May 7, 2015
By Sandra Jontz
Intel Security's World Password Day website

If the confession of evil works is the beginning of good works, as Saint Augustine is quoted as saying, today might prove quite cathartic. It’s world password day!

And Intel Security wants people to share their bad, funny or embarrassing password stories on social media, to “get a #PasswordConfession off your chest.” For real.

May 2, 2015
By Sandra Jontz

Key challenges continue to plague U.S. federal agencies and contractors in the area of cybersecurity, particularly for civilian agencies that trail the robust cyberdefense efforts of the Defense Department and intelligence community, according to a congressional investigative office tasked with summarizing the volatile situation for lawmakers.

May 12, 2015
By George I. Seffers

A new study from Juniper Research, Hampshire, United Kingdom, suggests that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, almost four times the estimated cost of breaches in 2015.

May 11, 2015
By Dr. Wesley Kaplow

We are passing rapidly from the information technology dark ages of less than seven decades ago to what I call the "Uncharted Territory Age." Combined, the two critical ages through which we currently are moving may yield the largest explosion of cyber risks yet. The first age is the well-known, and hyped, Internet of Things (IoT), or now Internet of Everything. The second is the big data age. Both may have a synergistic effect on the growing cyberthreat.

May 7, 2015
By George I. Seffers

Officials with the Transition to Practice (TTP) program followed the commercialization of the Quantum Secured Communications system with the transition of Hyperion, a malware forensics and software assurance technology, to R&K Cyber Solutions LLC, an application development and cyber solution company based in Manassas, Virginia.

May 5, 2015
By Glenn Kesselman

If you have a credit card, an account with a health care provider or your personal identifiable information (PII) stored with a vendor, your PII probably has been compromised. What if there was another way to allow commerce and government to use your PII without storing it?

May 1, 2015
By Robert K. Ackerman
Two Vermont Army National Guard computer network defense team members participate in a 2014 Cyber Shield exercise. The command and control of defensive cyber operations now is centralized in the Defense Department’s Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN).

The Defense Department, facing an increase in defensive cyber operations, now has the command and control it needs to wage those actions on its information network. The Joint Force Headquarters Department of Defense Information Network consolidates efforts that previously were dispersed among the services and organizations.

By Lt. Gen. Robert M. Shea, USMC (Ret.)

My hope is that the general public at last is beginning to develop a basic understanding of the vulnerabilities the nation faces in cybersecurity. My fear is that, while these vulnerabilities affect the public at large, this developing understanding has not yet integrated itself into the culture and broad practice of cybersecurity. People still tend to view cyber attacks and scams as isolated incidents with little impact. They don’t seem to grasp the pervasiveness of the threat and its accompanying short- and long-term consequences. The result is a continuation of a cavalier attitude toward cyber hygiene on the part of many individuals as well as government, industry and academia.

May 1, 2015
By Robert K. Ackerman
Personnel with the 618th Tanker Airlift Control Center coordinate global operations from Scott Air Force Base, Illinois. The U.S. Transportation Command (TRANSCOM) finds itself amid battles in cyberspace as intrusions on networks owned by its commercial partners pose a significant threat to U.S. military operations.

The U.S. Transportation Command, in charge of providing land, sea and air mobility to U.S. forces worldwide, now finds itself tasked with its own form of conflict in the cyber domain. Its use of commercial assets has opened it to foreign cyber intrusions that could potentially threaten U.S. military operations in a time of conflict as they depend heavily on mobility for force projection and logistics support.

April 29, 2015
By Robert B. Dix Jr.

Much to their credit, Congress and the president are on the verge of passing and enacting legislation that will facilitate improved sharing of cyberthreat information between government and industry. The question becomes … what is next?

April 28, 2015
By Maryann Lawlor

Although cybersecurity has been getting a lot of well-deserved attention lately, 90 percent of companies recently surveyed admit that their organizations have invested in a security technology that was ultimately discontinued or scrapped before or soon after deployment. The survey also revealed that the most important metrics are the least reliable. For example, although 70 percent of respondents said return on investment and total cost of ownership are critical metrics for investment and measurement of a technology’s economic benefits, the same number said it is difficult to calculate these metrics.

April 27, 2015
By Robert Clark

No less than five pieces of cyber legislation recently have been proposed in Congress. Yet, if history is any judge, none is likely to be signed into law. The only legislation that seems to make it over the hurdles are safe acts that do not break new ground but instead reinforce existing policy.

April 23, 2015
By Sandra Jontz
Defense Secretary Ash Carter delivers a lecture, "Rewiring the Pentagon: Charting a New Path on Innovation and Cybersecurity," at Stanford University in California on Thursday. The lecture highlights the Pentagon's new cyber strategy and innovation initiatives.

The Pentagon’s new cybersecurity strategy for the first time publicly addresses the department’s option to resort to offensive cyberwarfare tactics as a means to safeguard the military’s information networks.

The Department of Defense Cyber Strategy, the second in four years, guides the development of the military’s cyber forces toward a strengthened cyber defense and cyber deterrence posture—and plans to hold in its arsenal offensive cyber capabilities.

April 21, 2015
By Sandra Jontz

We couldn’t be in California today for Department of Homeland Security (DHS) Secretary Jeh Johnson’s address at the largest cybersecurity conference, so we’re bringing you news from the next best thing—his prepared remarks.

“My message to you today is this: Government does not have all the answers or all the talent,” Johnson said at the RSA Conference 2015 in San Francisco. “Cybersecurity must be a partnership between government and the private sector. We need each other, and we must work together. There are things government can do for you, and there are things we need you to do for us.”

April 16, 2015
By Glenn Kesselman

It seems every week we read about a cyber breach that involves millions of records at risk of compromise. Why can’t the big boys get it right? After all, they have large information technology departments and many layers of protection. From the opposite perspective, what did you do today to protect personally identifiable information (PII)?

Do you have unique personal identification numbers (PINs) for all of your passwords? If you answered no, create a priority “to do” and investigate password vaults, accessible from your mobile devices and Web browser.

April 15, 2015
By Ed Bender

Government information technology administrators long have been trained to keep an eye out for the threats that come from outside their firewalls. But what if the greatest threats actually come from within?

April 15, 2015
By Sandra Jontz
Image courtesy of nokhoog_buchachon at

Modern commercial airliners could be at risk of in-flight cybersecurity attacks through a vulnerability posed by passengers using planes’ wireless systems, warns a federal watchdog agency.

The U.S. Government Accountability Office (GAO) reviewed the Federal Aviation Administration’s (FAA's) transition to the Next Generation Air Transportation System (NexGen) and pointed out in a 56-page report several cybersecurity challenges, including protecting air-traffic control information systems, protecting aircraft avionics used to operate and guide the aircraft, and clarifying cybersecurity roles and responsibilities.

April 8, 2015
By Sandra Jontz

On the same day that news headlines implicated Russian hackers in a significant cyber attack and breach on the White House, officials attending a cybersecurity summit Tuesday in the nation’s capital warned of the uptick in the number of nation-state sponsored cyber attacks against the U.S. government and businesses.

The amplification could be worrisome because cybersecurity experts already cannot keep up with, much less get ahead of, the cyber activities that pose a national threat and have risen to the level of a national emergency.

April 1, 2015
By Sandra Jontz

New methods of teaching cybersecurity might be the best hope for providing the necessary security experts to turn the tide against malicious cybercriminals who have launched constant battles against vital networks. In purely quantitative terms, the number of available information technology security experts falls critically short of what is necessary, while the number of hackers and cyber adversaries grows larger.

April 1, 2015
By George I. Seffers
Maj. Gen. LaWarren Patterson, USA, the U.S. Army Cyber Center of Excellence and Fort Gordon commander, and Col. Jennifer Buckner, USA, Army Cyber School commandant, unveil a sign during a ribbon-cutting ceremony for the school.

The U.S. Army’s newly created cyber school is prepared to accept its first class of second lieutenants this summer followed by enlisted personnel and warrant officers. The historic first class signifies a significant first step toward building the service’s new cyber branch.

Army Secretary John McHugh and Chief of Staff Gen. Raymond Odierno approved the creation of the cyber branch in September 2014 as one of the first official steps in establishing a 17-series career field dedicated to managing the careers and professional development of officers. The remainder of the 17-series career field management program is expected to be implemented by October, with both enlisted and warrant officer career paths.