October 29, 2015
By Sandra Jontz
Adm. Michael Rogers, USN, director of the NSA and commander of U.S. Cyber Command, warns of an increase in number and sophistication of cyber attacks during Thursday's SAP NS2 Solution Summit.

Securing the cyberspace will get worse before it gets any better, warned Adm. Michael Rogers, USN, director of the National Security Agency (NSA) and commander of U.S. Cyber Command.

“The very technical foundation of the world we’ve created with the Internet of Things is going to exacerbate [security vulnerabilities], not make it easier,” he said. Now, it’s not that the Internet of Things is bad, he pointed out. “As a private citizen, I love the convenience. But I also acknowledge it brings inherent challenges when we’re trying to defend something.”

October 27, 2015
By Sandra Jontz

The U.S. Senate passed the controversial Cybersecurity Information Sharing Act (CISA) on Tuesday, paving the way for private companies to share cyberthreat information not just with each other, but with the government.

A salient point of the measure, S. 754, centers on the freedom companies would have to share what they deem to be cyber intelligence without fear of lawsuits. But a vocal opposition to the measure took to social media during the Senate’s debate, calling on lawmakers to defeat the bill because it will tantamount to sanctioned government spying on citizens.

October 15, 2015
By Maria C. Horton

Small businesses doing work for the U.S. Defense Department pose serious cybersecurity concerns, in part because of their limited resources to invest in technical and practiced security measures, according to a congressional oversight agency’s assessment.

October 15, 2015
By David Archer

In 1967, CIA operatives needed a way to spy on a Kremlin ally and sought to capitalize on a common place nuance: feral cats. The creators of Project Acoustic Kitty contrived to surgically implant a transmitter and microphone into a cat, postulating that they could slip “under the radar” on quiet paws. Although agents tested at least one Acoustic Kitty, officials determined that cats could not be adequately trained, and the program was—well, scratched.

September 23, 2015
By Sandra Jontz

The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) awarded nearly $3.7 million for three pilot projects that seek to fortify online financial transactions and enhance privacy protections for health care, government services, transportation and the Internet of Things.

The studies, awarded by the agency's National Strategy for Trusted Identities in Cyberspace (NSTIC) office, address specific cyber-based missions such as reducing tax refund theft, ensuring better protections of medical information, devising mobile ticketing solutions for use on mass transit and providing secure online data storage, according the agency.

October 9, 2015

Barbaricum LLC, Washington, D.C. (FA8075-16-D-0011); Baum, Romstedt Technology Research Corp., Vienna, Virginia (FA8075-16-D-0012); Data Systems Analysts Inc., Fairfax, Virginia (FA8075-16-D-0013); Professional Project Services Inc.

October 8, 2015
By Bob Gourley
The iCub humanoid robot at IDSIA's robotics lab in Switzerland tries to reach for a blue cup.

Remember this scene from The Graduate?
Mr. McGuire: I just want to say one word to you. Just one word.
Benjamin: Yes, sir.
Mr. McGuire: Are you listening?
Benjamin: Yes, I am.
Mr. McGuire: Plastics.

Turns out, plastics was pretty hot. Great tip, Mr. McGuire. I wonder what, if anything, Benjamin did with that tip. More importantly, what is the one word for today?

I think I have it. The word is Cambric. Cambric the finely woven linen? No, CAMBRIC the finely woven acronym:

October 5, 2015
By Robert B. Dix Jr.

Most cyber practitioners and many users agree that assessing and managing the risk attributed to cybersecurity and critical infrastructure protection is a shared responsibility between and across a wide array of stakeholders—including government, industry, academia, the nonprofit community and individual citizens.

September 21, 2015
By Sandra Jontz

The U.S. government's effort to provide a common baseline of cybersecurity tools across civilian agencies now is available to 97 percent of the departments—a milestone hit after the Department of Homeland Security (DHS), through the General Services Administration, awarded three orders under the Continuous Diagnostics and Mitigation (CDM) program. The orders now bring the number of federal agencies using the tools and services to shore up cyber vulnerabilities to 17. 

The orders were awarded to Booz Allen Hamilton for $82 million, Northrop Grumman for $32 million and Hewlett Packard Enterprise Services for $21 million.

August 13, 2015
By Sandra Jontz
Marines conduct civil-military operations and collect, process, analyze and share information using software from a smartphone.

The Defense Department’s much-anticipated capability solution to access classified voice and email up to the secret level from mobile devices finally migrated from the pilot stage and now is operational within the department and several federal agencies, says Kimberly Rice, program manger for the Defense Information Systems Agency’s (DISA's) Mobility Program Management Office.

July 14, 2015
Maryann Lawlor

Everyone who believes that what was dubbed “The Great Technical Glitch of July 8” was incontrovertibly a mere coincidence and not a coordinated cyber attack, raise your hands. Before you shake your head and stop reading, consider this: The institutions those IT mishaps shut down represent the economy (New York Stock Exchange), transportation (United Airlines) and communications or freedom of speech (The Wall Street Journal). Not to go all X Files on you or propose conspiracies around every corner, but dismissing the possibility that it was more than mere chance isn’t so far-fetched.

July 1, 2015
By Lt. Gen. Robert M. Shea, USMC (Ret.)

The recent hack, reportedly by Chinese sources, of the personnel files belonging to current and past U.S. government employees puts a face on the cyberthreat affecting everyone today—about 4 million faces, if Office of Personnel Management assessments are correct. Yet this hack is just one example of the looming cyberthreat, and while it offers valuable lessons to be learned, it should not serve as the exclusive template for securing networks and data.

June 5, 2015
By Sandra Jontz

The significant federal government cyberbreach that let hackers swipe the personal data of more than 4 million current and former federal employees has all the trappings of a targeted nation-state attack aimed at gleaning critical information on federal workers; and current cyber protection methods might not be enough to prevent future attacks, one expert says.

Hackers breached computer systems of the Office of Personnel Management (OPM) in December, stealing data including Social Security numbers, job assignments, performance reviews, insurance details and training certificates. Officials detected the breach in April.

May 11, 2015
By Dr. Wesley Kaplow

We are passing rapidly from the information technology dark ages of less than seven decades ago to what I call the "Uncharted Territory Age." Combined, the two critical ages through which we currently are moving may yield the largest explosion of cyber risks yet. The first age is the well-known, and hyped, Internet of Things (IoT), or now Internet of Everything. The second is the big data age. Both may have a synergistic effect on the growing cyberthreat.

May 1, 2015
By George I. Seffers

U.S. Deputy Secretary of Commerce Bruce Andrews announced today he will lead a delegation of 20 American companies on a Cybersecurity Trade Mission to Bucharest, Romania, and Warsaw, Poland, May 11-15. Assistant Secretary for Industry and Analysis Marcus Jadotte also will participate in the mission.

The trade mission is designed to help U.S. companies launch or increase their business operations in Central and Southeast Europe, specifically connecting them with businesses and government leaders in Romania and Poland. It also will introduce or expand the market presence of U.S. cybersecurity companies.

April 28, 2015
By Maryann Lawlor

Although cybersecurity has been getting a lot of well-deserved attention lately, 90 percent of companies recently surveyed admit that their organizations have invested in a security technology that was ultimately discontinued or scrapped before or soon after deployment. The survey also revealed that the most important metrics are the least reliable. For example, although 70 percent of respondents said return on investment and total cost of ownership are critical metrics for investment and measurement of a technology’s economic benefits, the same number said it is difficult to calculate these metrics.

April 15, 2015
By Ed Bender

Government information technology administrators long have been trained to keep an eye out for the threats that come from outside their firewalls. But what if the greatest threats actually come from within?

April 1, 2015
By Sandra Jontz

New methods of teaching cybersecurity might be the best hope for providing the necessary security experts to turn the tide against malicious cybercriminals who have launched constant battles against vital networks. In purely quantitative terms, the number of available information technology security experts falls critically short of what is necessary, while the number of hackers and cyber adversaries grows larger.

March 26, 2015
By Sandra Jontz
An example of neutron imaging: On the left, lilies photographed through an open cask. On the right, a neutron imaging system used to photograph the lilies through the lead walls of the cask. This image demonstrates the power of neutrons to easily pass through otherwise impenetrable materials.

The notion of nefarious scientists re-engineering the genetics of living organisms to then weaponize their new specimens has some researchers jostling for the upper hand, including those at the U.S. Defense Department’s main research agency.

February 24, 2015
By Maryann Lawlor

The National Security Agency’s third annual Best Scientific Cybersecurity Paper competition is now open. Scientific papers must have been published during 2014.

The papers will be judged on scientific merit and the the strength and significance of the work reported. In addition, the paper must exemplify the performance and reporting of cybersecurity scientific research.