Cyber

March 25, 2020
By Kimberly Underwood
Credit: Shutterstock

How the U.S. government responded to the vulnerabilities created by anti-virus software and other products from Russia’s AO Kaspersky Laboratories is an important demarcation point in the growing awareness of and need for supply chain trust and assurance. Before that, conversations regarding supply chain risk management “were sort of siloed off to the side,” explains Daniel Kroese, acting deputy assistant director for the Cybersecurity and Infrastructure Security Agency’s National Risk Management Center at the Department of Homeland Security.

March 11, 2020
By George I. Seffers
The bipartisan Cyberspace Solarium Commission has released a report warning of cyberspace insecurity in the United States and offering more than 75 recommendations. Credit: Inna Bigun/Shutterstock

The bipartisan Cyberspace Solarium Commission today issued a call to action on cybersecurity. The commission issued a report sounding the alarm on the nation’s lack of security in cyberspace.

“The reality is that we are dangerously insecure in cyber. Your entire life—your paycheck, your health care, your electricity—increasingly relies on networks of digital devices that store, process and analyze data. These networks are vulnerable, if not already compromised,” Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wisconsin), co-chairs of the commission, write in a letter introducing the report.

March 9, 2020
By Kimberly Underwood
The Air Force’s Cyber Resiliency Office for Weapons Systems is helping to solve the service’s cybersecurity issues by securing weapons systems, improving training and adding cyber resiliency components into programs. Credit: Shutterstock/Den Rise

The three-year old Cyber Resiliency Office for Weapons Systems, known as CROWS, created by the National Defense Authorization Act of 2016, has set about making cyber resiliency a part of the U.S. Air Force. As a problem solver for the service, the organization is elevating the cybersecurity of weapons systems, improving the Air Force’s training in cyber and adding cyber resiliency components where uniquely needed, Joseph Bradley, SES, director of CROWS, told SIGNAL Magazine in an interview. Bradley also serves as the Air Force Life Cycle Management Center-Hanscom’s Engineering and Technical Management associate director.

March 3, 2020
By Kimberly Underwood
Vice Adm. Brian Brown, USN, commander, Naval Information Forces, speaks at WEST 2020. Photo by Michael Carpenter

The Navy’s Readiness Analytics and Visualization Environment, known as RAVEN, which recently reached full operating capability, provides three dozen data lakes to provide a picture of readiness. The Naval Information Forces, or NAVIFOR, now intends to extend the use of RAVEN to manning, training and equipping readiness and cyber readiness, according to Vice Adm. Brian Brown, USN, commander, NAVIFOR.

March 1, 2020
By Kimberly Underwood
Known as a software bill of materials, a list of software components, information about those components and their relationship to the supply chain, are key elements in building supply chain transparency. Credit: Shutterstock/Andrey Suslov

Having a detailed description of the software components in any software-based product is necessary to identify cyber vulnerabilities and ultimately help reduce cybersecurity risks, officials say. The National Telecommunications and Information Administration, working with industry stakeholders, is pursuing the advent of a so-called software bill of materials to apply to digital products that identifies and lists the pieces of software, information about those components and supply chain relationships between them, the agency specifies.

March 1, 2020
By Maj. Gen. Jennifer Napper, USA (Ret.)
Threats to the supply chain—especially cyber threats—continue to grow. Credit: Leyn/Shutterstock

When the National Counterintelligence and Security Center designated April as National Supply Chain Integrity Month, it cited threats that cost the country innovation, jobs and economic advantage. It also mentioned a reduction of U.S. military strength as the need for increased awareness. Now as we approach the one-year anniversary of that designation, threats—especially cybersecurity threats—continue to grow and evolve. These give the military-industrial base new reasons to refocus on the security of contractors, subcontractors and suppliers.

March 1, 2020
By Shaun Waterman
Hardware for 5G networks largely comes from non-U.S. firms. Samsung technology provides the foundation for Sprint Mobile’s 5G network in Chicago. Credit: Samsung

The much-hyped 5G has begun to arrive, but in the United States, the truly transformative elements of these next-generation cellular networks are probably still four or five years off. Although improvements such as 100-times-faster speeds will enable more life-and-death type services, including remote surgery or self-driving cars, they also employ a more compromised hardware supply chain and offer a larger attack surface than current networks, federal officials warn.

“The anxiety from governments and regulators about the security issues [arising from 5G] and possible nation-state interference is at a fever pitch right now,” Robert Mayer, senior vice president for cybersecurity, USTelecom, says.

March 1, 2020
By George I. Seffers
The littoral combat ships USS Independence, back, and USS Coronado travel together in the Pacific Ocean. One of the Defense Department’s primary cybersecurity concerns is that adversaries can hack into industry networks and steal secrets about developing weapon systems. U.S. Navy photo by Chief Mass Communication Specialist Keith DeVinney/Released​

With the U.S. Defense Department’s new cybersecurity verification requirements set to go into effect later this year, the Pentagon gets high marks from cybersecurity professionals for finally addressing the lack of contractor security, but experts also express doubts about the aggressive schedule and the potential for unintended consequences.

March 1, 2020
By Henry S. Kenyon

Supply chain management is vitally important to running and maintaining an organization’s IT systems, but like logistics systems, it is not inherently sexy and has historically drawn little attention from the C suite. When it is carried out, in many federal agencies it’s traditionally a manual process managed on spreadsheets. In recent years new directives have mandated that the Department of Defense (DOD) and civilian agencies must all begin monitoring this, especially for cybersecurity considerations within the Department’s Risk Management Framework (RMF).

February 7, 2020
By Kimberly Underwood
Hands-on events, such as the Capture the Flag competitions at recent AFCEA chapter conferences, are helping to build the next generation of cybersecurity protectors. Credit: Shutterstock

At conference halls throughout the year, groups of students work intensely to complete digital challenges in cyberspace, vying to win so-called Capture the Flag Contests, such as several hosted by Deloitte. The company sponsors several such educational cybersecurity competitions, including recently at AFCEA Alamo ACE in San Antonio and in Colorado Springs at the AFCEA Rocky Mountain Cyberspace Symposium.

February 1, 2020
By Robert K. Ackerman
The aircraft carrier USS Theodore Roosevelt transits the Pacific Ocean with the USS Russell and the USS Paul Hamilton. The U.S. Navy is facing several challenges as it strives to modernize its information technology across the breadth of its sea and land assets.  U.S. Navy photo

Long-discussed cybersecurity issues such as cultural attitudes, innovation and supply chain vulnerability are now at the top of the U.S. Navy’s information technology action list as it faces a multifaceted threat to information dominance. Current conditions present a sense of urgency in efforts to upgrade Navy and Marine Corps information assets, but the services also face a window of opportunity that they can exploit.

February 1, 2020
By George I. Seffers
The amphibious assault ship USS Bataan (LHD 5) departs Naval Base Norfolk. It will be one of two ships to initially carry the Information Warfare Platform to sea. Photographer’s Mate 1st Class Shawn Eklund/U.S. Navy​

Before the end of the fiscal year, the U.S. Navy intends to deliver an early version of the Information Warfare Platform to two ships, the USS Lincoln and USS Bataan before fielding more comprehensive systems to the Theodore Roosevelt Strike Group. The new capability will be enabled in part by artificial intelligence, machine learning and so-called digital twins. It is expected to offer the ability to acquire, test, install and field technologies at a faster, more affordable rate while also enhancing cybersecurity.

February 10, 2020
 
The U.S. Defense Department has released a $705 billion fiscal year 2021 budget request that includes funding for cybersecurity, hypersonic weaponry, artificial intelligence and multidomain warfare. Credit: Defense Department photo

President Donald J. Trump sent Congress a proposed Fiscal Year 2021 budget request of $740.5 billion for national security, $705.4 billion of which is for the Department of Defense (DOD), department officials announced today.

February 14, 2020
By George I. Seffers
U.S Army soldiers assigned to the 155th Armored Brigade Combat Team, Task Force Spartan, bound toward an objective during a rehearsal for a 2018 combined live-fire exercise near Alexandria, Egypt. Brigade Combat Teams may not be the top priority for future budgets as wars are fought over longer distances. U.S. Army photo by Sgt. James Lefty Larime

The U.S. Army its transforming its Department of the Army’s Management Office-Cyber (DAMO-CY) to include a wider range of joint all-domain operations capabilities.

Col. Jay Chapman, USA, division chief, Mission Command, in the Army CIO/G-6 office, revealed the change at a February 13 luncheon event in Arlington, Virginia, hosted by the AFCEA Washington, D.C. chapter.

February 1, 2020
By Kimberly Underwood

As part of the Department of the Navy’s aggressive effort to improve its data environment in its information infrastructure, the department appointed Tom Sasala, Senior Executive Service (SES), to oversee the its data management, establishing the policies and the governance around the data fabric of the department.

The Department of the Navy, or DON, was already on a path to improve its data management when Congress passed the Open Government Data Act in January. The measure required cabinet-level agencies in the military departments to create a chief data officer position.

February 1, 2020
By Maj. Gen. Jennifer Napper, USA (Ret.)
There will never be enough professionals in the workforce who understand cyberspace operations, says Maj. Gen. Jennifer Napper, USA (Ret.), vice president, Perspecta’s defense group. Credit: Gorodenkoff/Shutterstock

More than half of organizations today are not prepared to handle cyber attacks and data breaches, according to a recent report from FireEye. Updating operating systems, patches and even cloud strategies is a start for addressing the problem today, but technology only offers one, often over-emphasized, leg of support.

January 27, 2020
By Julianne Simpson
Ryan Bagby, senior program manager, Cybersecurity Special Missions, Raytheon Intelligence, Information & Services, takes part in an industry panel during AFCEA CERTS 2020.

By now, it’s well known there is a cybersecurity workforce gap throughout all levels of government, academia and industry. The Center for Strategic and International Studies found in a survey of IT decisionmakers across eight countries that 82 percent of employers report a shortage of cybersecurity skills, and 71 percent believe this talent gap causes direct and measurable damage to their organizations.

January 16, 2020
By Julianne Simpson
Photo Credit: FGC/Shutterstock

Essye Miller, principal deputy, Department of Defense chief information officer (DOD CIO), wants to reshape the cyber workforce conversation. And, she told the audience at the Cyber Education, Research and Training Symposium (CERTS), she needs their help.

January 16, 2020
By Julianne Simpson
Photo Credit: Gorodenkoff/Shutterstock

The most senior military cyber warfighters have defined the challenge of building a world-class cybersecurity workforce: We have great performers but not enough. Our accessions can barely keep pace with attrition; but we are scheduled to grow. We need a viable plan to increase capacity.

During a panel session at the Cyber Education, Research and Training Symposium (CERTS) in Augusta, Georgia, cybersecurity leaders discussed how to build the people who can protect the nation against the tens of thousands of very high-end professionals that Russia and China are putting out.

January 15, 2020
By Julianne Simpson
Photo Credit: Gorodenkoff/Shutterstock

Lt. Gen. Stephen G. Fogarty, USA, commanding general, U.S. Army Cyber Command, is preparing for the command's move from Fort Belvoir, Virginia, to Fort Gordon in Georgia later this year. Top of mind for the general though is not the physical move, it’s the people.

“It’s all about the people,” stressed Gen. Fogarty during his keynote at the third annual Cyber Education, Research and Training Symposium (CERTS) in Augusta, Georgia. “We cannot have a failure to imagine” what the future cyber workforce looks like.

Pages