The cyber activities of Russia to try and impact the U.S. presidential elections of 2016 and 2020 are well known, spoken about by U.S. military cyber and other leaders. Going forward toward the mid-term election of 2022, the roster of countries attempting to harm U.S. processes is growing, reports Gen. Paul Nakasone, USA, commander, U.S. Cyber Command. And the command is already preparing to protect the 2022 elections.
Eight weeks on the job, the national cyber director, Chris Inglis, is examining the confines of how to approach the cyber adversaries and nation states conducting malicious attacks on the U.S. government, critical infrastructure and private sector. The former deputy director of the National Security Agency and a member of that agency for 28 years, Inglis sees how the Russian government is not taking any action against perpetrators.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA, released two key documents meant to raise the cybersecurity practices of government agencies and organizations. The documents, the Cloud Security Technical Reference Architecture (TRA) and Zero Trust Maturity Model are open for public comment through September 30, the agency reported.
As the Air Force strives to become a digital force and embraces Chief Gen. C. Q. Brown’s vision of accelerating change, the service is streamlining its cyber and communications career fields. Headquarters Air Force leaders, National Guard and Reserve leaders and major command functional managers of the cyberspace support career field met at Sheppard Air Force Base, Texas, last week to discuss how to develop the adaptable, agile communications and cyber career fields needed to support future Air Force requirements, reported John Ingle from the 82nd Training Wing Public Affairs.
The key to controlling the epidemic of fraud that weak digital identity has unleashed on government benefit programs during the pandemic lies in cooperating with oversight authorities and intergovernmental information sharing, White House American Rescue Plan Coordinator Gene Sperling told AFCEA’s 2021 Federal Identity Forum and Expo Wednesday.
“I don't think any of us in the federal government can tell you with 100 percent certainty that somebody who has used an improper identity that was not their own and got an [unemployment insurance] benefit is not also somewhere else in the government using that to try and take an additional benefit,” he said.
At Guidehouse, we pride ourselves on a collaborative approach to solving society’s most complex challenges. As one of the largest consultancies in the world, we work side-by-side with our public sector and commercial clients to advance strategic thinking and build trust in society.
We help clients address their toughest challenges with a focus on markets and clients facing transformational change, technology-driven innovation, and significant regulatory pressure. Across a range of advisory, consulting, outsourcing, and technology/analytics services, we help clients create scalable, innovative solutions that prepare them for future growth and success.
It’s time to abandon the dream of an open, federated, multiplayer identity-provider ecosystem and move on, one of the pioneers of the concept told AFCEA’s 2021 Federal Identity Forum and Expo Tuesday.
“This federation dream that we've been hanging on to a long time, this model of anybody can get a credential from dozens or hundreds of identity providers and use it everywhere, hasn't taken hold, and I don't think it's going to anytime soon,” Jeremy Grant, coordinator of the Better Identity Coalition, said.
Ransomware is a form of malicious software that infiltrates a computer or network and limits or restricts access to critical data by encrypting files until a ransom is paid.
Ransomware attacks are on the rise and continue to be a disruptive force in the cybersecurity industry, affecting everything from financial institutions to higher education. Due to the rise in remote work prompted by the pandemic, attacks are up 148%.
Five key lines of effort define the course that the Defense Information Systems Agency (DISA) is taking to ensure information superiority for the U.S. military as it moves forward against new adversarial challenges. These lines of effort are the framework for the agency’s new strategy that is being developed and implemented at DISA.
Defense Information Systems Agency (DISA) officials do not plan to try to force others in the Defense Department or military services to use its zero-trust solution known as Thunderdome.
Thunderdome is a fledgling program that offers a range of capabilities, including secure access service edge (SASE), software-defined area networking (SD-WAN), identity credential access management (ICAM) and virtual security stacks.
SASE, which is pronounced “sassy,” is a technology package that includes SD-WAN, firewall as a service and cloud access security broker. While SASE has been implemented across much of the commercial world, it has not yet been widely adopted by the government.
The threat to the integrity of the U.S. and global financial system posed by the crisis in online identity is a national security issue, a senior Treasury Department official told the 2021 Federal Identity Forum and Expo Monday.
The U.S. Air Force is pursuing zero-trust architecture on a level not seen before with the lead command, the Air Combat Command, driving many initiatives with a comprehensive view to employ zero-trust architecture across the service’s bases, weapon systems and mission environments. Supporting the cyberspace and engineering side of the effort is the 16th Air Force’s 688th Cyberspace Wing.
It may take a village to raise a child, as the saying goes, but it can take a whole society to keep a country secure.
The term “whole-of-government” has been popular since at least the early 2000s to describe a multidepartment, multiagency effort to gain an advantage or keep the nation secure. The term has been used, for example, to describe counterterrorism efforts.
MGySgt Scott Stalker, USMC, command senior enlisted leader, U.S. Space Command: It's not just multi-domain operations. It's all domains.#AFCEATechNet
The Defense Information Systems Agency, known as DISA, is expanding its artificial intelligence (AI) efforts through a research agreement and a new pilot program. While both efforts are in the beginning stages, the agency is considering how to possibly apply the so-called AI capabilities to network defense—among other areas the agency is separately pursuing—as it conducts its daily 24/7 mission of protecting the Department of Defense Information Network, or DODIN.
The agency entered into a Cooperative Research and Development Agreement, or CRADA, with Vienna, Virginia-based software company NT Concepts to apply machine learning (ML) to defensive cyber operations.
The small business sector must seize the day and immediately begin taking the steps necessary to implement tools for cyber resilience and cyber readiness. Scaling cybersecurity services, education and training are crucial to national security.
Regarding the cyber warfare landscape for 2021, the most critical group to secure is the small and midsize business sector (SMBs), particularly following the pandemic. When working with tech-specific organizations and the military, process management and a sense of purpose can overcome inertia and apathy until a financial loss appears.
Earlier this year, Defense Secretary Lloyd Austin signed off on the U.S. Defense Department’s first-ever strategy for Joint All-Domain Command and Control, or JADC2, giving his imprimatur to an ambitious vision of a fully networked U.S. military.
JADC2 aims to provide rear-echelon commanders with continuous connectivity to front-line sensors, providing real-time data and offering an unassailable decision advantage to U.S. forces.
On the digitally managed battlefield envisaged by JADC2, autonomous vehicles and networked weapons would be remotely controlled via cloud-based AI-enabled software, so that a coordinated attack by land, sea, air and cyber forces can be launched with the swipe of a finger.
As China continues to threaten U.S. national security through a whole-of-society warfare strategy, a government-private sector partnership must be a fundamental component of the U.S. government’s approach to information advantage and countering China’s attacks.
Cyber attacks present an increasing threat to the United States across all sectors of government and commercial industry, from the battlefield to the factory floor, requiring a strong, holistic approach to cyber defense through active monitoring and modeling techniques.
Recent attacks, such as the Russian-backed espionage operation that compromised a server at software developer SolarWinds Inc., affecting its downstream customers—including half a dozen federal agencies—and the recent ransomware attack on Colonial Pipeline Company, which halted fuel shipments to much of the U.S. East Coast for over a week, represent a grave threat to national security.
This scenario is all too common of late: A service man teleworks from home, supporting his command’s logistics and connected to his government network via a Common Access Card (CAC). While the pandemic abates across the United States, he and many in the workforce will continue telecommuting as governments have committed significant resources toward cloud-based services and cybersecurity solutions for accessing cloud data.
A Zero Trust approach is imperative in a world where data and users are not co-located within the same perimeter, as indicated by the May 12 White House Executive Order #14028. Deploying strong authentication upfront as a foundation when building out a Zero Trust strategy is also key to successful missions.
“Never Trust, Always Verify”: that’s the essence of Zero Trust security. But to be effective, agencies need to validate more than just their users. Tanium can help you validate devices too.
With Tanium’s comprehensive endpoint visibility and control, you can collect real-time data to authenticate devices within zero-trust models. This will help close vulnerabilities, improve cyber hygiene and raise the barrier to entry into your network.
Tanium is the ideal partner for your Zero Trust journey. Visit Tanium.com to learn more.
Led by the Air Combat Command, the U.S. Air Force is pursuing zero-trust architecture on a level not seen before. One of the service’s first main use cases applies the cybersecurity measure to the agile combat employment (ACE). ACE operations provide a more lean, agile and lethal force that can generate airpower from multiple locations. ACE requires a different kind of command and control (C2) environment, as well as advanced planning concepts and logistical supply line support.
The U.S. Navy is moving ahead at full speed to equip its assets with effective cybersecurity. However, the diverse nature of those assets—some are city-size ships while others are small but vital systems—confound planners seeking to ensure interoperable security measures.
Following the success of some initial, smaller-scale efforts, the U.S. Air Force is pursuing zero trust architecture on a level not seen before. The service’s Air Combat Command is leading the charge into many more initiatives with a comprehensive view to employ zero trust architecture across its bases, weapon systems and missions.
Winner of The Cyber Edge 2021 Writing Contest
Convincing senior defense decision makers to significantly invest in artificial intelligence capabilities that would add more value to the United States’ already digitized operational capabilities—particularly in the cyber domain—needs more than pronouncements that “AI can save the taxpayers money.” It requires a logical progression of defining the objective, identifying the need, demonstrating specific results, conducting comprehensive cost analysis and, particularly in the case of applications in the cyber domain, thoughtfully discussing resilience and deception.
2nd Place in The Cyber Edge 2021 Writing Contest
The United States stands on the cusp of a future defined by great power competitions that will undoubtedly be characterized by broad, deep and subtle cyber warfare strategies and tactics. The nation must make a deliberate decision to defend the digital human attack surface effectively by blurring traditional battle lines and creating a combined homeland and external battlespace.
3rd Place in The Cyber Edge 2021 Writing Contest
A military-age male left home and traveled through the city, unaware he was being surveilled. Those watching him knew his patterns and preferences. They collected his point of departure, route and destination to predict when he would be most vulnerable for attack. Arriving at a marketplace, he meandered through a few high-traffic areas. Passing down a quiet corridor, he finally provided a clear shot. His smartphone buzzed and its screen flashed: “Two-for-one sale at the nearby pretzel shop!” He was struck by a precision-guided advertisement.
As if cyber vulnerabilities during the pre-pandemic years weren’t worrisome enough, now cyber warriors must contend with a slate of issues. A new concern is two-fold: How to shore up the creep of pervasive vulnerabilities introduced by a remote and hybrid workforce and how to harness and empower it with efficiencies, built-in security and ease-of-use solutions to help get the job done—at speed and scale.
President of Hathaway Global Strategies, and former cyber advisor to President George W. Bush and President Barack H. Obama
What do the recent ransomware attacks bode for the United States? Is the wave of the future here, now?
Lessons learned in combating terrorist organizations such as ISIS have proved valuable to tailoring national defense techniques to use against cyber attacks from near-peer adversaries, including China and Russia. Speaking at West 2021, Gen. Paul M. Nakasone, USA, said recent experience demonstrates that the threats to data and networks has changed dramatically in scope, scale and sophistication.
Security and artificial intelligence are two of the top technological capabilities needed to fully integrate the networking for U.S. naval forces, including the Navy, Coast Guard and Marine Corps, according to experts serving on a panel during the West 2021 virtual conference.
The panel included Rear Adm. David Dermanelian, USCG, assistant commandant, command, control, communications, computers and information technology; Jennifer Edgin, assistant deputy commandant for information for the Marine Corps; and Vice Adm. Jeffrey Trussler, USN, deputy chief of naval operations for information warfare and director of naval intelligence.
The next conflict between the United States and a peer adversary may be over before the shooting begins. A capable enemy is likely to begin with all-out cyber operations, and their success could preclude any kinetic response by the United States.
That point was raised by Vice Adm. Jeffrey E. Trussler, USN, deputy chief of naval operations for information warfare/director of Naval Intelligence N2/N6, at West 2021. The virtual conference, cosponsored by AFCEA International and USNI, is running live June 29-30.
Effective cybersecurity for the U.S. Navy will hinge on interoperable tools suitable for the fleet’s diverse number of ships. As different as the ships and their systems may be, their cybersecurity must be based on common standards and interoperate across the sea service.
The Air Force has stood up the Cyber Security and Defense Formal Training Unit, or FTU, at Keesler Air Force Base. The new cyber education detachment will enable a more “streamlined training pipeline” for airmen to build their foundational cyber warfare capabilities for future service, joint and national responsibilities, leaders say.
The U.S. military is using open architecture platforms on a greater scale, deploying interchangeable hardware and software systems to its major weapon programs. In particular, the Navy’s Naval Air Systems Command, known as NAVAIR, and its Program Executive Office, Aviation Common Systems and Commercial Services, are increasingly using flexible “systems of systems” in many of its major aviation programs. The application of open architecture is allowing the Navy—and the Defense Department—to consolidate common resources, decrease risk, reuse software, enhance maintenance abilities, reduce costs and increase tactical options.
A delayed focus on IT modernization could create a gap between frequent high-impact cyber breaches and the U.S. Department of the Navy’s preparedness to address them. From the SolarWinds hack to ransomware, new cyber threats emerge almost weekly. Advances in technology to help defend against such threats occur so quickly that current acquisition and infrastructure programs cannot keep pace.
There’s little doubt that thanks to the influx of new government regulations around privacy and data security, requirements have become the primary area of focus for many defense industrial base and General Services Administration contractors.
Cybersecurity program managers are facing the dilemma of appropriately balancing compliance with threat tracking and mitigation. Today, amidst the ever-growing problem of data breaches, organizations are investing in protection. But simply complying with security and privacy standards seldom means systems and data are automatically secure.
The 35th annual AFCEA TechNet Indo-Pacific conference featured a panel with top female leaders addressing cybersecurity workforce issues. Having ever-present cybersecurity training, reaching a younger audience on their level and leveraging women who may be seeking a second career are all ways to close the cybersecurity workforce gaps, the leaders said.
The personnel within the Realities Lab at the Army Cyber Institute located at West Point explore every aspect of extended reality technologies, developing new tools, conducting studies and asking the hard questions.
The Realities Lab is dedicated to research in what is becoming known as extended reality, or XR, a term that includes augmented, virtual and mixed reality. Extended reality technologies offer a wide range of military uses, including realistic training available virtually anywhere, modeling and simulation for weapon system development, and actual situational awareness on the battlefield.
As the U.S. Department of Defense (DoD) drives forward on its cloud strategy, development teams and chief information officers alike are looking for faster ways to deploy new capabilities, proactively address cybersecurity challenges and take advantage of the resiliency of cloud operations.
The DoD has embraced the cloud to achieve speed, security and scale. The focus is now on clearing the blockers that have slowed deployment in order to accelerate the adoption of new services and unlock the transformational capabilities of cloud for the DoD enterprise and warfighters at the tactical edge.
As the Department of Defense migrates more mission-critical systems and software to cloud environments, it must also consider an innovative way for securing this new environment from potential cyber attack.
It is up to DoD organizations like the Defense Information Systems Agency (DISA) to work out the details of such efforts and ensure the military’s considerable inventory of legacy equipment and systems can continue to interoperate smoothly with the latest technologies. But integrating different technologies is never an easy process.
The U.S. Cyber Command, at the invitation of foreign governments, sends teams of cyber warriors overseas to aid in the search for, analysis of and protection against adversaries conducting cyber warfare.
While U.S. forces frequently deploy overseas, this is a different kind of military support. Instead of taking tanks, helicopters and ships, the U.S. military sends its cyber warriors, armed with their adroit offensive and defensive skills and digital tools.
Stood up last October—the Analysis and Resilience Center for Systemic Risk (ARC), a nonprofit, Arlington-Virginia-based organization—helps to protect the nation’s infrastructure by assessing the endemic cybersecurity risks to the critical energy, financial and other private sectors. A 2013 executive order identified some assets—on which the U.S. government relies but reside in the private sector—that if compromised by cyber attack could have a catastrophic impact on national security.
Recent cyber attacks against critical infrastructure such as the attack on Colonial Pipeline Co. has put cybersecurity in the spotlight.
But combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them, Gene Yoo, CEO of Resecurity Inc., told SIGNAL Magazine Editor-in-Chief Robert K. Ackerman during a SIGNAL Media Executive Video interview.
Adversaries come in different types, he added, noting that these range from part-time hacktivists to skilled professionals working for criminal organizations or state intelligence agencies.
Cyber education and training should begin not in college, not in secondary school, not in middle school, not in elementary school, but at home as soon as children are able to view or use social media, say some experts. This training is important not just to lay the groundwork for future cybersecurity professionals in a field starved for expertise, but also to instill good cyber hygiene habits that can be passed on to other family members.
The U.S. Air Force’s 67th Cyberspace Wing has been busy. The wing operationally acts as the execution arm of Air Forces Cyber, performing comprehensive cyber operations on a service and nation level. The wing has successfully proven its ability to operationalize on top of its duties to organize, train and equip, reported Col. Jeffrey Phillips, USAF, wing commander. The wing took action against Russia’s information warfare campaign over the last year, responded to the SolarWinds compromise and helped ensure the digital security of the 2020 election, Col. Phillips said during a May 18 presentation to the AFCEA Alamo Chapter.
As more federal agencies and businesses move to the cloud, managing their security needs in this new environment becomes critical. One way to do this is to implement zero-trust architectures as part of an identity cloud environment, said Sean Frazier, federal chief security officer at Okta Inc.
Zero-trust architecture, where it is assumed that the network is or will be compromised, is the latest phase of security development. This is important as the Defense Department modernizes its cloud-based systems under constant pressure from foreign cyber attacks.
The U.S. Army is creating a pilot program for a limited number of Signal Warrant Officers to build certain skills that the service is identifying as being crucial for the future digital battlefield. The program, currently being developed by the Army’s Cyber Center of Excellence (CCoE) at Fort Gordon, Georgia, will feature an online training platform for soldiers to access on-demand education when needed to support future signal, cyber and electronic warfare operations.
The U.S. Army is girding for battle in cyberspace by assembling a skilled force that it hopes will make the difference in the event of a conflict, its cyber commander stated. This force aims to be the decisive factor in any conflict in that domain.
The Army cyber workforce was the focus of the opening session for episode three of the TechNet Augusta Virtual Solutions Series, being held May 18-19. Delivering the opening keynote was Lt. Gen. Stephen G. Fogarty, USA, commander, U.S. Army Cyber Command, who wasted no words in describing the importance of the human factor in cyber operations.
Every cyber warrior can be a cyber recruiter, according to panelists at the AFCEA TechNet Augusta Virtual Event Series.
The United States faces a severe shortage in cyber personnel and in students willing to enter the cyber workforce. That shortage is even more acute in the government and the military, where talented personnel are often recruited by industry for higher pay and other incentives.