Encountering many variables as it strives to achieve effective cybersecurity, NATO is focusing on two long-standing constants to move forward: training and partnerships with industry. The Atlantic alliance is seeking industry help in pursuing solutions, and it is adopting many traditional methods and institutions to train personnel in vital cyberskills.
A new management trend may impel corporations to implement better cybersecurity: lead or get out of the way. Either corporate leaders take the initiative for improving their companies' cybersecurity, or shareholders will demand their ouster following a damaging attack that puts corporate futures in doubt.
Those points were offered by the Tuesday panel at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore. Four experts agreed that companies of all sizes are imperiled by cyberthreats, and leadership must institute a culture that values cybersecurity as a foundation of doing business.
With cyber losses running in the hundreds of billions of dollars, the private sector must establish its own standards for cybersecurity or face government regulations that would be painful for some firms. Either way, regulatory guidance is necessary for the private sector to avoid potentially fatal hemorrhaging of assets and information to cybermarauders.
These points were offered by the Tuesday panel at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore. Four experts examining the issue from both sides agreed that self-regulation was the desirable outcome.
The U.S. Cyber Command (CYBERCOM) faces a unique set of challenges as it tries to engage industry and academia in the cybersecurity effort, according to its commander. One of these challenges involves overcoming long-held and recent reluctance on the part of these two groups to cooperating with the government.
"How do we bring together expertise from the private sector and academia with government?" asked Adm. Michael S. Rogers, USN, commander of CYBERCOM, at the Tuesday luncheon during the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore. “How do we do that when one of the partners is not fully trusted?”
Many U.S. companies are losing business because of cyber issues expressed by foreign firms. These concerns can range from fears of U.S. vulnerabilities to worries that intelligence agencies will have access to information held by U.S. contractors.
That issue arose in both a panel discussion and an address on the first day of the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore. Panelists were discussing how companies need to realize that cybersecurity is in their best interest when the issue of foreign rejection arose.
Businesses that neglect their cybersecurity needs risk being put out of business by even the simplest of attacks, according to cybersecurity experts. While all companies face the threat of a devastating financial cyber robbery, even a simple attack that steals information could be the end for a small- or medium-size business.
The Tuesday panel at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore, warned that many firms just do not treat lax cybersecurity as a serious economic threat.
Situational awareness, automated decision making and a new way to refresh work force skills rank high on the U.S. Cyber Command's (CYBERCOM's) list of needs from industry, according to its commander. Adm. Michael S. Rogers, USN, CYBERCOM commander, director of the National Security Agency and chief of the Central Security Service, described those three items as top priorities to the luncheon audience at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore.
The U.S. Cyber Command (CYBERCOM) views the Defense Information Systems Agency (DISA) as a key partner in its effort to secure defense cyberspace. This includes the agency having an operational mission in which it plays a critical role in defending defense cyberspace, according to the commander of CYBERCOM.
Adm. Michael S. Rogers, USN, CYBERCOM’s commander, told the luncheon audience at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore, that his command already is planning a command and control construct in which DISA can carry out this new mission. The admiral sees DISA playing a key role as defense networking becomes more centralized.
The Department of Homeland Security (DHS) is taking a holistic approach to cybersecurity that focuses on preventing or mitigating the effects of a cyber intrusion on the critical infrastructure, according to a department undersecretary. Suzanne Spaulding, undersecretary for the National Protection and Programs Directorate at the department, said continuity of operation is the key to resisting cyber attacks.
The public/private partnership that influences many government efforts is a core effort as the Department of Homeland Security (DHS) strives to protect the homeland from cyber attacks. Suzanne Spaulding, undersecretary for the National Protection and Programs Directorate at the DHS, told the audience at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore, that the department has several efforts underway to engage the private sector in the fight against cyber attacks.
Innovation may be the key to ensuring that the national critical infrastructure is protected from new cyberthreats, said an undersecretary at the Department of Homeland Security (DHS). Suzanne Spaulding, undersecretary for the National Protection and Programs Directorate at the department, said that the private sector must step in to help prevent future attacks.
“We need to break through in terms of innovation,” Spaulding told the opening keynote audience at the AFCEA International Cyber Symposium, being held June 24-25 in Baltimore. She noted that most cyberdefenses concentrate on stopping known threats; instead, planners must anticipate what may be coming.
Too much time spent chasing the obvious takes away from the ability to find the less obvious risks when it comes to stopping cyberthreats. Attacks from foreign adversaries, insider threats and advanced persistent threats all look the same, so it is essential to understand what is normal and to take immediate action when an anomaly is detected.
Analytic functions, such as review of data logs, should be automated, and then analysts must determine the right "squelch settings" to avoid too much "noise," said Mark Nehmer, associate deputy director, counterintelligence (cyber), Defense Security Service, speaking at the AFCEA Cyber Symposium in Baltimore Tuesday.
A key tenet of the Joint Information Environment (JIE) will be the ability of users to have access to the same information system capabilities regardless of physical location, according to Defense Information System Agency (DISA) officials. Speaking on the final day of AFCEA’s three-day JIE Mission Partner Symposium being held in Baltimore May 12-14, the panel of officials described the importance of mobile capability as well as connectivity.
The Joint Information Environment (JIE) seeks to network the entire defense community, but its ability to address customer requirements could run afoul of its original purpose. Many military users have specific needs that must be addressed, so the JIE must meet those requirements without jeopardizing its desired interoperability.
The Joint Information Environment (JIE) will be relying on virtual capabilities to a greater degree as part of several thrusts within the network. Enabling technologies include the cloud and software modernization as planners strive to ensure interoperability and access wherever users may be located.
The U.S. Special Operations Command (SOCOM) is taking an unconventional approach to equipping its forces for an information environment that does not follow conventional guidelines. The command must provide networking for a theater force that can range from one person up through thousands of people, and it faces diverse mission needs that can require large communications pipes.
The U.S. Transportation Command (TRANSCOM) moves more information than it does any physical commodity, and this development has redefined the command’s security requirements. These requirements are complicated by the presence of commercial providers whose presence poses potential cyberspace vulnerabilities.
The Defense Logistics Agency (DLA) is charging full speed into an infocentric environment that will include mobile technologies, changing the way the agency operates. Part of this effort includes the agency’s own version of the Joint Information Environment (JIE), which will help improve interoperability.
Kathy Cutler, director of information operations (J-6) and chief information officer at the DLA, explained these activities at a panel discussion on the second day of AFCEA’s three-day JIE Mission Partner Symposium being held in Baltimore May 12-14. This process began 10 years ago and is moving into a new phase with an increased emphasis on mobile technologies.
The battle against cybermarauders begins with individual home computers, according to a high-ranking official with the U.S. Northern Command (NORTHCOM). Rear Adm. Hank Bond, USN, J-6, NORTHCOM, and deputy J-3 for cyberspace operations at NORAD, discussed national cybersecurity in a panel presentation on the second day of AFCEA's three-day Joint Information Environment (JIE) Mission Partner Symposium being held in Baltimore May 12-14.
“Where does homeland security end and homeland defense begin?” he asked. “The contested environment is in the dot com; it's in your computer at home.”
Fresh off supporting two overseas wars, the National Guard is planning for a larger role in military activities on the home front. Cyber is one area where the Guard may be serving a key role, officials say.
Some of these points were outlined in a panel discussion on the second day of AFCEA’s three-day Joint Information Environment (JIE) Mission Partner Symposium being held in Baltimore May 12-14. Rear Adm. Hank Bond, USN, J-6, U.S. Northern Command, and deputy J-3 for cyberspace operations at NORAD, said, “Our way forward in cyberspace is to properly develop the force structure around the Guard. The commercial space is the contested space.”