November 10, 2015
By Sandra Jontz
Lt. Gen. Alan Lynn, USA, commander of Joint Force Headquarters–DODIN and DISA, forecasts future requirements and needed solutions to protect the Defense Department from cyber attacks during an AFCEA D.C. Chapter event. Photo by Michael Carpenter

The cyber attack into a key unclassified email server of the U.S. Joint Chiefs in August helped indoctrinate and shape missions at the new centralized office erected to defend the Defense Department’s cyber networks, said Lt. Gen. Alan Lynn, USA, commander of Joint Force Headquarters–Department of Defense Information Networks (DODIN).

The nation-state-sponsored attack was a bit of a shock in its aggressiveness, said Gen. Lynn, who also serves as the director of the Defense Information Systems Agency (DISA). “For three weeks, we went after this cyber event and worked it to figure out how we now work as this new command.”

November 2, 2015
By Robert B. Dix Jr.

The annual focus of National Cybersecurity Awareness Month during October each year reminds us clearly that cybersecurity protection and resilience is a team sport. Only through partnership and collaboration can we improve our national and global capability to address the evolving risk in cyberspace.

November 1, 2015
By Robert K. Ackerman

Information security professionals are being taught all the varied skills of the field—including how to be a hacker or a spy intruding on a network—in the same manner as runners who supplement their training with swimming and cycling to build flexibility and endurance. The cross-training philosophy is that exposing security professionals to all aspects of network defense and offense gives them a clearer understanding of the diverse elements of cybersecurity. It also embraces the concept of “it takes one to know one” by teaching them the cyber intruders’ kill chain.

November 1, 2015
By Tim Prendergast

In 2011, then-U.S. Chief Information Officer Vivek Kundra set the stage for federal agencies to take full advantage of cloud computing benefits through the Cloud First initiative, which mandates that agencies evaluate cloud options before making any new information technology investments. Since then, several agencies, including the General Services Administration, Department of the Interior, Department of Agriculture and NASA, have embraced the cloud.

November 1, 2015
By Jim Loerch
An airman from the 41st Expeditionary Electronic Combat Squadron stands next to an EC-130H Compass Call aircraft in September 2014 at Bagram Air Base, Afghanistan. The squadron provides counter-communications electronic attack capabilities.

Will cyberwarriors no longer need the Internet?

The answer might be yes—in the future. For now, warfighters can stealthily wipe out an adversary and cause no physical destruction, thanks to electronic warfare (EW). EW has emerged as a warfighting domain where covert adversaries battle for the advantage. It is a powerful tool in the U.S. military’s arsenal that could prove a critical asset to win conflicts and become the weapon of choice for warfare in general. And technological improvements on the horizon could provide capabilities once reserved for science-fiction movies.

Only those who fully comprehend EW’s capabilities will control the battlespace of the future.

November 1, 2015
By Sandra Jontz
Led by Sandia National Laboratories instructors (top row, from l) C.W. Perr and Steve Hurd, students (bottom row, from l) Anuj Kak, Samantha MacIlwaine, Makena Harmon and Evan Laufer participate in hands-on training exercises as part of Sandia’s annual summer Cyber Technologies Academy.

The overwhelming consensus among cyber professionals is that the labor pool significantly lacks qualified experts, let alone the ability to meet demand in the coming years. Hoping to entice new generations to enter the field, government agencies and nonprofit groups are placing added focus and dollars on training youths in computer science and cybersecurity.

October 29, 2015
By Sandra Jontz
Adm. Michael Rogers, USN, director of the NSA and commander of U.S. Cyber Command, warns of an increase in number and sophistication of cyber attacks during Thursday's SAP NS2 Solution Summit.

Securing the cyberspace will get worse before it gets any better, warned Adm. Michael Rogers, USN, director of the National Security Agency (NSA) and commander of U.S. Cyber Command.

“The very technical foundation of the world we’ve created with the Internet of Things is going to exacerbate [security vulnerabilities], not make it easier,” he said. Now, it’s not that the Internet of Things is bad, he pointed out. “As a private citizen, I love the convenience. But I also acknowledge it brings inherent challenges when we’re trying to defend something.”

October 27, 2015
By Sandra Jontz

The U.S. Senate passed the controversial Cybersecurity Information Sharing Act (CISA) on Tuesday, paving the way for private companies to share cyberthreat information not just with each other, but with the government.

A salient point of the measure, S. 754, centers on the freedom companies would have to share what they deem to be cyber intelligence without fear of lawsuits. But a vocal opposition to the measure took to social media during the Senate’s debate, calling on lawmakers to defeat the bill because it will tantamount to sanctioned government spying on citizens.

October 15, 2015
By Maria C. Horton

Small businesses doing work for the U.S. Defense Department pose serious cybersecurity concerns, in part because of their limited resources to invest in technical and practiced security measures, according to a congressional oversight agency’s assessment.

September 25, 2015
By George I. Seffers
President Barack Obama and President Xi Jinping of China hold a press conference at the Great Hall of the People in Beijing, China, last year. Today, the two announced a historic agreement designed to curb cyber aggression.

U.S. President Barack Obama and Chinese President Xi Jinping have agreed that neither country will “support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors,” according to a White House announcement released today.

October 5, 2015
By Robert B. Dix Jr.

Most cyber practitioners and many users agree that assessing and managing the risk attributed to cybersecurity and critical infrastructure protection is a shared responsibility between and across a wide array of stakeholders—including government, industry, academia, the nonprofit community and individual citizens.

October 1, 2015
By Robert K. Ackerman
Soldiers of the U.S. Army’s 780th Military Intelligence Brigade take part in a cyber development and mentorship exercise at Fort Meade, Maryland. Army cyber is experiencing a convergence of intelligence, electronics and communications disciplines.

The U.S. Army is converging many of its communications, electronics and intelligence disciplines to combat a cyberthreat that already has eroded much of the competitive advantage the U.S. military has possessed in recent years. Countering this threat virtually mandates that cyber operations move into the realm of fully integrated operations.

October 1, 2015
By Anthony Giandomenico

Security products are like crack to security professionals—they just cannot get enough. These products appear to be the panacea practitioners are seeking, but they often are not what they seem. They do not always solve problems, and they leave security experts continually looking for yet more new products, solutions and techniques for managing cyber risk. This raises the question: Why do enterprises and government organizations find protecting themselves from cyber crime so difficult?

October 1, 2015
By Lt. Gen. Robert M. Shea, USMC (Ret.)

A large portion of this issue of SIGNAL Magazine is devoted to its new quarterly special section—The Cyber Edge. The goal of The Cyber Edge is to do a better job of educating people across a broad spectrum in terms of the cyber threat, its implications, its technology issues and the policies that must be undertaken to solve the challenge.

Currently, from a cyber perspective, there is a dearth of information on what really is going on. Tales and stories abound, but no one goes into enough detail on what is behind those stories. Very few professional publications have properly framed the issues that must be dealt with from a cyber perspective.

October 1, 2015
By Andrew F. Coffey, Ph.D.

The Internet of Things, or IoT, encompasses an ecosystem of devices and algorithms that gather and share information via the Internet. It is the next wave of technology transforming everything from meteorology to agriculture to health care. Despite the buzz surrounding the IoT, conversation about likely effects on domestic intelligence in the United States has yet to take off.

October 1, 2015
By Nina Berry and William Prugh
This multidimensional reference model demonstrates the many entities required to provide a successful implementation of the conceptual framework to support social media extraction.

The typical all-source intelligence analyst must generate products that result from the fusion and correlation of structured and unstructured text reporting with sensor and imagery data sources. This process is complicated by the explosion of information on the Internet and the international community’s increasing use of social media to share ideas and coordinate activities, which has resulted in a larger data pool.

October 1, 2015
By Maj. John Chezem, USAFR
Students at the U.S. Air Force Network War Bridge Course learn modern cyber operations under the aegis of the Air Force Space Command. The Air Force risks losing the effectiveness, and the personnel, of its cyber force unless it addresses critical cultural issues in that domain.

As the U.S. Air Force develops its computer security forces, it finds itself caught in a web of ineffective policies and generational conflict. The arrival of people who have grown up in the information age exacerbates the 21st-century generation gap. Fortunately, a clear understanding of the root causes of problems illuminates sound models that can be evaluated and adopted to support the success of Air Force cyber.

The service has seen a mass exodus of talented cyber professionals over the past few years. Many leave because they are frustrated with Air Force cyber’s constraints and flawed policies. Although not typically the driving factor, pay for industry jobs is often better, further encouraging departure.

September 30, 2015
By George I. Seffers

The U.S. Defense Department’s Office of Small Business Programs (OSBP) has explored some options, such as online training videos, to integrate cybersecurity into its existing efforts, but as of July had not yet identified and disseminated cybersecurity resources in its outreach and education efforts to defense small businesses, according to a recent report by the U.S. Government Accountability Office (GAO).

September 16, 2015
By Sandra Jontz

As the Defense Department continues to forge closer relations with Silicon Valley, its leaders say they need more tools to improve automation of cyber basics, the department’s chief information officer (CIO) said. “At a certain point, I want to have some cyber defenses completely automated, where certain conditions occur and the system takes its own response,” said CIO Terry Halvorsen. “I think that is the only way we will keep up.” Automation would free up military and civilian cyber staff to concentrate on higher-level work.

September 9, 2015
By Robert K. Ackerman

Turning the tables on cyber marauders may be alluring as the ultimate cyber defense, but it is not without risk, according to panelists at the AFCEA/INSA Intelligence and National Security Summit being held in Washington, D.C., September 9-10. Commercial cybersecurity measures could reach beyond defense to offensive measures against cyber intruders to a limited degree, but companies must ensure they break no laws—nor rile their cyber adversaries too much.