May 5, 2015
By Glenn Kesselman

If you have a credit card, an account with a health care provider or your personal identifiable information (PII) stored with a vendor, your PII probably has been compromised. What if there was another way to allow commerce and government to use your PII without storing it?

May 1, 2015
By Robert K. Ackerman
Two Vermont Army National Guard computer network defense team members participate in a 2014 Cyber Shield exercise. The command and control of defensive cyber operations now is centralized in the Defense Department’s Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN).

The Defense Department, facing an increase in defensive cyber operations, now has the command and control it needs to wage those actions on its information network. The Joint Force Headquarters Department of Defense Information Network consolidates efforts that previously were dispersed among the services and organizations.

By Lt. Gen. Robert M. Shea, USMC (Ret.)

My hope is that the general public at last is beginning to develop a basic understanding of the vulnerabilities the nation faces in cybersecurity. My fear is that, while these vulnerabilities affect the public at large, this developing understanding has not yet integrated itself into the culture and broad practice of cybersecurity. People still tend to view cyber attacks and scams as isolated incidents with little impact. They don’t seem to grasp the pervasiveness of the threat and its accompanying short- and long-term consequences. The result is a continuation of a cavalier attitude toward cyber hygiene on the part of many individuals as well as government, industry and academia.

May 1, 2015
By Robert K. Ackerman
Personnel with the 618th Tanker Airlift Control Center coordinate global operations from Scott Air Force Base, Illinois. The U.S. Transportation Command (TRANSCOM) finds itself amid battles in cyberspace as intrusions on networks owned by its commercial partners pose a significant threat to U.S. military operations.

The U.S. Transportation Command, in charge of providing land, sea and air mobility to U.S. forces worldwide, now finds itself tasked with its own form of conflict in the cyber domain. Its use of commercial assets has opened it to foreign cyber intrusions that could potentially threaten U.S. military operations in a time of conflict as they depend heavily on mobility for force projection and logistics support.

April 29, 2015
By Robert B. Dix Jr.

Much to their credit, Congress and the president are on the verge of passing and enacting legislation that will facilitate improved sharing of cyberthreat information between government and industry. The question becomes … what is next?

April 28, 2015
By Maryann Lawlor

Although cybersecurity has been getting a lot of well-deserved attention lately, 90 percent of companies recently surveyed admit that their organizations have invested in a security technology that was ultimately discontinued or scrapped before or soon after deployment. The survey also revealed that the most important metrics are the least reliable. For example, although 70 percent of respondents said return on investment and total cost of ownership are critical metrics for investment and measurement of a technology’s economic benefits, the same number said it is difficult to calculate these metrics.

April 27, 2015
By Robert Clark

No less than five pieces of cyber legislation recently have been proposed in Congress. Yet, if history is any judge, none is likely to be signed into law. The only legislation that seems to make it over the hurdles are safe acts that do not break new ground but instead reinforce existing policy.

April 23, 2015
By Sandra Jontz
Defense Secretary Ash Carter delivers a lecture, "Rewiring the Pentagon: Charting a New Path on Innovation and Cybersecurity," at Stanford University in California on Thursday. The lecture highlights the Pentagon's new cyber strategy and innovation initiatives.

The Pentagon’s new cybersecurity strategy for the first time publicly addresses the department’s option to resort to offensive cyberwarfare tactics as a means to safeguard the military’s information networks.

The Department of Defense Cyber Strategy, the second in four years, guides the development of the military’s cyber forces toward a strengthened cyber defense and cyber deterrence posture—and plans to hold in its arsenal offensive cyber capabilities.

April 21, 2015
By Sandra Jontz

We couldn’t be in California today for Department of Homeland Security (DHS) Secretary Jeh Johnson’s address at the largest cybersecurity conference, so we’re bringing you news from the next best thing—his prepared remarks.

“My message to you today is this: Government does not have all the answers or all the talent,” Johnson said at the RSA Conference 2015 in San Francisco. “Cybersecurity must be a partnership between government and the private sector. We need each other, and we must work together. There are things government can do for you, and there are things we need you to do for us.”

April 16, 2015
By Glenn Kesselman

It seems every week we read about a cyber breach that involves millions of records at risk of compromise. Why can’t the big boys get it right? After all, they have large information technology departments and many layers of protection. From the opposite perspective, what did you do today to protect personally identifiable information (PII)?

Do you have unique personal identification numbers (PINs) for all of your passwords? If you answered no, create a priority “to do” and investigate password vaults, accessible from your mobile devices and Web browser.

April 15, 2015
By Ed Bender

Government information technology administrators long have been trained to keep an eye out for the threats that come from outside their firewalls. But what if the greatest threats actually come from within?

April 15, 2015
By Sandra Jontz
Image courtesy of nokhoog_buchachon at

Modern commercial airliners could be at risk of in-flight cybersecurity attacks through a vulnerability posed by passengers using planes’ wireless systems, warns a federal watchdog agency.

The U.S. Government Accountability Office (GAO) reviewed the Federal Aviation Administration’s (FAA's) transition to the Next Generation Air Transportation System (NexGen) and pointed out in a 56-page report several cybersecurity challenges, including protecting air-traffic control information systems, protecting aircraft avionics used to operate and guide the aircraft, and clarifying cybersecurity roles and responsibilities.

April 8, 2015
By Sandra Jontz

On the same day that news headlines implicated Russian hackers in a significant cyber attack and breach on the White House, officials attending a cybersecurity summit Tuesday in the nation’s capital warned of the uptick in the number of nation-state sponsored cyber attacks against the U.S. government and businesses.

The amplification could be worrisome because cybersecurity experts already cannot keep up with, much less get ahead of, the cyber activities that pose a national threat and have risen to the level of a national emergency.

April 1, 2015
By Sandra Jontz

New methods of teaching cybersecurity might be the best hope for providing the necessary security experts to turn the tide against malicious cybercriminals who have launched constant battles against vital networks. In purely quantitative terms, the number of available information technology security experts falls critically short of what is necessary, while the number of hackers and cyber adversaries grows larger.

April 1, 2015
By George I. Seffers
Maj. Gen. LaWarren Patterson, USA, the U.S. Army Cyber Center of Excellence and Fort Gordon commander, and Col. Jennifer Buckner, USA, Army Cyber School commandant, unveil a sign during a ribbon-cutting ceremony for the school.

The U.S. Army’s newly created cyber school is prepared to accept its first class of second lieutenants this summer followed by enlisted personnel and warrant officers. The historic first class signifies a significant first step toward building the service’s new cyber branch.

Army Secretary John McHugh and Chief of Staff Gen. Raymond Odierno approved the creation of the cyber branch in September 2014 as one of the first official steps in establishing a 17-series career field dedicated to managing the careers and professional development of officers. The remainder of the 17-series career field management program is expected to be implemented by October, with both enlisted and warrant officer career paths.

April 1, 2015
By Sandra Jontz
U.S. Army engineers expose high school students to science-related career paths through advanced classroom instruction and hands-on experiments as part of the Gains in the Education of Mathematics and Science program, which highlights power, energy and cyber curriculums.

Cybersecurity is not one of the attractive career fields that tend to draw job seekers in droves to job fairs, especially among today’s young people now entering the work force, experts say. It has been a fairly ill-defined occupation, and that has led to the creation of a U.S. government office to work to codify requirements and job descriptions. It also has prompted a discourse about whether to professionalize the line of work as the United States struggles with a critical shortage of experts qualified to keep safe the networks that handle the cornucopia of personal, government and business information in the booming digital world.

March 19, 2015
By Sandra Jontz
From left to right, Jason Healey, Suzanne Schwartz, Joshua Corman and Pat Calhoun discuss the impact of lack cybersecurity on the Internet of Things and health care.

Experts today trumpet the very same warnings voiced two years ago, when then Vice President Dick Cheney’s heart implant drew public attention and fervor to the mounting warnings of lax cybersecurity on wireless medical devices, some worn and some implanted inside the body. Few improvements have been developed to protect implanted insulin pumps, for example, from hackers who can then dispense lethal doses or to safeguard pacemakers from breaches delivering deadly shocks.

“This could be a new wave of terrorism that we see,” U.S. Rep. Diana DeGette (D-CO), whose daughter wears an implanted insulin pump, said this week at a panel discussion hosted by the Atlantic Council on the issue.

March 10, 2015
By Sandra Jontz

As if cybersecurity of late has not been tough enough, the emergence of a ubiquitous network consisting of billions of Internet connections and smart gadgets presents an alarming security threat that has failed to draw a concerted effort by experts—both in the government and industry—to address the weaknesses and protect users, experts say.

March 4, 2015
By Glenn Kesselman

Cyber attacks originate from the outside or the inside. Is there "low hanging fruit" that you can harvest to reduce an insider attack?

You can reduce the probability of an attack from a disgruntled employee by becoming more mindful of your command climate or employee attitudes and by making a commitment to spend more time with your employees/members of your command. Take an employee to lunch and learn about his or her world. Schedule a breakfast with a subordinate and listen to his or her concerns.

March 5, 2015
By Sandra Jontz
U.S. military Information Assurance runs proxies to protect Joint Task Force Guantanamo servers from malicious websites.

Recruiting for a qualified military and civilian workforce for the U.S. Defense Department's cybersecurity mission has proven successful so far, but retaining the force remains to be seen, cyber commanders told Congress during a hearing.