Recruiting for a qualified military and civilian workforce for the U.S. Defense Department's cybersecurity mission has proven successful so far, but retaining the force remains to be seen, cyber commanders told Congress during a hearing.
U.S. Department of Homeland Security Science and Technology Directorate officials are helping other nations create cyber testbeds that can be linked, forming one large, international virtual laboratory for cyber systems. In addition, they already have in place bilateral agreements with a number of countries and are in discussions with France, Spain, Germany, Mexico and South Korea, which ultimately could expand international cooperation on cybersecurity research and development.
The topic of critical infrastructure protection has been around for decades. In May 1998, President Bill Clinton issued Presidential Decision Directive (PDD)-63 on the subject of critical infrastructure protection. This represented a decision formally recognizing that key elements of our national infrastructure were critical to national security, the economic vibrancy of the United States and the general well-being of our citizenry. The PDD further highlighted the necessary actions to preserve and ensure the continuity of these critical infrastructures. In the wake of the terrorist attacks of September 11, 2001, President George W.
The U.S. Department of Homeland Security’s Continuous Diagnostics and Mitigation program is beginning a new thrust in which it addresses a growing concern of cybersecurity: identity management. The program aims to drive the overhaul of cyber risk management across federal, state, local, tribal and territorial governments and to do so cost-effectively by leveraging the technology acquisition processes—essentially buying in bulk.
The European Union faces the same formidable increase in cyber attacks perpetrated by adversaries with improved scope and sophistication as the United States—but comes up against issues compounded by disparate national laws and cybersecurity expertise, experts say.
The National Security Agency’s third annual Best Scientific Cybersecurity Paper competition is now open. Scientific papers must have been published during 2014.
The papers will be judged on scientific merit and the the strength and significance of the work reported. In addition, the paper must exemplify the performance and reporting of cybersecurity scientific research.
The three sea services are facing different challenges with cyber operations, but they are adopting some similar solutions as they wrestle with the newest warfighting domain. In some cases, the services are affected by events that are out of their physical areas of responsibility but omnipresent in cyberspace.
Three sea service leaders described their cyber issues during the Thursday luncheon panel at West 2015, being held in San Diego, February 10-12. All panelists emphasized the importance of their people in cyber, but they also offered different perspectives on how their services are addressing cyber.
The U.S. government-backed cybersecurity framework for the nation’s federal agencies and critical infrastructure sector—released one year ago today—has received a general thumbs up of approval from industry experts. The structured guideline, presented by the Department of Commerce’s National Institute of Standards and Technology (NIST), is proving a successful advent toward a better understanding of cyber risks and organizations’ vulnerabilities, and the development of security programs to protect networks.
The U.S. Navy is exploiting its own assets and other capabilities to defend and protect against cyberthreats. Some of these internal assets include automated triggers in networks as well as advanced intelligence sources.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, Tenth Fleet, described some of these measures to the Thursday morning audience at West 2015, being held in San Diego, February 10-12. These efforts are built around her vision, which is to conduct operations through cyberspace and the electromagnetic spectrum to guarantee Navy operations while denying the same to adversaries.
The U.S. Navy is facing new and better cyber adversaries as it expands its own cyber footprint. These threats face the fleet and the nation, and the Navy may be called upon to respond in both cases.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, Tenth Fleet, described her command’s challenges to a Thursday morning audience at West 2015, being held in San Diego, February 10-12. Adm. Tighe related that 2014 saw several criminal and destructive cyber attacks, and this trend is likely to grow in 2015.
The U.S. Navy is focusing on five long-term goals in its cyber operations that involve other service and national assets. Some concentrate directly on network operations, while others are at the heart of national security activities.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, 10th Fleet, outlined the five goals in her Thursday morning address at West 2015, being held in San Diego, February 10-12. Her first goal simply is to operate the network as a warfighting entity.
The White House this week announced that it is creating a federal agency to keep tabs on and counter cybersecurity threats against the United States. The Cyber Threat Intelligence Integration Center will be the clearinghouse for collaborative offensive and defensive work performed by the FBI, the National Security Agency and the Department of Homeland Security.
Sea states are giving way to cyberthreats as the biggest variable affecting U.S. Navy operations. While the Navy is working with the other services and the U.S. Cyber Command to protect and defend its networks, it also is shaping its own cyberforce to deal with digital challenges outside of its normal purview.
The U.S. Air Force cyber community is failing, but not all is lost. While some aspects are in dire need of repair or replacement, effective solutions potentially are within reach—if leadership is up to the task.
While infocentric nations and military forces focus on the threat to their systems from malware-wielding cyber attackers, a significant danger to cyberspace may come from outer space in the form of kinetic weapons that attack vital satellites. A great number of the tactical and strategic military systems that all major, and many minor, powers use 24 hours a day rely on satellites for vital input data. Also, nearly all satellites have dual civilian and military modes, and all nations and businesses would be impacted by any loss of the vital satellites.
The Defense Department’s slow migration of much of its unclassified and nonsensitive data, along with the unclassified side of its email, to a hybrid cloud solution is taking longer than hoped but is going to happen, promised Defense Department Acting Chief Information Officer Terry Halvorsen.
“The sound of money is what’s driving this,” Halvorsen told industry members attending the Defense Department’s Cloud Industry Day held Thursday in Washington, D.C. “How do we use the cloud and modern technologies to reduce the cost and drive it into the other part, the warfighting part, of our business?”
A survey of 200 federal government, military and intelligence information technology and information technology security professionals shows that staff members pose a larger threat to computer systems than external threats. Respondents also noted that while most agencies increased their investment in addressing malicious external threats during the past two years, less than half added funding to address malicious or accidental insider threats. In some cases, investments in battling insider threats have decreased.
As they put the necessary pieces in place, Marines are mindful of tight resources and are seeking help from industry.
For the past year, U.S. Marine Corps technical personnel have been implementing a strategy to develop a private cloud. The initiative supports the vision of the commandant while seeking to offer better services to troops in disadvantaged areas of the battlefield.
Update: As of January 14, the Twitter and YouTube accounts for CENTCOM are back online.
The Twitter and YouTube accounts for the U.S. Central Command, the Defense Department branch responsible for operations in the Middle East and Afghanistan, were hacked Monday by sympathizers of the Islamic State militant group, prompting U.S. officials to suspend the accounts and launch yet another round of investigations into a cybersecurity breach.
CENTCOM’s Twitter feed included an ominous post that read: “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS.”
While cybersecurity is getting big play in the news these days—as it well should—three topics require just as much attention but have not yet hit the big time. Acquisition, spectrum and interoperability may not have the headline-grabbing charm of the hack into the U.S. Central Command’s Twitter account, but they are issues that need the same serious attention.
For years, industry and government personnel have agreed that the system for purchasing information technology systems needs change—serious change. The complicated acquisition process not only puts out-of-date technology in warfighters’ hands, it puts lives in danger.