May 2, 2016
By Joel Dolisy

In World War I, the U.S. Army used lumbering GMC trucks for the first time in combat—revolutionary for its time. Today, these vehicles would be considered slow, cumbersome and archaic in comparison to today's fast, powerful and, most of all, constantly connected warfighting machines.

In fact, thanks to the Internet of Things (IoT), just about everything that can be connected—from tanks to smartwatches—is connected. The Defense Department’s whole work force depends on thousands of devices that work off of disparate operating systems. The net result is a security risk nightmare for those who must secure government IT networks.

April 24, 2016
By Robert K. Ackerman
Vice Adm. Jan E. Tighe, USN, commander, Fleet Cyber Command and 10th Fleet, reviews cyberthreats during the AFCEA 2016 AFCEA Defensive Cyber Operations Symposium.

Defensive Cyber Operations Symposium 2016
The SIGNAL Magazine Online Show Daily, Day 3 and Final Wrap-up

Quote of the Day:
“The longer cyber attackers are in, the harder they are to get out.”—Marty Roesch, vice president and chief architect, Cisco Security Business Group

May 1, 2016
By James P. Craft

Acquisition reform has been a topic of discussion among individuals in government, industry and academia for several decades. A regular outpouring of well-written studies has occurred year after year, such as the 1986 Packard Commission report, the 1992 U.S. General Accounting Office (now the Government Accountability Office) report on weapons acquisition, the 1993 report of the Defense Department Acquisition Law Advisory Panel and the more recent Center for Strategic and International Studies report “Measuring the Outcomes of Acquisition Reform by Major DoD Components.” These studies have made recommendations and measured progress. In some cases, the same recommendations are repeated from study to study. 

May 1, 2016
By Senior Airman Ryan René Rosado, USAF

The advent of cyberspace has opened up many possibilities and now paves the way for a long overdue change in the way voters elect officials. It is time to purge outdated voting methods and use cyber platforms, which can improve voter turnout and the nation’s confidence in returns.

Despite landmark constitutional changes that give the right to vote to most adults, U.S. voter turnout is notoriously low—embarrassingly so. In 2012, 53.6 percent of an estimated voting-age population of nearly 241 million people cast ballots in the U.S. presidential election, according to Pew Research Center. 

April 26, 2016

The Defense Information Systems Agency (DISA) has renamed the Continental United States Field Command to reflect the organization’s evolution as a global service provider. The organization, which will soon consolidate the majority of its personnel into a new facility at Scott Air Force Base, Illinois, is now called the DISA Global Operations Command (DGOC).

The organization, which was informally known as DISA CONUS, was one of four regional field commands and Defense Network Operations Centers operated by DISA. It was originally established in 2003. Unlike DISA’s Central, European and Pacific field commands, DISA CONUS was not directly aligned or co-located with a combatant command headquarters. 

April 22, 2016
By Robert K. Ackerman

The days of the United States as an unassailable hyperpower have been replaced by an intensely competitive environment where two large rivals have rebuilt their militaries based on perceived U.S. vulnerabilities. Cyberspace is a foremost operational domain for each nation, and the United States must respond to their challenge or risk coming out second in a conflict with either nation.

April 22, 2016
By Robert K. Ackerman

Time is of the essence in detecting and protecting against cyber intruders, but some security measures actually work counter to their goal by increasing the difficulty for managers to fight intruders. In their haste to provide the best network security possible, these managers have hindered their ability to rid their system of many types of malware.

April 22, 2016
By Robert K. Ackerman

Efforts to counter adversaries in cyberspace jointly continue apace in the U.S. military, but the changing nature of enemy activities may require new approaches by the services. Baseline cyber activities may need to be increased, while some actions will need to remain the purview of individual services.

A panel of cyber officials discussed the ramifications of such changes on the final day of the AFCEA Defensive Cyber Operations Symposium (DCOS) 2016, held April 20-22 at the Walter E. Washington Convention Center in Washington, D.C.

April 1, 2016
By Robert K. Ackerman
A serviceman monitors his computer during the Cyber Guard 2015 exercise. Efforts within the Defense Information Systems Agency (DISA) may lead to defense personnel receiving a cybersecurity lesson every time they log on to a military network.

The ballooning volume of network breaches, the increasing sophistication of cyber attacks and the advancing talents of adversaries are among the cybersecurity challenges keeping Roger Greenwell awake at night. The chief of cybersecurity for the Defense Information Systems Agency’s Risk Management Executive, Greenwell confronts increasingly potent threats throughout a more diverse cyberscape. 

Consequently, the agency, known as DISA, is moving away from traditional cybersecurity measures. New methods, from embedding security in an operating system baseline to providing security training whenever a user accesses a device, are part of the agency’s evolving cybersecurity strategy.

April 21, 2016
By Robert K. Ackerman

Working with allies on cybersecurity could provide wide-ranging solutions that both address challenges and generate operational opportunities, suggested the U.S. Defense Department’s chief information officer. Speaking at Defensive Cyber Operations Symposium (DCOS) 2016, being held in the Washington, D.C., convention center, April 20-22, Terry Halvorsen told the morning plenary session audience that European allies are pursuing excellent approaches as they strive for cybersecurity. The United States and its allies would benefit highly from cooperating, he said.

April 1, 2016
By George I. Seffers

China, Russia and Iran all have been blamed for brazenly intruding into U.S. government or military networks, and government officials have pointed a finger at North Korea for breaking into Sony Pictures’ computers. While an eye-for-an-eye approach may sound tempting, a cyber response is not necessarily the best solution, says Aaron Hughes, deputy assistant secretary of defense for cyber policy.

April 12, 2016
By Brian Fogg

The evolution of information technology is heading toward a hyperconverged infrastructure (HCI). Companies such as Cisco and Nutanix already are delivering HCI platforms that logically and seamlessly manage, configure and allocate memory. Additionally, a software-centric HCI combines computing, storage, network and virtualization technologies into one system, which can streamline resources and eliminate the need to navigate to different applications and platforms.

April 5, 2016
Sandra Jontz

Government conversations related to safeguarding cyberspace spin around policy as much as technology, particularly when it comes to sluggish efforts to modernize networks.

Federal information assurance security policies and standard operating procedures (SOPs) were penned in the late 1990s and early 2000s, long before today’s threats rendered them obsolete, not to speak of the challenges posed by the emerging Internet of Things (IoT) influence.

April 6, 2016
By J. Wayne Lloyd

Federal agencies clamor for industry best practices to implement findings resulting from last year’s 30-day “Cybersecurity Sprint,” part of the administration’s broader effort to bolster federal cybersecurity. A new mandatory directive for all civilian government agencies, the Cybersecurity Strategy Implementation Plan (CSIP), provides a series of actions to further secure federal information systems.  

April 1, 2016
By Lt. Col. Francis Shen, ANG, and Capt. Michael Nettis, USAF
Hawaii Air National Guardsmen evaluate network vulnerabilities during the Po‘oihe 2015 cybersecurity exercise at the University of Hawaii’s Information Technology Center. The cybersecurity exercise is part of a hurricane preparedness effort that encompasses several state and federal government organizations.

As the U.S. Cyber Command recruits 6,200 cyber warriors for teams positioned around the world, it must deliberately work to develop a new generation of cyber-minded warfighters rather than simply repurpose existing service members to meet its goal. The nation may not be prepared to defend cyberspace unless it emphasizes key skills early in students’ educational development. Many of these efforts must begin locally, and some military forces already are working in that direction.

April 1, 2016
By Ashok Sankar

The proliferation of new data sources promises to compound security challenges. Organizations must embrace a new way to protect their valued assets and information, building robust assurances against data leaks, spills and theft as well as any compromise of data integrity. Cross-domain solutions offer protection at the highest levels, and they facilitate secure collaboration at significantly lower costs than other methods.

April 1, 2016
By Jennifer A. Miller

President Barack Obama’s cyber-heavy fiscal year 2017 budget recently landed with a thud on the desks of lawmakers. Never before has so much verbiage or dollar emphasis been placed on intelligence, technology and cyber. Overall, this appears to be good news for protecting the homeland. Of course, just how the fiscal request plays out after the markups, cuts and votes remains to be determined. What we do know of the request raises the question: Is the government throwing money around or strategically setting the course for a successful future? 

April 1, 2016
By Barry M. Horowitz
An unmanned aerial vehicle (UAV) pilot sits at the controls during flight tests evaluating cybersecurity. New approaches are being studied to ensure cybersecurity for links to and systems onboard UAVs.

This threat can come from signals beamed into a control stream or even embedded software containing a Trojan horse. Researchers are addressing this challenge from traditional and innovative directions as the use of unmanned aerial vehicles continues to expand into new realms. But the issues that must be accommodated are growing as quickly as threat diversity.

March 23, 2016
By Sandra Jontz
U.S. Air Force leaders discuss the defense of key terrain in cyber operations during a panel at AFCEA's inaugural TechNet Air 2016 symposium in San Antonio.

When it comes to the Air Force's cyber protection teams, or CPTs as they are better known, officials are at the stage now where they’re building the aircraft while flying it. 

It is all part of a growing effort to mature defensive cyberspace operations, and CPT members still are writing the playbook on how they define, map, prioritize and help defend key terrain. 

March 31, 2016

The National Institute of Standards and Technology (NIST) has released the final version of a document outlining its process for developing cryptographic standards and guidelines. NIST Cryptographic Standards and Guidelines Development Process (NISTIR 7977) is part of NIST’s “effort to ensure a robust, widely understood and participatory process for developing cryptography,” the institute said in a written announcement.