Sandia National Laboratories (SNL) is actively seeking partners to conduct research in the newly opened Cybersecurity Technologies Research Laboratory (CTRL). SNL held the grand opening for the facility at the Livermore Valley Open Campus on June 12. The CTRL offers the capability to run experiments and freely discuss a wide range of cyber research issues. Additionally, U.S. and international users can collaborate without some of the unrelated restrictions that are often associated with a national laboratory.
The Internet isn't any safer now than in 1982 when it began as a four-node network connecting a handful of U.S. Defense Department academics to exchange digital files. This revelation comes despite efforts over the years to patch holes and conceive mighty notions that safe Internet usage is achievable. In his viewpoint article, "Cybersecurity Policy and Strategy Need a Dose of Reality" by Contributing Editor Col. Alan D.
EmeSec Incorporated, Reston, Virginia, recently announced that it has been awarded a $1.3 million follow-on contract with the U.S. Air Force Medical Services (AFMS) Office of the Chief Information Officer's Information Assurance Division. The company will focus on providing information assurance (IA) engineering services for a variety of systems and applications supporting 74 Air Force sites. Additionally, the company will deliver certification and accreditation service support. EmeSec will perform risk-management and information security controls evaluation and technical testing to bolster AFMS' security posture.
Although outside adversaries constantly attempt to gain access to U.S. Defense Department networks, cybersecurity leaders within the Marine Corps agree that internal user errors and attempts to skirt security measures pose the biggest threat. News Editor Rita Boland discusses these dangers in her article "Cybersecurity, Marine Corps Style" in the March issue of SIGNAL Magazine.
It's not always easy to enforce the U.S. military's rules on the use of mobile devices, said John Wilcox, chief information officer and director of command, control, communications and computers, U.S. Special Operations Command.
"To give dirty laundry, quite frankly, I know I have some devices that probably shouldn't be out there. Sometimes you want to look the other way, because you want to give the warfighter what they need; other times you want to say, what's that going to do for this network and for the connections back to the [Global Information Grid]?" he said.
In a time when government agencies and industry must tighten their belts, it may be a cloak that saves the security day. While discussing best practices in securing the cloud at the AFCEA International Homeland Security Conference, panelist Tim Kelleher, vice president of professional services, BlackRidge Technology, shared details about his company's approach to stopping cybermarauders in their recon tracks. The technique is called cloaking, and Kelleher used caller ID to describe how his company's solution could improve cybersecurity not only in future environments but in current networks as well.
Amazing anecdotes kept the audience entertained during the lunch session at the AFCEA International Homeland Security Conference. The experts spoke about a serious subject: cyberwar. But the stories about their hands-on experiences in learning how to fight cyberwars, how they've fought cyberthreats and what they believe is needed to prepare future cyberwarriors kept conference attendees enthralled. Among the panelists was Maj. T.J. O'Connor, USA, 10th Special Forces Group (A), S-6. While attending the U.S. Military Academy, Maj. O'Connor had some time on his hands that led him to learn how best to defeat cyberattacks.
Although not claiming victory, the U.S. Department of Homeland Security (DHS) has made some serious headway in improving cybersecurity, according to panelists discussing the topic at the DHS 2012 Information Technology Industry Day in Washington, D.C. Experts said the threats have not disappeared but rather have changed, and various DHS agencies have been learning how to better handle them. Alma Cole, chief systems security officer, U.S. Customs and Border Protection, described today's cyberthreats in a way the other panelists agreed with.
...When website spoofers do deceive-especially when the legitimate sites belong to the U.S. military. Untold damage could result should hackers glean crucial data, whether it involves service personnel, missions or daily operations. Earlier in the year, the U.S. Air Force faced this very scenario when its portal was spoofed. The best defense, in addition to the 24/7 protection provided by military cyberspace operators worldwide, is vigilance by every service member from the top echelons all the way down.
From securing the cloud to unwrapping new architecture compliance requirements, 2011 was a busy year for the tech public sector. In the New Year's spirit of renewal and rededication, here are five resolutions federal agencies should make. 1. Leverage IT to meet budget requirements The government fiscal landscape changed radically in the last year with budget cuts across the majority of federal agencies. The Obama's Administration fiscal 2012 budget proposal calls for a five-year discretionary spending freeze along with $33 billion in additional cuts. Yet, there is a reason why federal IT spending to commercial contractors is expected to grow five percent annually.
Earlier this year, detailed information about the bomb resistance of a new Department of Defense (DoD) building in Virginia was compromised. Reuters broadcast the information worldwide. The news organization did not obtain the document by hacking network systems, but rather accessed the "official use only" document on the Army Corps of Engineers website. This incident is just one example of the thousands of data breaches that occur as a result of internal information leakage rather than an outside attack. In their 2011 Information Security Report, the U.S. Government Accountability Office (GAO) shed light on why internal leaks are so prevalent.
One of the government's premier scientific research institutions is focusing its resources on defending computer systems against cyberattackers. The Sandia National Laboratories has concluded a recent two-day conference on cybersecurity by announcing plans for a new Cyber Engineering Research Institute (CERI) that will have a presence on both Sandia campuses in New Mexico and California. CERI is expected to more closely coordinate with industry and universities in developing new tactics to enhance cybersecurity.
(ISC)², the not-for-profit information security professional body that administers the Certified Information Systems Security Professional certification, announced this week the winners of its eighth annual U.S. Government Information Security Leadership Awards. Among the winners are a cyber dashboard that foiled a number of attacks against U.S. Defense Department email accounts, a cyber training program for U.S. Air Force Space Command, and a Department of Homeland Security effort to develop a central coordination point for strategic security awareness.
Cybercrime legislation should be technology agnostic to ensure technological advances do not make the laws obsolete, says James A. Baker, deputy attorney general for the U.S. Justice Department. Baker testified before the Senate Judiciary Committee during a September 7 hearing on updating the Computer Fraud and Abuse Act to combat emerging cyberthreats.
In the midst of a global cyberspace crisis, the U.S. Defense Department faces many hurdles in its effort to protect and defend government computer networks. According to an unclassified version of a previously issued classified report from the U.S. Government Accountability Office (GAO), several cyberspace capability gaps exist. The U.S. Cyber Command is decentralized and spread across various offices, commands, and military services and agencies, which makes the supporting relationships necessary to achieve command and control of cyberspace operations unclear. In response to a major computer infection, the U.S.
The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It's not just money at risk for government networks, however.
The Air Force has the lead for the Next Generation Airspace and lead for the Department of Defense. Arlington County, which collaborates extensively with the department on many levels, has undertaken continuous monitoring and risk analysis and is currently evaluating its supervisory control and data acquisition (SCADA) systems.
In an era of social media, smart phones and WikiLeaks, information assurance is increasingly critical to the mission of the U.S. Marine Corps. And Brig. Gen. Kevin Nally, USMC, chief information technology officer, has his hands full ensuring that information flows smoothly and securely throughout the service. Among the general's ever-growing list of issues to address, one goal remains supreme: achieving a seamless enterprise capability to enhance decision-making and give Marines an advantage over their enemies.
In less than 30 days, the U.S. Defense Department will dish out 11 prizes for innovative solutions to real-world challenges facing digital forensics examiners. And it's not too late to join the fight against cyber crime. Submissions for the 2010 Defense Department Cyber Crime Center (DC3) Digital Forensics Challenge will be accepted until November 2.
Maintaining stability in one of the most diverse, dynamic regions of the world will take a concerted effort among all particants holding a positive stake in the future. To achieve that goal, nations and organizations must band together to iron out the rough spots even when some players remain reticent about cooperation. In this month's issue of SIGNAL Magazine, Robert K. Ackerman strikes a chord with his interview featuring the commander of Pacific Command (PACOM), Adm. Robert F.
Kratos Defense & Security Solutions Incorporated recently announced that it has received a U.S. Navy services contract to perform information technology, information assurance and cybersecurity services supporting the Pacific Region. The contract is valued at $8 million if all options are exercised. Kratos will provide a variety of technology services including customer/user service support; system operations support; information assurance and cybersecurity support; adoption and deployment of the web-centric development program; secure network administration and secure wireless systems support; and process improvement of knowledge management.