San Francisco, California-based Splunk Inc. will purchase Phantom Cyber Corporation, a Palo Alto, California-based cyber security firm specializing in security orchestration, automation and response, known as SOAR. Splunk will acquire Phantom using a combination of cash and stock. The transaction is expected to close during the first half of 2018, subject to customary closing conditions and regulatory reviews. Oliver Friedrichs, Founder and CEO, Phantom will report to Haiyan Song, senior vice president and general manager of security markets, Splunk.

February 23, 2018
 

Wakelight Technologies Inc.,* Honolulu, Hawaii, was awarded $9,628,561 for firm-fixed-price task order N3225318F3000 under previously awarded contract N00178-14-D-8039 for information technology and cybersecurity services for Pearl Harbor Naval Shipyard. This contract will provide the government with information technology and cybersecurity capabilities that enhance the effectiveness, efficiency, productivity, and compliance to Department of Defense, Department of the Navy, and Department of Energy regulatory requirements and the availability, integrity, and confidentiality of the Pearl Harbor Naval Shipyard and Intermediate Maintenance Facility systems.

January 31, 2018
By Kimberly Underwood
Army soldiers from the 3rd Infantry Division participate in a 4-mile division run at Fort Stewart, Georgia. The use of fitness trackers by some soldiers is inadvertently revealing their location and outline of military bases. Army photo by Sgt. Caitlyn Smoyer

Although GPS-enabled activity-tracking applications like Strava may help warfighters keep fit, the applications may also reveal important information about military bases or soldier locations. One application revealed a concentration of U.S military personnel at a base overseas when shared as social media postings.

Given the rising concerns, officials at the Pentagon announced at a January 29 press conference the DOD would be looking into the issue, according to a report from Jim Garamone of DOD News.

February 1, 2018
By Kimberly Underwood
 The European Union Agency for Network and Information Security, or ENISA, plays a collaborative role to bring Europe together to improve cybersecurity.

Europe is taking on several socio-technological initiatives, including developing a digital single market and tackling consumer financial services reform. Add the need to balance privacy concerns and safeguards across 28 member countries of the European Union, and it may seem like a tall order for policy makers to help strengthen information security.

Enter the European Union Agency for Network and Information Security, the European Union’s cybersecurity agency known as ENISA. The agency, founded in 2004, equips the European Union (EU) to prevent, detect and respond to cybersecurity problems.

February 1, 2018
By Kimberly Underwood
The distinctive collegial nature of universities makes them susceptible to cyber attacks, experts say. Credit: Jorge Salcedo/Shutterstock

Although universities can be part of larger cyber attacks as unwitting victims like any other organization or enterprise, the institutions are distinguished by a collegial nature that renders them vulnerable. Academia has a more open atmosphere and a mindset of research and collaboration, making universities an enticing cyber target even for adversaries such as nation-states

January 29, 2018
 

Decisive Analytics Corp.,* Arlington, Virginia, is being awarded a $59,463,490 competitive cost-plus-fixed-fee contract for advisory and assistance services for cybersecurity compliance and risk management in support of technical, engineering, advisory and management support. The contract covers improved independent verification and validation analysis and reporting of the Ballistic Missile Defense System and Enterprise cybersecurity controls, and will expand information cybersecurity knowledge improving the system architecture, system life cycles, and authorization decisions for the Missile Defense Agency. The work will be performed in Colorado Springs, Colorado; and Huntsville, Alabama, with an estimated completion date of April 2023. 

January 17, 2018
By Julianne Simpson
Cyber operators (l-r) Lt. Col. Barian Woodward, USMC; Lt. Col. Angela Waters, USAF; Lt. Col. Benjamin A. Ring, Ph.D., USA; Lt. Jr. Clovis Guevara, USCG; and Col. Paul T. Stanton, USA, panel moderator, address attendees at AFCEA's first Cyber Education, Research and Training Symposium.

During the afternoon of the first day of AFCEA’s Cyber Education, Research and Training Symposium (CERTS), leaders from all five branches of the armed forces shared their perspectives on cyber education and training. Though all five laid out slightly different strategies and goals for their individual services, they all agreed they should leverage each other’s expertise and work together to figure out a way forward.

January 17, 2018
By Julianne Simpson
“How can we make security effective and intuitive, yet usable?" Col. Andrew O. Hall, USA, director, Army Cyber Institute, asked attendees at AFCEA's first Cyber Education, Research and Training Symposium.

Col. Andrew O. Hall, USA, director, Army Cyber Institute, opened AFCEA’s first Cyber Education, Research and Training Symposium (CERTS) with a cyberthreat update.

“How can we make security effective and intuitive, yet usable?” Col. Hall asked attendees at the sold out conference. “Efficiency is an area of weakness and easy to hack,” he added. But it’s necessary to perform missions.

The emerging threats to cybersecurity are growing. Col. Hall focused on the global supply chain, artificial intelligence (AI) weapons factories, information warfare and critical infrastructure.

January 3, 2018
 

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded 418 Intelligence Corporation of Herndon, Virginia $350,000 to develop a forecasting platform that will help critical infrastructure owners and system operators share and keep abreast of the latest developments in cybersecurity protection. The award was made through the S&T Cyber Security Division’s (CSD) Cyber Risk Economics (CYRIE) project. CSD is part of the Homeland Security Advanced Projects Agency. CYRIE supports measurement and modeling of the business, legal, technical and behavioral aspects of the economics of cyber-threats, vulnerabilities and controls.

January 1, 2018
By Ryan Brichant
One way international military and government agencies gather information about weather and oceanographic data to enhance forecasting and environmental models is through networked buoys. The Royal Danish Air Force deployed these ice-hardened buoys from a C-130 into the Arctic Ocean in September as part of the International Arctic Buoy Program. Credit: John F. Williams

No longer a curiosity, the Internet of Things has emerged as a highly sought-after technology advantage for organizations worldwide. The federal government has stepped up as an innovator within this space, generating profound advancements with seemingly unlimited promise to support national security missions. Those in doubt need look no further than research from the Center for Data Innovation, a nonprofit, nonpartisan institute, which reveals a broad range of eclectic, real-life implementations. 

November 14, 2017
 

SiCore Technologies Incorporated, Farmingdale, New York, has been awarded a $47,900,000 modification (P00002) to a previously awarded contract (FA8650-16-D-1712) for research and development, to provide the investigation and development of methodologies, tools, techniques, and innovative solutions to identify susceptibilities and mitigate vulnerabilities in Air Force weapon systems, and protect those systems against cyber-attack. Work will be performed at Wright-Patterson Air Force Base, Ohio, with an expected completion date of March 29, 2023. This contract was a competitive acquisition and 23 offers were received. Air Force Research Laboratory, Wright-Patterson Air Force Base, Ohio, is the contracting activity.

September 20, 2017
By Kimberly Underwood
The winning computer in the DOD’s 2016 Cyber Grand Challenge, "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity,” highlights the department’s advanced cybersecurity abilities as a federal agency. A recent survey from SolarWinds found that DOD agencies are more prepared for cyber attacks as compared to civilian agencies. 

More and more, U.S. federal agencies are seeing inappropriate Internet access breaches, rogue devices and denial of service attacks. A key reason why: federal agencies are hindered by budget constraints that prevent information technology (IT) improvements. Agencies also have to juggle competing priorities, complex internal environments and poor top-level decision-making when it comes to cyber management, asserts a recent study from Herndon, Virginia-based SolarWinds Worldwide. The company conducted a survey of 200 federal government IT professionals in July to assess their cybersecurity challenges during the past 12 months.

September 20, 2017
By Maryann Lawlor
Army Research Laboratory researchers examined network activity data to determine likelihood of cyber attacks.

A team at the U.S. Army Research Laboratory has created four generalized linear models to predict the number of cyber intrusions a company or government will experience on its network. To design the models, the team used empirical data about successful cyber intrusions committed against a number of different organizations obtained from a cyber defense services provider that defended the organizations’ networks.

Pages