With the increase of available equipment that connects to the Internet, the military needs to address the associated cybersecurity risks. The Defense Department is lacking a comprehensive strategy of how to harness these so-called IoT devices, which could be based on existing cybersecurity frameworks, advised experts at an October 31 AFCEA Quantico-Potomac Chapter luncheon.
When executives from Iron Bow Technologies sit down with officials from potential customer agencies, the goal is to understand the needs of the client rather than to close a deal, according to James Ebeler, the company’s CTO for Department of Defense (DOD) business.
The Defense Information Systems Agency (DISA) Cloud Based Internet Isolation prototyping effort is already eliminating cyber threats every day, says Angela Landress, who manages the program commonly known as CBII.
The program uses a little technological sleight of hand to keep non-secure Internet browsing in the secure Amazon Web Services (AWS) cloud rather than on the Department of Defense Information Network (DODIN). “What comes back from the cloud is actually just a video-like representation of the webpage. There’s nothing executable in it,” Landress explains.
As the number of electronic devices connected to the Internet grows, so does the security risk and the chance of data exfiltration by adversaries. Warfighters’ use of Internet of Things devices makes the military increasingly vulnerable, experts say. In addition, as the concentration of smart sensors and connected tools widens, the military may not be able to conduct unexpected operations.
Supply chain security has been of concern to government leaders for decades, but with attacks now originating in industrial control systems (ICS) from supply chain vulnerabilities and with an increasing reliance on the Internet of Things (IoT), Congress is stepping up its involvement. For example, legislators have promised that more stringent standards will soon be enforced.
The Defense Information Systems Agency (DISA) has begun the implementation phase for the Fourth Estate Network Optimization Initiative and will now begin building the network for 14 defense agencies. The endeavor will standardize equipment, enhance cybersecurity, improve interoperability and save significant money, DISA officials say.
Five cyber technology firms will vie for top honors as a six-month series of Innovation Showcase competitions reaches its climax on February 27 in Arlington, Virginia. These efforts are part of an ongoing attempt by AFCEA to apply the principle of the popular venture capital television show to bring new technologies to the attention of government organizations seeking vital solutions. Following the cyber technology Innovation Showcase, AFCEA will host another Innovation Showcase at its Small Business Innovation Summit on May 1.
The U.S. Navy is moving beyond evolution into revolution as it plans its information technology for the foreseeable future. Efforts span the reach of existing technologies while keeping room open for new media that may bring dominant emerging capabilities.
Within about 90 days, the Department of the Navy’s data strategy will be drafted and signed out, said Thomas M. Sasala, director of data strategy, Office of the Chief Management Officer, Department of the Navy. He added that the service will adapt the Defense Department data strategy in its implementation plan.
The National Security Agency (NSA) has created a new Cybersecurity Directorate as a recognition that “the best defense against devastating cyber attacks is to unify as a nation against our threats,” the agency has announced.
Cyber policy traditionally has focused more on enterprise networks than tactical systems, according to Nancy Kreidler, the Army’s new leader for the Cybersecurity and Information Assurance Directorate within the Office of the Chief Information Officer/G-6. But new initiatives emphasize cybersecurity in the tactical environment, including networks, weaponry and any other systems used by warfighters.
The U.S. arsenal boasts diverse weapons that share a common cybersecurity challenge: They depend on power generated by U.S. Defense Department or civilian-owned infrastructures that are increasingly vulnerable to cyber attack. Disrupting the availability of these power systems could impact not only the United States’ ability to project U.S. military power globally but also to respond to a domestic attack.
Leaders in multiple military organizations need increased awareness of the dangers that arise from the systems used daily in training, deployment and garrison environments. The attacks these settings face are becoming more advanced and more specific as cyber attackers’ capabilities continue to improve. To mitigate the potential risk to military systems, the networks’ individual components must be identified and understood particularly at a time when component parts are manufactured outside the United States.
A new federal cyber academy aims to help relieve the shortage in skilled cyber workers. The inaugural Federal Cybersecurity Reskilling Academy graduating class demonstrates that individuals with high aptitude and motivation can be successful in technical training and can gain the skills needed to enter the national cybersecurity workforce.
On top of other defenses, the U.S. Air Force is turning to a persistent cybersecurity model to guard its major weapon systems. Led by the Air Combat Command, which took on the service’s Cyber Mission from the Air Force Space Command last year, the service’s integration of cybersecurity includes deploying protective crews to its key airborne platforms and infrastructure.
Given increasing threat levels, the Air Force is employing cybersecurity measures to protect its data, especially to safeguard information that is weather-related and feeds into military decision making. The service is applying mission defense teams, or specialized cybersecurity crews, to safeguard weather intelligence. The cyber mission defense team structure is in action at the 557th Weather Wing at Offutt Air Force Base in Omaha, Nebraska.
In the next month or so, the U.S. Air Force will be standing up its latest Numbered Air Force, the 16th Air Force, leaders report.
As part of the move, the Air Force selected Maj. Gen. (frocked) Timothy Haugh, USAF, to be the commander of the 16th Air Force, Air Combat Command, Joint Base San Antonio-Lackland, Texas.
Government agencies are working together much more effectively as they counter terrorism and state-sponsored attacks in cyberspace. But more remains to be done as adversaries introduce new tactics and capabilities.
A panel comprising the top U.S. intelligence officials reviewed these issues as they closed out the AFCEA/INSA Intelligence & National Security Summit on September 5. Their points ranged from foreign interference in U.S. elections to cooperation—or the lack thereof—from industry with the U.S. government.
The United States is now presenting cyber adversaries with a bill for their malevolent activities. Counter-cyber efforts have joined traditional defensive measures as the intelligence community confronts cybermarauders with greater detection, discovery and prevention.
Several high-ranking intelligence officials described this new tack in combating cyber threats during a panel discussion at the AFCEA/INSA Intelligence & National Security Summit on September 5. Their observations ranged from election meddling to a potential all-out cyber war.
The secret word is out and crypto is in as government and commercial experts lay the groundwork for the next generation of identity proving and authentication. Passwords are being abandoned in favor of a range of new methods that are more secure and, in some cases, more user friendly.
Biometrics are just part of the solution. They have been paired with public key cryptography in preliminary efforts. Ultimately, the solution may emerge from an entirely new concept of identity that applies across a broad spectrum of applications.
In four years, researchers funded by the U.S. military may develop a working prototype of a system that allows for a nonsurgical interface between the human brain and technology. Such a system could improve brain control of unmanned vehicles, robots, cybersecurity systems and mechanical prosthetics while also improving the interface between humans and artificial intelligence (AI) agents.