The increase in cyberthreats from both internal and external sources has put the onus on government agencies, particularly at the federal level, to implement strong cybersecurity architectures. While encryption is an essential component, without careful implementation, criminals easily can exploit its weaknesses, and the emerging power of quantum computing could compound the problem.
An offshoot of social media, crowdsourcing could hold solutions to some of the biggest cybersecurity problems the U.S. Defense Department faces. The burgeoning field could find fixes for thorny legacy problems as well as emerging cyberthreats. This is exactly what is taking root at the Joint Forces Staff College in a course offered to service members and their Defense Department civilian equivalents learning cyber concepts in joint, interagency and multinational environments.
If you have been living in a cave, Malaysia’s Borneo rainforest or the 1950s, then you might be among the few people unfamiliar with the power of crowdsourcing.
The term, a convenient meshing of the words crowd and outsourcing, refers to tapping a group of people with similar skills or interests and offering them a venue through which they compete or collaborate to accomplish a particular task, job or goal. Typically, crowdsourcing is carried out by leveraging the ubiquitous connectivity of the Internet. (For more, see “Crowdsourcing Confronts Cyber Challenges.”)
Internet protocol (IP) networks achieve functionality through a layering process analogous to the fabrication of their enabling semiconductor chips. But that complex process introduces complications along with capabilities.
In the information security sector, the same problems and misconceptions about cybersecurity crop up again and again. Specifically, federal government leaders believe that security is purely a technology problem. But that is not the case. Cybersecurity vulnerabilities in both industry and government are regularly the result of human behavior and not solely an information technology or system error. And this human threat often is not malicious. So how are government officials to manage this type of insider risk?
A new way of configuring networks eliminates security vulnerabilities that date back to the Internet’s origins. Instead of building multilayered protocols that act like flashing lights to alert hackers to their presence, network managers apply a single layer that is virtually invisible to cybermarauders. The result is a nearly hack-proof network that could bolster security for users fed up with phishing scams and countless other problems.
For all the talk about how hard it is to crack the cybersecurity code, what if the dialogue shifted?
What if technologists were given the right economic incentives to solve the problem? What if, instead of droning on about poor cyber hygiene practices, users weren’t treated like they are the problem but the solution?
The AFCEA Cyber Committee, which is made up of more than 40 experts in the field, has released a white paper identifying key concerns in the cyber realm and offering recommendations for the incoming administration.
The report, Key Cyber Issues and Recommendations: A Way Forward, identifies three needs in the cyber arena. The first is that the United States must approach cyber in a strategic and international context that incorporates diplomatic, information, military and economic elements of national power.
Better cooperation and enhanced information sharing between the government and industry will go a long way toward safeguarding digital networks and building up the work force needed to protect the information infrastructure. These are some of the recommendations offered by the nonpartisan Commission on Enhancing National Cybersecurity in its much-anticipated report released this month.
Researchers at Sandia National Laboratories helped develop a potentially game-changing cybersecurity system that mimics the human brain’s ability to analyze data, and they are now testing the technology on the labs’ highly targeted networks.
Rep. Ted Lieu is no stranger to having his cellphone "hacked." Intruders recently were able to track his whereabouts, eavesdrop on conversations with staff members and access his text messages and email.
Fortunately for Lieu, the intrusion was part of a 60 Minutes segment last year that the TV news program did to highlight mobile device vulnerabilities. The California Democrat knew of the hackers who had successfully exploited his phone's Signaling System Seven, aka SS7, security flaw that compromises the global network that connects phone carriers. The same vulnerabilities still exist one year later, Lieu shared on Thursday during a Capitol Hill demonstration about mobile security, or lack thereof.
The White House’s first federal budget blueprint unveiled Thursday seeks to fund the nation’s cybersecurity efforts by boosting budgets of the U.S. Defense Department and Department of Homeland Security—an initiative officials say will guard against the magnified threat landscape that is only getting worse.
As the nation deals with intelligence reports of Russian hacks of the U.S. presidential election, some of us in industry are pondering how President Donald Trump will tackle cybersecurity issues.
He already has a good road map. In December, the Commission on Enhancing National Cybersecurity issued its “Report on Securing and Growing the Digital Economy.” Kudos are in order. It is high time the executive branch dug deeply into cybersecurity issues.
A repeat or expansion of the recent distributed denial of service (DDoS) attacks on Internet traffic firm Dyn could be prevented with just three simple security measures ranging from adoption of a secure network architecture down to basic cyber hygiene. These measures could forestall up to 99 percent of these types of cyber attacks, according to a Washington, D.C.-area chief information officer (CIO).
With a little more financial backing, the U.S. Marine Corps is primed to grow its force in three critical areas to meet the threats of the future: cyber, electronic warfare (EW) and intelligence.
The nation’s expeditionary service is creating what Commandant Gen. Robert Neller, USMC, has called a Marine Expeditionary Force (MEF) information group—a critical component that encompasses those three key warfare domains, Lt. Gen. Gary Thomas, USMC, deputy commandant for Programs and Resources, told members of the U.S. House Armed Services Tactical Air and Land Forces Subcommittee.
If you can’t beat the hackers, join them—or at least act like them. By hacking a system from within, security experts can identify vulnerabilities and try to stay one step ahead of increasingly sophisticated cyber criminals. Thinking like an attacker cultivates an offensive mindset that leads to streamlined systems that incorporate the best of human skills and automated capabilities to shore up defenses from the inside out.
The U.S. Army is facing the need to fight cyberthreats at lower levels of operation, but it lacks the authority to engage in the activities needed to truly resolve digital conflicts. Its ongoing efforts in cyber might lead to that authority, although changes in technology capabilities continue to challenge the service.
We’re on the cusp of being outgunned in more than one domain.--Gen. Robert B. Abrams, USA, commanding general, U.S. Army Forces Command
— Bob Ackerman (@rkackerman) March 9, 2017
The move to cloud computing is daunting enough for corporations and governments, but add in the advancing Internet of Things, and any hopes of simple solutions to challenges vanish. The exponential growth of networked devices increases the magnitude of uncertainty about the role the cloud will play in delivering this ubiquitous connectivity.
Whenever I am notified of yet another data breach, I typically receive a complimentary one-year enrollment in a credit monitoring service. Great, I think. Free is always best! However, the monitoring is truly of little consequence given that my personally identifiable information (PII) has slipped into cyber darkness once again. I feel a sense of disappointment as I think about how much the cyberspace landscape has changed over the last 40-plus years and how little our nation’s privacy laws have done to keep up with this digital transformation.
Several nations are studying the potential military benefits of Internet of Things technologies, including a variety of inexpensive commercial sensors and smart city capabilities. Their investigation likely will include three proof-of-concept demonstrations, the first of which is planned for May in Finland.