Cybersecurity is not one of the attractive career fields that tend to draw job seekers in droves to job fairs, especially among today’s young people now entering the work force, experts say. It has been a fairly ill-defined occupation, and that has led to the creation of a U.S. government office to work to codify requirements and job descriptions. It also has prompted a discourse about whether to professionalize the line of work as the United States struggles with a critical shortage of experts qualified to keep safe the networks that handle the cornucopia of personal, government and business information in the booming digital world.
Experts today trumpet the very same warnings voiced two years ago, when then Vice President Dick Cheney’s heart implant drew public attention and fervor to the mounting warnings of lax cybersecurity on wireless medical devices, some worn and some implanted inside the body. Few improvements have been developed to protect implanted insulin pumps, for example, from hackers who can then dispense lethal doses or to safeguard pacemakers from breaches delivering deadly shocks.
“This could be a new wave of terrorism that we see,” U.S. Rep. Diana DeGette (D-CO), whose daughter wears an implanted insulin pump, said this week at a panel discussion hosted by the Atlantic Council on the issue.
As if cybersecurity of late has not been tough enough, the emergence of a ubiquitous network consisting of billions of Internet connections and smart gadgets presents an alarming security threat that has failed to draw a concerted effort by experts—both in the government and industry—to address the weaknesses and protect users, experts say.
Cyber attacks originate from the outside or the inside. Is there "low hanging fruit" that you can harvest to reduce an insider attack?
You can reduce the probability of an attack from a disgruntled employee by becoming more mindful of your command climate or employee attitudes and by making a commitment to spend more time with your employees/members of your command. Take an employee to lunch and learn about his or her world. Schedule a breakfast with a subordinate and listen to his or her concerns.
Recruiting for a qualified military and civilian workforce for the U.S. Defense Department's cybersecurity mission has proven successful so far, but retaining the force remains to be seen, cyber commanders told Congress during a hearing.
U.S. Department of Homeland Security Science and Technology Directorate officials are helping other nations create cyber testbeds that can be linked, forming one large, international virtual laboratory for cyber systems. In addition, they already have in place bilateral agreements with a number of countries and are in discussions with France, Spain, Germany, Mexico and South Korea, which ultimately could expand international cooperation on cybersecurity research and development.
The topic of critical infrastructure protection has been around for decades. In May 1998, President Bill Clinton issued Presidential Decision Directive (PDD)-63 on the subject of critical infrastructure protection. This represented a decision formally recognizing that key elements of our national infrastructure were critical to national security, the economic vibrancy of the United States and the general well-being of our citizenry. The PDD further highlighted the necessary actions to preserve and ensure the continuity of these critical infrastructures. In the wake of the terrorist attacks of September 11, 2001, President George W.
The U.S. Department of Homeland Security’s Continuous Diagnostics and Mitigation program is beginning a new thrust in which it addresses a growing concern of cybersecurity: identity management. The program aims to drive the overhaul of cyber risk management across federal, state, local, tribal and territorial governments and to do so cost-effectively by leveraging the technology acquisition processes—essentially buying in bulk.
The European Union faces the same formidable increase in cyber attacks perpetrated by adversaries with improved scope and sophistication as the United States—but comes up against issues compounded by disparate national laws and cybersecurity expertise, experts say.
The National Security Agency’s third annual Best Scientific Cybersecurity Paper competition is now open. Scientific papers must have been published during 2014.
The papers will be judged on scientific merit and the the strength and significance of the work reported. In addition, the paper must exemplify the performance and reporting of cybersecurity scientific research.
The three sea services are facing different challenges with cyber operations, but they are adopting some similar solutions as they wrestle with the newest warfighting domain. In some cases, the services are affected by events that are out of their physical areas of responsibility but omnipresent in cyberspace.
Three sea service leaders described their cyber issues during the Thursday luncheon panel at West 2015, being held in San Diego, February 10-12. All panelists emphasized the importance of their people in cyber, but they also offered different perspectives on how their services are addressing cyber.
The U.S. government-backed cybersecurity framework for the nation’s federal agencies and critical infrastructure sector—released one year ago today—has received a general thumbs up of approval from industry experts. The structured guideline, presented by the Department of Commerce’s National Institute of Standards and Technology (NIST), is proving a successful advent toward a better understanding of cyber risks and organizations’ vulnerabilities, and the development of security programs to protect networks.
The U.S. Navy is exploiting its own assets and other capabilities to defend and protect against cyberthreats. Some of these internal assets include automated triggers in networks as well as advanced intelligence sources.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, Tenth Fleet, described some of these measures to the Thursday morning audience at West 2015, being held in San Diego, February 10-12. These efforts are built around her vision, which is to conduct operations through cyberspace and the electromagnetic spectrum to guarantee Navy operations while denying the same to adversaries.
The U.S. Navy is facing new and better cyber adversaries as it expands its own cyber footprint. These threats face the fleet and the nation, and the Navy may be called upon to respond in both cases.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, Tenth Fleet, described her command’s challenges to a Thursday morning audience at West 2015, being held in San Diego, February 10-12. Adm. Tighe related that 2014 saw several criminal and destructive cyber attacks, and this trend is likely to grow in 2015.
The U.S. Navy is focusing on five long-term goals in its cyber operations that involve other service and national assets. Some concentrate directly on network operations, while others are at the heart of national security activities.
Vice Adm. Jan Tighe, USN, commander, Fleet Cyber Command and commander, 10th Fleet, outlined the five goals in her Thursday morning address at West 2015, being held in San Diego, February 10-12. Her first goal simply is to operate the network as a warfighting entity.
The White House this week announced that it is creating a federal agency to keep tabs on and counter cybersecurity threats against the United States. The Cyber Threat Intelligence Integration Center will be the clearinghouse for collaborative offensive and defensive work performed by the FBI, the National Security Agency and the Department of Homeland Security.
Sea states are giving way to cyberthreats as the biggest variable affecting U.S. Navy operations. While the Navy is working with the other services and the U.S. Cyber Command to protect and defend its networks, it also is shaping its own cyberforce to deal with digital challenges outside of its normal purview.
The U.S. Air Force cyber community is failing, but not all is lost. While some aspects are in dire need of repair or replacement, effective solutions potentially are within reach—if leadership is up to the task.
While infocentric nations and military forces focus on the threat to their systems from malware-wielding cyber attackers, a significant danger to cyberspace may come from outer space in the form of kinetic weapons that attack vital satellites. A great number of the tactical and strategic military systems that all major, and many minor, powers use 24 hours a day rely on satellites for vital input data. Also, nearly all satellites have dual civilian and military modes, and all nations and businesses would be impacted by any loss of the vital satellites.
The Defense Department’s slow migration of much of its unclassified and nonsensitive data, along with the unclassified side of its email, to a hybrid cloud solution is taking longer than hoped but is going to happen, promised Defense Department Acting Chief Information Officer Terry Halvorsen.
“The sound of money is what’s driving this,” Halvorsen told industry members attending the Defense Department’s Cloud Industry Day held Thursday in Washington, D.C. “How do we use the cloud and modern technologies to reduce the cost and drive it into the other part, the warfighting part, of our business?”