April 5, 2016
Sandra Jontz

Government conversations related to safeguarding cyberspace spin around policy as much as technology, particularly when it comes to sluggish efforts to modernize networks.

Federal information assurance security policies and standard operating procedures (SOPs) were penned in the late 1990s and early 2000s, long before today’s threats rendered them obsolete, not to speak of the challenges posed by the emerging Internet of Things (IoT) influence.

April 6, 2016
By J. Wayne Lloyd

Federal agencies clamor for industry best practices to implement findings resulting from last year’s 30-day “Cybersecurity Sprint,” part of the administration’s broader effort to bolster federal cybersecurity. A new mandatory directive for all civilian government agencies, the Cybersecurity Strategy Implementation Plan (CSIP), provides a series of actions to further secure federal information systems.  

April 1, 2016
By Lt. Col. Francis Shen, ANG, and Capt. Michael Nettis, USAF
Hawaii Air National Guardsmen evaluate network vulnerabilities during the Po‘oihe 2015 cybersecurity exercise at the University of Hawaii’s Information Technology Center. The cybersecurity exercise is part of a hurricane preparedness effort that encompasses several state and federal government organizations.

As the U.S. Cyber Command recruits 6,200 cyber warriors for teams positioned around the world, it must deliberately work to develop a new generation of cyber-minded warfighters rather than simply repurpose existing service members to meet its goal. The nation may not be prepared to defend cyberspace unless it emphasizes key skills early in students’ educational development. Many of these efforts must begin locally, and some military forces already are working in that direction.

April 1, 2016
By Ashok Sankar

The proliferation of new data sources promises to compound security challenges. Organizations must embrace a new way to protect their valued assets and information, building robust assurances against data leaks, spills and theft as well as any compromise of data integrity. Cross-domain solutions offer protection at the highest levels, and they facilitate secure collaboration at significantly lower costs than other methods.

April 1, 2016
By Jennifer A. Miller

President Barack Obama’s cyber-heavy fiscal year 2017 budget recently landed with a thud on the desks of lawmakers. Never before has so much verbiage or dollar emphasis been placed on intelligence, technology and cyber. Overall, this appears to be good news for protecting the homeland. Of course, just how the fiscal request plays out after the markups, cuts and votes remains to be determined. What we do know of the request raises the question: Is the government throwing money around or strategically setting the course for a successful future? 

April 1, 2016
By Barry M. Horowitz
An unmanned aerial vehicle (UAV) pilot sits at the controls during flight tests evaluating cybersecurity. New approaches are being studied to ensure cybersecurity for links to and systems onboard UAVs.

This threat can come from signals beamed into a control stream or even embedded software containing a Trojan horse. Researchers are addressing this challenge from traditional and innovative directions as the use of unmanned aerial vehicles continues to expand into new realms. But the issues that must be accommodated are growing as quickly as threat diversity.

March 23, 2016
By Sandra Jontz
U.S. Air Force leaders discuss the defense of key terrain in cyber operations during a panel at AFCEA's inaugural TechNet Air 2016 symposium in San Antonio.

When it comes to the Air Force's cyber protection teams, or CPTs as they are better known, officials are at the stage now where they’re building the aircraft while flying it. 

It is all part of a growing effort to mature defensive cyberspace operations, and CPT members still are writing the playbook on how they define, map, prioritize and help defend key terrain. 

March 31, 2016

The National Institute of Standards and Technology (NIST) has released the final version of a document outlining its process for developing cryptographic standards and guidelines. NIST Cryptographic Standards and Guidelines Development Process (NISTIR 7977) is part of NIST’s “effort to ensure a robust, widely understood and participatory process for developing cryptography,” the institute said in a written announcement.  

March 31, 2016
By Joel Dolisy

As government agencies continue their IT modernization initiatives, administrators find themselves in precarious positions when it comes to security. That’s the overall sentiment expressed in a recent cybersecurity survey issued by SolarWinds. The report found that efforts to build more modern, consolidated and secure information technology environment networks increase security challenges, but management tools offer a potential antidote to the threats.

March 22, 2016
By Sandra Jontz
Maj. Gen. Jerry Harris, USAF, vice commander of Air Combat Command at Langley Air Force Base in Virginia speaks at the inaugural TechNet Air 2016 symposium in San Antonio.

While technology helped propel the U.S. military to outshine just about every adversary, failing to safeguard key developments just might lead to its downfall, warned Maj. Gen. Jerry Harris, USAF, vice commander of Air Combat Command at Langley Air Force Base in Virginia.

At the vertex of much of technological advances has been emergence of cyberspace across warfighting domains.

March 15, 2016

Coming on the heels of Virginia's big push to reduce the number of commuters last week on area roads with Virginia Telework Week, the National Institute of Standards and Technology (NIST) is updating guidance to include the latest technology available to strengthen remote-access data security, especially as the number of teleworkers trends upward. 

March 1, 2016
By Robert K. Ackerman
A U.S. Air Force cyber transport systems technician works on an electronic equipment rack at Joint Base Charleston, South Carolina. In addition to traditional cyberthreats, the Air Force is seeing increased cyber activity aimed at bringing down its critical infrastructure at bases in the United States.

Tasked with expected challenges to its air and space networks and data traffic, the U.S. Air Force also is seeing an increasing amount of cyberthreats directed at its base infrastructure. The service projects power from its bases, and the cyber attacks it faces there are similar to those aimed at the U.S. critical infrastructure.

March 1, 2016
By Robert K. Ackerman

Maj. Gen. Burke Edwin Wilson, USAF, commander, 24th Air Force and Air Forces Cyber, offers that the 24th is working with industry “on a plethora of capabilities.” At the top of the list are defensive capabilities, particularly counter-reconnaissance for determining the threats that are coming at Air Force cyber. These include intrusion detection and protection systems, which would be especially useful for meeting the service’s critical infrastructure cyber challenge, he says.

The Air Force is experiencing significant growth in offensive cyber operations, he adds. The service wants to be able to conduct these offensive operations globally. 

March 2, 2016

The Defense Department announced today that it will invite vetted hackers to test the department’s cybersecurity under a unique pilot program. The “Hack the Pentagon” initiative is the first cyber bug bounty program in the history of the federal government.

March 1, 2016
By Robert B. Dix Jr.

News media attention recently has focused on high-profile cyber events. These include the unprecedented Office of Personnel Management (OPM) breach that exposed more than 21 million personal records, including security clearance information; massive identity theft issues at the IRS; the attack on Sony; as well as compromises at Target, Home Depot and more. This attention has raised awareness about the risks in cyberspace. Most if not all of those events are suspected to have been the work of nation-state criminal actors.

March 1, 2016
By Lt. Gen. Mike Basla, USAF (Ret.)

Cyberspace is one warfighting domain that will not allow us to conduct business as usual. Unlike the domains of land, sea, air and space, which are well-understood and whose doctrines are well-established, cyberspace represents a new and challenging frontier. It demands that we take a very different approach to developing doctrine, acquiring capabilities and conducting operations. But sometimes we approach these challenges using traditional methods and timelines that may not deliver the desired results quickly enough. Several areas need to be addressed to be successful.

March 1, 2016
By Andrew F. Coffey, Ph.D.

Rapidly evolving cyberthreats challenge all levels of government, and recent incidents such as the Office of Personnel Management data breach illustrate the importance of shielding public and private-sector organizations from such attacks.

February 22, 2016
By Sandra Jontz

Last year proved lucrative for cyber criminals, and 2016 is shaping up to be even better, with a seemingly unsuspecting victim in the hacking crosshairs: driverless cars, according to Dell Security. In 2015, hackers carried out a massive number of breaches against organizations and government agencies in spite of the millions of dollars spent not only to safeguard networks, but also to hire security experts and train employees on proper cyber hygiene, according to the company’s annual cybersecurity report released Monday.

February 9, 2016
By Sandra Jontz and George I. Seffers

President Barack Obama championed cybersecurity efforts Tuesday in seeking $19 billion for the cause as part of his fiscal year 2017 budget proposal. Additionally, he signed two executive orders to seek to strengthen government networks against cyber attacks while protecting personal information.

The budget proposal for FY17, which begins October 1, is a 35 percent increase over the current fiscal year.

February 1, 2016
By Sandra Jontz
The MUSCLE autonomous vehicle developed by the Centre for Maritime Research and Experimentation, or CMRE, for mine countermeasures works with the NATO Research Vessel Alliance (in the background). The autonomous vehicle is equipped with synthetic aperture sonar.

The buzzwords du jour are cyber at sea, a vulnerability that quickly rose in prominence within the maritime domain to jockey for attention and funding among competing disciplines. Unrelenting cyber attacks firmly positioned the emerging specialty alongside antisubmarine warfare, autonomous undersea vehicles, mine countermeasure systems and port protections, to name a few. NATO’s knowledge repository for maritime science and technology initiatives juggles all of these in its search for innovative security solutions, says Rear Adm. Hank Ort, RNLN (Ret.), director of the Centre for Maritime Research and Experimentation.