At conference halls throughout the year, groups of students work intensely to complete digital challenges in cyberspace, vying to win so-called Capture the Flag Contests, such as several hosted by Deloitte. The company sponsors several such educational cybersecurity competitions, including recently at AFCEA Alamo ACE in San Antonio and in Colorado Springs at the AFCEA Rocky Mountain Cyberspace Symposium.
The U.S. Army its transforming its Department of the Army’s Management Office-Cyber (DAMO-CY) to include a wider range of joint all-domain operations capabilities.
Col. Jay Chapman, USA, division chief, Mission Command, in the Army CIO/G-6 office, revealed the change at a February 13 luncheon event in Arlington, Virginia, hosted by the AFCEA Washington, D.C. chapter.
The Defense Information Systems Agency (DISA) is working more closely with the intelligence community and is partnering with the National Security Agency (NSA) on a number of cybersecurity-related efforts, officials say.
The National Intelligence University (NIU) has upgraded its curriculum with an enhanced focus on applied data science for intelligence. This thrust, which reflects the changing global threat picture, includes the creation of a certificate program for those seeking to specialize in the discipline.
Last August 30, the U.S. Space Command become the 11th unified combatant command of the U.S. Department of Defense. In that role, the command will be conducting defensive, and when necessary, offensive cyber capabilities to protect key space-based assets and guard its part of the military’s network, called the DODIN.
Modernizing information technology across 700,000 U.S. Air Force personnel is not a simple venture. Updating legacy systems, moving applications and data to the cloud, enabling the use of mobile devices, securing appropriate licensing and supplying powerful computing are complex undertakings. The pursuit of a digital transformation is a vital effort of the service, said Maj. Gen. Kevin Kennedy, USAF, assistant deputy chief information officer, Digital Transformation, and assistant deputy chief of staff for Cyber Effects Operations.
For the last year, the U.S. Air Force Air Combat Command has aggressively pursued revamping its organization to combat increasing threats, including cyber threats. The command is looking at how to unite its traditional air component capabilities with cyber mastery and provide its piece of Joint All Domain Command and Control, or JADC2.
These abilities are key especially as threats from adversaries are “only increasing in scope and scale,” said Lt. Gen. Christopher "Wedge" Weggeman, USAF, deputy commander, Air Combat Command (ACC), speaking at AFCEA Rocky Mountain Chapter’s Cyberspace Symposium 2020 in Colorado Springs on February 4.
Long-discussed cybersecurity issues such as cultural attitudes, innovation and supply chain vulnerability are now at the top of the U.S. Navy’s information technology action list as it faces a multifaceted threat to information dominance. Current conditions present a sense of urgency in efforts to upgrade Navy and Marine Corps information assets, but the services also face a window of opportunity that they can exploit.
Before the end of the fiscal year, the U.S. Navy intends to deliver an early version of the Information Warfare Platform to two ships, the USS Lincoln and USS Bataan before fielding more comprehensive systems to the Theodore Roosevelt Strike Group. The new capability will be enabled in part by artificial intelligence, machine learning and so-called digital twins. It is expected to offer the ability to acquire, test, install and field technologies at a faster, more affordable rate while also enhancing cybersecurity.
The Pentagon is looking to buy an enterprisewide identity management system to provide a single authoritative source of user information, identity authentication and information technology access for millions of U.S. Defense Department computer network users. The Defense Information Systems Agency’s call for white papers on the development and deployment of a Defense Department Enterprise Identity Service is the first step in identifying two or three vendors to take part in a competitive prototyping contest under an other transaction authority effort.
As cyber threats continue to grow, so does the reality that digital satellite communications can be degraded and denied either through digital or electromagnetic means. If these capabilities are compromised, however, high frequency radio provides a means to continue communicating even beyond the line of sight by leveraging the ionosphere to refract radio signals back to earth.
The International Communication Union Telecommunication Standardization Sector designates the high frequency (HF) range as between 3 megahertz and 30 megahertz. While this method of communication was utilized extensively up through the 1990s, it began to lose traction in the military when the availability of satellite communications (SATCOM) increased.
More than half of organizations today are not prepared to handle cyber attacks and data breaches, according to a recent report from FireEye. Updating operating systems, patches and even cloud strategies is a start for addressing the problem today, but technology only offers one, often over-emphasized, leg of support.
By now, it’s well known there is a cybersecurity workforce gap throughout all levels of government, academia and industry. The Center for Strategic and International Studies found in a survey of IT decisionmakers across eight countries that 82 percent of employers report a shortage of cybersecurity skills, and 71 percent believe this talent gap causes direct and measurable damage to their organizations.
Essye Miller, principal deputy, Department of Defense chief information officer (DOD CIO), wants to reshape the cyber workforce conversation. And, she told the audience at the Cyber Education, Research and Training Symposium (CERTS), she needs their help.
The most senior military cyber warfighters have defined the challenge of building a world-class cybersecurity workforce: We have great performers but not enough. Our accessions can barely keep pace with attrition; but we are scheduled to grow. We need a viable plan to increase capacity.
During a panel session at the Cyber Education, Research and Training Symposium (CERTS) in Augusta, Georgia, cybersecurity leaders discussed how to build the people who can protect the nation against the tens of thousands of very high-end professionals that Russia and China are putting out.
Lt. Gen. Stephen G. Fogarty, USA, commanding general, U.S. Army Cyber Command, is preparing for the command's move from Fort Belvoir, Virginia, to Fort Gordon in Georgia later this year. Top of mind for the general though is not the physical move, it’s the people.
“It’s all about the people,” stressed Gen. Fogarty during his keynote at the third annual Cyber Education, Research and Training Symposium (CERTS) in Augusta, Georgia. “We cannot have a failure to imagine” what the future cyber workforce looks like.
Last year was a banner year for cyber fraud. In just the first six months of 2019, more than 3,800 breaches exposed 4.1 billion records, with 3.2 billion of those records exposed by just eight breaches. The scale of last year’s data breaches underscores the fact that identity has become the currency of the digital world and data is the fuel that powers the digital economy. What’s also clear looking back on 2019 is that digital identities are continually being compromised on multiple levels.
The U.S. Defense Department is providing the strategic template for cyber progress, which the military services must implement according to their own priorities and requirements. However, not all the parameters are sharply defined, and the department is responsible to Congress for ensuring that money is spent wisely and goals are met.
The department must determine “adequacy” as it reviews individual service cyber plans, and it is up to the department to explain to Congress where there is an inadequacy and why. This issue was described by Maj. Gen. Dennis A. Crall, USMC, deputy principal cyber advisor and senior military advisor for cyber policy, to an audience at an AFCEA NOVA Chapter luncheon on January 9.
There are certainly similarities between network resilience and cyber resilience. The foundation for both is the ability to maintain business or mission capabilities during an event, such as a backhoe cutting your fiber cables or a nation-state actively exploiting your network. But there are also significant differences.