All too often, the topic of cyber presents a negative view of vulnerabilities and attacks, but cyber has a positive role to play in national defense, said Lt. Gen. Edward Cardon, USA, commanding general, U.S. Army Cyber Command.
U.S. Army officials are laboring to define what the force will look like in 2025. But technologically speaking, it is hard to define anything beyond the next two or three years, said Lt. Gen. Edward Cardon, USA, commanding general, U.S. Army Cyber Command, during AFCEA TechNet Augusta held Sept. 9-11, Augusta, Georgia.
This article is written by our sponsor Riverbed Federal. Views expressed do not necessarily reflect views of AFCEA International or SIGNAL Media.
Federal agencies are always looking for ways to spend their security dollars more efficiently. Cyber Attack Defenders recently sat down with Sean Applegate, director of technology strategy at Riverbed Federal, who provided some tips on how agencies can boost their security capabilities while cutting costs by coordinating their investments in network and security monitoring.
The National Institute of Standards and Technology (NIST) is preparing recommendations to help organizations leverage the benefits of mobile apps while managing their risks. The publication’s authors are seeking public comments about the draft of "Technical Considerations for Vetting 3rd Party Mobile Applications." The deadline for comments is Sept. 18.
While apps can improve productivity, they also can introduce vulnerabilities that put sensitive data and network resources at risk. The draft publication describes tests that software security analysts can employ to find and understand these security gaps before the app is approved for use.
Some of the hackers who have persistently attacked Lockheed Martin’s networks have “gone quiet” in recent months, officials told reporters yesterday at an Arlington, Virginia, media summit hosted by the company’s recently restructured Defense and Intelligence Solutions division. “We’ve seen a number of the adversaries—I wouldn’t say they’ve disappeared—but they’ve gone quiet,” said Darrell Durst, Lockheed Martin’s vice president, cyber solutions. “I think we have been able to counter a number of the adversaries relative to our networks.”
Innovation comes in many forms. From gradual evolution or through disruptive processes; as a result of revolutionary thinking or from a confluence of ideas from different entities that share a common goal. Today, we’re seeing more and more innovation blossoming from partnerships among seemingly disparate groups all looking for similar outcomes, whether they concern peace, productivity or profit.
Lawrence Livermore National Laboratory, Los Alamos National Laboratory and Bechtel BNI are joining forces to a new class of cyberdefense professionals to protect the nation’s critical digital infrastructure. The Bechtel-Lawrence Livermore-Los Alamos Cyber Career Development Program is designed to allow the national labs to recruit and rapidly develop cybersecurity specialists who can guide research at their respective institutions and create solutions that meet the cyberdefense needs of private industry, which owns about 80 percent of the nation’s critical digital infrastructure and assets.
The National Institute of Standards and Technology (NIST) primary external advisory board today announced a report calling for the agency to increase its staff of cryptography experts and to implement more explicit processes for ensuring openness and transparency to strengthen its cryptography efforts. In making its recommendations, the Visiting Committee on Advanced Technology (VCAT) specifically addressed NIST’s interactions with the National Security Agency (NSA).
The National Security Agency (NSA) has selected five more schools for the National Centers of Academic Excellence (CAE) in Cyber Operations Program, which is designed to cultivate more U.S. cyber professionals. These schools are now designated as Cyber Operations CAEs for the 2014-2019 academic years:
Research on the state of cybersecurity of the U.S. critical infrastructure companies reveals that 67 percent have experienced at least one security compromise that led to the loss of confidential information or disruption to operations during the past year. In addition, 24 percent of a survey’s respondents said the compromises involved insider attacks or negligent privileged information technology users. Only 6 percent provide cybersecurity training for all employees.
Maj. Gen. James K. McLaughlin, USAF, has been nominated for appointment to the rank of lieutenant general and for assignment as deputy commander, U.S. Cyber Command, at Fort Meade, Maryland. McLaughlin is currently serving as commander, 24th Air Force, Air Force Space Command; and commander, Air Forces Cyber, U.S. Cyber Command, Joint Base San Antonio-Lackland, Texas, according to a Defense Department press release.
U.S. Defense Department networks will need to operate with the minimum security available as connectivity and the threat picture evolve, said a top defense official. Terry Halvorsen, acting Defense Department chief information officer, minced no words as he described how tight budgets are limiting options across the board.
“I want for all these networks, the minimum level of security to get the mission done,” Halvorsen declared. “If we try to do the best security everywhere, we will not get to what we want. We don’t have the money; we don’t have the time.”
People with access to privileged data—such as health care records, sensitive company information, intellectual property or personal records—frequently put their organization’s sensitive information at risk, according to a new report by Raytheon Company. The survey report, “Privileged User Abuse & The Insider Threat,” finds that many individuals often are granted access to data and areas of the network not necessary for their roles and responsibilities. Furthermore, 65 percent of survey respondents indicated that curiosity—not job necessity—drives them to access sensitive or confidential data.
Key findings include:
A key tenet of the Joint Information Environment (JIE) will be the ability of users to have access to the same information system capabilities regardless of physical location, according to Defense Information System Agency (DISA) officials. Speaking on the final day of AFCEA’s three-day JIE Mission Partner Symposium being held in Baltimore May 12-14, the panel of officials described the importance of mobile capability as well as connectivity.
The Joint Information Environment (JIE) seeks to network the entire defense community, but its ability to address customer requirements could run afoul of its original purpose. Many military users have specific needs that must be addressed, so the JIE must meet those requirements without jeopardizing its desired interoperability.
The Joint Information Environment (JIE) will be relying on virtual capabilities to a greater degree as part of several thrusts within the network. Enabling technologies include the cloud and software modernization as planners strive to ensure interoperability and access wherever users may be located.
The U.S. Transportation Command (TRANSCOM) moves more information than it does any physical commodity, and this development has redefined the command’s security requirements. These requirements are complicated by the presence of commercial providers whose presence poses potential cyberspace vulnerabilities.
The Defense Logistics Agency (DLA) is charging full speed into an infocentric environment that will include mobile technologies, changing the way the agency operates. Part of this effort includes the agency’s own version of the Joint Information Environment (JIE), which will help improve interoperability.
Kathy Cutler, director of information operations (J-6) and chief information officer at the DLA, explained these activities at a panel discussion on the second day of AFCEA’s three-day JIE Mission Partner Symposium being held in Baltimore May 12-14. This process began 10 years ago and is moving into a new phase with an increased emphasis on mobile technologies.
The U.S. Special Operations Command (SOCOM) is taking an unconventional approach to equipping its forces for an information environment that does not follow conventional guidelines. The command must provide networking for a theater force that can range from one person up through thousands of people, and it faces diverse mission needs that can require large communications pipes.