A survey of 200 federal government, military and intelligence information technology and information technology security professionals shows that staff members pose a larger threat to computer systems than external threats. Respondents also noted that while most agencies increased their investment in addressing malicious external threats during the past two years, less than half added funding to address malicious or accidental insider threats. In some cases, investments in battling insider threats have decreased.
As they put the necessary pieces in place, Marines are mindful of tight resources and are seeking help from industry.
For the past year, U.S. Marine Corps technical personnel have been implementing a strategy to develop a private cloud. The initiative supports the vision of the commandant while seeking to offer better services to troops in disadvantaged areas of the battlefield.
Update: As of January 14, the Twitter and YouTube accounts for CENTCOM are back online.
The Twitter and YouTube accounts for the U.S. Central Command, the Defense Department branch responsible for operations in the Middle East and Afghanistan, were hacked Monday by sympathizers of the Islamic State militant group, prompting U.S. officials to suspend the accounts and launch yet another round of investigations into a cybersecurity breach.
CENTCOM’s Twitter feed included an ominous post that read: “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS.”
While cybersecurity is getting big play in the news these days—as it well should—three topics require just as much attention but have not yet hit the big time. Acquisition, spectrum and interoperability may not have the headline-grabbing charm of the hack into the U.S. Central Command’s Twitter account, but they are issues that need the same serious attention.
For years, industry and government personnel have agreed that the system for purchasing information technology systems needs change—serious change. The complicated acquisition process not only puts out-of-date technology in warfighters’ hands, it puts lives in danger.
I read Adm. Stravidis’ thoughtful piece on “Cyber Attacks” with great interest, for I directed the Tallinn Manual project to which he referred. Unfortunately, the admiral misstates the position taken by the “International Group of Experts” that prepared the manual during a three-year project sponsored by the NATO Cooperative Cyber Defence Center of Excellence.
U.S. Marines are testing skill sets integrated with technology in an effort to succeed in a combined conventional warfare/cyber warfare setting, employing devices such as integrated head-mounted displays and sensors on the battlefield and avoiding information overload.
The National Cybersecurity Center of Excellence (NCCoE) is inviting comments on a draft project to secure medical devices known as networked infusion pumps, which convey fluids, drugs and nutrients into patients' bloodstreams. Hospitals are increasingly using the devices and connecting them to a central system, which makes them more vulnerable to cyberthreats.
A networked infusion pump can allow centralized control of the device’s programming as well as automated cross checks against pharmacy records and patient data to ensure the right dose of fluids or medication are delivered at the right time to the right patient.
Being able to respond and adapt to changes in combat conditions is as important in cyberspace as it is in the battlespace. Forces must train for changes amid contested environments in cyberspace as they do in conventional battle.
This point was raised in a panel on assured interoperability on the final day of TechNet Asia-Pacific 2014, being held December 9-11 in Honolulu. Panel moderator Rear Adm. Nancy Norton, USN, J-6, U.S. Pacific Command, emphasized the need for maneuver warfare in cyberspace.
Podcasts are the audio on-demand equivalent of video these days. They are a bit more portable because anyone with a smartphone or tablet can tune in and catch up on episodes—not only all the time but also wherever they want. It’s a bit difficult to watch a movie while driving, although it’s been done. Podcasts also feature one other capability that on-demand viewing does not facilitate: audience participation.
The most dangerous threat to the United States may come from cyberspace rather than terrorists, according to a panel of experts. A cyberspace attack could wreak damage that would change the nature of the country, they suggested.
This was one of many issues discussed by a panel on cyber and intelligence on day two of TechNet Asia-Pacific 2014, being held in Honolulu December 9-11. The panelists offered that cyber and terrorism are the most realistic threats facing the United States.
The virtual landscape and ongoing technology trends favor cyber attackers throughout the digital realm. And, that imbalance is likely to worsen as more state players exploit new capabilities for inflicting severe damage through cyberspace.
This issue was explored by a panel on cyber and intelligence on day two of TechNet Asia-Pacific 2014, being held in Honolulu December 9-11. All the panelists agreed that the deck is stacked in favor of cybermarauders, and that situation is likely to worsen.
The U.S. Cyber Command’s Cyber Mission Force is beginning to enter the fray, but it still lacks full strength and expertise. Teams are being assigned to combatant commands as quickly as possible, yet their missions are still taking shape.
Lt. Gen. James "Kevin" McLaughlin, USAF, deputy commander, U.S. Cyber Command, described the status of the Cyber Mission Force to the breakfast audience at day two of TechNet Asia-Pacific 2014, being held in Honolulu December 9-11. Gen. McLaughlin explained that half the teams focus on defending, while the other half focus on initiating activities.
The U.S. secretary of defense recently approved a Department of Defense Information Network (DODIN) concept and Joint Force Headquarters DODIN Operations within the U.S. Cyber Command (CYBERCOM) headed by the director of the Defense Information Systems Agency (DISA). The new organization falls under CYBERCOM, but it is headed by Lt. Gen. Ronnie D. Hawkins Jr., USAF, DISA’s director.
Lt. Gen. James McLaughlin, USAF, deputy commander, U.S. Cyber Command, explained this construct to the breakfast audience during the second day of TechNet Asia-Pacific 2014, being held December 9-11 in Honolulu. It represents a shift in focus for cybersecurity.
Achieving effective cybersecurity will require instant visibility across the entire defense network. As attacks become more destructive, programs under development such as joint regional security stacks (JRSS) become all the more important, according to the deputy director of the U.S. Cyber Command (CYBERCOM).
Lt. Gen. James McLaughlin, USAF, described this challenge to the breakfast audience at day two of TechNet Asia-Pacific 2014, being held in Honolulu December 9-11. Many cyber attacks today take ownership of systems and destroy information, and any lag in response time is detrimental to the network.
The success of the Joint Information Environment (JIE) may depend on the successful implementation of the Joint Regional Security Stacks, or JRSS, according to the Defense Department acting chief information officer (CIO). Terry Halvorsen told the Tuesday luncheon audience at TechNet Asia-Pacific 2014, being held December 9-11 in Honolulu, that JRSS implementation is his office’s top priority for the JIE.
Koniag Information Security Services LLC, Chantilly, Virginia, has been awarded a ceiling $6,767,577 modification (P00005) exercising the first option period on a one-year base contract (HR0011-14-C-0048), with four one-year option periods for contractor support services for the Defense Advanced Research Projects Agency (DARPA) Security and Intelligence Directorate (SID). The modification brings the total cumulative face value of the contract to $13,481,154 from $6,713,577. Work will be performed at DARPA Headquarters in Arlington, Virginia, with an expected completion date of Dec. 31, 2015.
Northrop Grumman officials say they are developing a new kind of cyber system—a disposable system tailored for a single mission. The concept, they say, will make it more difficult for adversaries to penetrate or maneuver inside user networks.
Veterans seeking work in the field of cybersecurity can earn certifications through a new scholarship program.
Veterans transitioning to the civilian work force can apply for scholarships to earn one of the following certifications: Certified Cyber Forensics Professional (CCFPSM), Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), Certified Authorization Professional (CAP), HealthCare Information Security and Privacy Practitioner (HCISPPSM), Systems Security Certified Practitioner (SSCP) or Associate of (ISC)².
Booz Allen Hamilton, McLean, Virginia, is being awarded a $6,643,293 task order (P00003) to a previously awarded firm-fixed-price contract (HQ0034-14-A-0023) to provide technical support services for the Department of Defense's Chief Information Officer Cybersecurity and Information Assurance Support program. Work will be performed in Alexandria, Virginia, with an expected completion date of Oct. 16, 2015. Fiscal 2015 operations and maintenance funds in the amount of $6,643,293 are being obligated on this award and will expire at the end of the current fiscal year. This contract was competitively procured, with two proposals received.