Women comprise just 11 percent of the information security work force, and despite being more educated than men in the field, hold fewer senior-level positions and earn less money, new research shows. Female representation in the industry also has remained unchanged since 2013, according to the Center for Cyber Safety and Education’s Women in Cybersecurity report.
As the Internet of Things, or IoT, steadily migrates from fantasy to reality, the accompanying cybersecurity challenges posed by billions of connected devices have become not only evident, but a leading concern for federal technologists.
The lack of IoT security tops a list of critical concerns for surveyed professionals wrestling to address the challenges increasingly front and center as the sheer number of connected devices and sensors grows, according to results of a recent Brocade survey.
The U.S. government took a vital tangible step toward clearly defining rules of cyber war when the Department of Justice unsealed an indictment on March 15 accusing two operatives of Russia’s Federal Security Service (FSB) and two hired computer hackers of being behind last year's massive cyber breach of Yahoo.
Emerging technologies such as artificial intelligence and cognitive computing soon could be setting sail to aid the U.S. Navy in its battle to conquer cyberspace. Such capabilities could hold the key to improving cyber defense, while other approaches are making their way into offensive cyber operations, says the Navy’s top cyber officer.
Some technologies the Navy seeks are dual-use in the sense that they can be employed by defenders as well as attackers. Automation, for example, is being used by nation-states to probe and prey upon large blocks of Internet protocol (IP) space in both the military and commercial realms. Yet defenders also may rely on automation to help detect and respond to cyberthreats early in an attack.
The increase in cyberthreats from both internal and external sources has put the onus on government agencies, particularly at the federal level, to implement strong cybersecurity architectures. While encryption is an essential component, without careful implementation, criminals easily can exploit its weaknesses, and the emerging power of quantum computing could compound the problem.
An offshoot of social media, crowdsourcing could hold solutions to some of the biggest cybersecurity problems the U.S. Defense Department faces. The burgeoning field could find fixes for thorny legacy problems as well as emerging cyberthreats. This is exactly what is taking root at the Joint Forces Staff College in a course offered to service members and their Defense Department civilian equivalents learning cyber concepts in joint, interagency and multinational environments.
If you have been living in a cave, Malaysia’s Borneo rainforest or the 1950s, then you might be among the few people unfamiliar with the power of crowdsourcing.
The term, a convenient meshing of the words crowd and outsourcing, refers to tapping a group of people with similar skills or interests and offering them a venue through which they compete or collaborate to accomplish a particular task, job or goal. Typically, crowdsourcing is carried out by leveraging the ubiquitous connectivity of the Internet. (For more, see “Crowdsourcing Confronts Cyber Challenges.”)
Internet protocol (IP) networks achieve functionality through a layering process analogous to the fabrication of their enabling semiconductor chips. But that complex process introduces complications along with capabilities.
In the information security sector, the same problems and misconceptions about cybersecurity crop up again and again. Specifically, federal government leaders believe that security is purely a technology problem. But that is not the case. Cybersecurity vulnerabilities in both industry and government are regularly the result of human behavior and not solely an information technology or system error. And this human threat often is not malicious. So how are government officials to manage this type of insider risk?
A new way of configuring networks eliminates security vulnerabilities that date back to the Internet’s origins. Instead of building multilayered protocols that act like flashing lights to alert hackers to their presence, network managers apply a single layer that is virtually invisible to cybermarauders. The result is a nearly hack-proof network that could bolster security for users fed up with phishing scams and countless other problems.
For all the talk about how hard it is to crack the cybersecurity code, what if the dialogue shifted?
What if technologists were given the right economic incentives to solve the problem? What if, instead of droning on about poor cyber hygiene practices, users weren’t treated like they are the problem but the solution?
The AFCEA Cyber Committee, which is made up of more than 40 experts in the field, has released a white paper identifying key concerns in the cyber realm and offering recommendations for the incoming administration.
The report, Key Cyber Issues and Recommendations: A Way Forward, identifies three needs in the cyber arena. The first is that the United States must approach cyber in a strategic and international context that incorporates diplomatic, information, military and economic elements of national power.
Better cooperation and enhanced information sharing between the government and industry will go a long way toward safeguarding digital networks and building up the work force needed to protect the information infrastructure. These are some of the recommendations offered by the nonpartisan Commission on Enhancing National Cybersecurity in its much-anticipated report released this month.
Researchers at Sandia National Laboratories helped develop a potentially game-changing cybersecurity system that mimics the human brain’s ability to analyze data, and they are now testing the technology on the labs’ highly targeted networks.
Rep. Ted Lieu is no stranger to having his cellphone "hacked." Intruders recently were able to track his whereabouts, eavesdrop on conversations with staff members and access his text messages and email.
Fortunately for Lieu, the intrusion was part of a 60 Minutes segment last year that the TV news program did to highlight mobile device vulnerabilities. The California Democrat knew of the hackers who had successfully exploited his phone's Signaling System Seven, aka SS7, security flaw that compromises the global network that connects phone carriers. The same vulnerabilities still exist one year later, Lieu shared on Thursday during a Capitol Hill demonstration about mobile security, or lack thereof.
The White House’s first federal budget blueprint unveiled Thursday seeks to fund the nation’s cybersecurity efforts by boosting budgets of the U.S. Defense Department and Department of Homeland Security—an initiative officials say will guard against the magnified threat landscape that is only getting worse.
As the nation deals with intelligence reports of Russian hacks of the U.S. presidential election, some of us in industry are pondering how President Donald Trump will tackle cybersecurity issues.
He already has a good road map. In December, the Commission on Enhancing National Cybersecurity issued its “Report on Securing and Growing the Digital Economy.” Kudos are in order. It is high time the executive branch dug deeply into cybersecurity issues.
A repeat or expansion of the recent distributed denial of service (DDoS) attacks on Internet traffic firm Dyn could be prevented with just three simple security measures ranging from adoption of a secure network architecture down to basic cyber hygiene. These measures could forestall up to 99 percent of these types of cyber attacks, according to a Washington, D.C.-area chief information officer (CIO).
With a little more financial backing, the U.S. Marine Corps is primed to grow its force in three critical areas to meet the threats of the future: cyber, electronic warfare (EW) and intelligence.
The nation’s expeditionary service is creating what Commandant Gen. Robert Neller, USMC, has called a Marine Expeditionary Force (MEF) information group—a critical component that encompasses those three key warfare domains, Lt. Gen. Gary Thomas, USMC, deputy commandant for Programs and Resources, told members of the U.S. House Armed Services Tactical Air and Land Forces Subcommittee.
If you can’t beat the hackers, join them—or at least act like them. By hacking a system from within, security experts can identify vulnerabilities and try to stay one step ahead of increasingly sophisticated cyber criminals. Thinking like an attacker cultivates an offensive mindset that leads to streamlined systems that incorporate the best of human skills and automated capabilities to shore up defenses from the inside out.