Cyber insurance can protect organizations from losing more than data, but choosing a cyber insurer and policy comes with its own caveats. The purchase decision maker must consider an individual company’s circumstances, such as revenue, risk tolerance, board guidance and regulatory environment relative to protected categories of information. In addition, every purchase decision must be critically reviewed, particularly regarding the extent of coverage exclusions in each policy.
Long before the federal government charged two defendants in 2018 for ransomware attacks on municipal computer systems—including Atlanta’s—cities found ways to make do during these outages. Police wrote reports by hand, traffic tickets were paid in person and social media kept everyone informed in a way that showcased a city’s resiliency.
As 2019 comes to a close, SIGNAL looks back at the top 10 most viewed articles of the year.
1. Army Cyber To Become an Information Warfare Command
March 14, 2019
The shift reflects the importance of integrated capabilities, above and beyond cyber.
2. China Drops All Camouflage About Its Aggression
November 20, 2019
Intelligence officers cite both hard and soft power on the march toward a global takeover.
The U.S. Army envisions future robotic vehicles that are easy for soldiers to operate while proving difficult for enemy forces to detect, jam or hack. Researchers at one of the service’s premier research and development centers are racing to build the sensors, communications links and software needed to make that vision a reality.
Fiber is booming as telecommunications customers seek more services both in the cloud and at the network’s edge. The most important part of society’s information infrastructure, it is relatively secure in the face of attempts to wreak devastating harm to the nation, experts say. But that security is not absolute, and potential vulnerabilities could open up optical fiber to damaging attacks. Damage to this infrastructure, which serves as the backbone of the Internet and all the e-commerce that travels over it, could bring about an unprecedented economic upheaval.
A new report on the commoditization of cyber weapons suggests that the easy availability of inexpensive offensive cyber tools is reshaping the cyber threat landscape. The report is being briefed to officials across the federal government, including elements of the Department of Defense, Department of Homeland Security (DHS), FBI, Senate Cyber Caucus and the Secret Service.
Over the next year, U.S. government officials intend to develop an initial conformance framework to ultimately improve resilience for systems that provide positioning, navigation and timing for a wide variety of users. That initial framework will focus on timing, and lessons learned will be used to develop more comprehensive versions.
The top five U.S. cybersecurity workforce positions in demand today are information systems security developer, information systems security manager, systems developer, research and development specialist, and software developer. To fill these posts, entry-level positions must be developed in the areas of systems administrators, network operations and cyber operator specialists. All of this demand requires a steady supply of training.
Widespread changes among the military services are leading to a return to core missions complemented by a greater emphasis on new technology realms. As a result, back to basics is flavored by space and cyber domains that pose challenges of their own.
A panel of -6s from U.S. Indo-Pacific Command (INDOPACOM) organizations outlined these challenges on the third day of TechNet Indo-Pacific 2019, held November 19-21 in Honolulu. Led by the INDOPACOM J-6, Maj. Gen. Robert J. Skinner, USAF, the panelists addressed a number of challenges facing their organizations and the U.S. military at large.
All the involved parties concerned about cybersecurity must find new ways of cooperation to meet the changing threat picture, experts say. These efforts ought to begin in elementary school, where children should be introduced to cyber and encouraged to stay out of trouble that would prevent them from pursuing a career in cybersecurity.
Less than two months on the job, Lt. Gen. Timothy Haugh, USAF, commander of the 16th Air Force (Air Forces Cyber), is already shaping the structure of the service’s new information warfare Numbered Air Force (NAF). Stood up in October, the NAF combines the service’s cyber operations; intelligence, surveillance and reconnaissance (ISR) capabilities; electronic warfare and information operations, including capabilities folded in from the 24th and 25th Air Forces.
Greater concentration on separate physical security and cybersecurity has led to a major loophole characterized by the insider threat. Combining the two disciplines holds the key to protecting against devastating data breaches.
Cybersecurity protects from the inside-out, but a major loophole enables insider threats.—Robert Bauman, Trusted Systems Inc. #AFCEATechNet
— Bob Ackerman (@rkackerman) November 20, 2019
China has no ambiguities about its concept of the global future. The rising superpower wants to replace the current system of international laws and guaranteed freedoms with one built around Chinese control of geography, commerce and information.
Thus defined, this challenge formed the basis of the keynote luncheon speech on the first day of TechNet Indo-Pacific, held November 19-21 in Honolulu. The speaker was Adm. Phil Davidson, USN, commander, U.S. Indo-Pacific Command (INDOPACOM), and he pulled no punches in describing how China has dropped all illusions of peaceful coexistence in its drive toward global domination.
With the increase of available equipment that connects to the Internet, the military needs to address the associated cybersecurity risks. The Defense Department is lacking a comprehensive strategy of how to harness these so-called IoT devices, which could be based on existing cybersecurity frameworks, advised experts at an October 31 AFCEA Quantico-Potomac Chapter luncheon.
When executives from Iron Bow Technologies sit down with officials from potential customer agencies, the goal is to understand the needs of the client rather than to close a deal, according to James Ebeler, the company’s CTO for Department of Defense (DOD) business.
The Defense Information Systems Agency (DISA) Cloud Based Internet Isolation prototyping effort is already eliminating cyber threats every day, says Angela Landress, who manages the program commonly known as CBII.
The program uses a little technological sleight of hand to keep non-secure Internet browsing in the secure Amazon Web Services (AWS) cloud rather than on the Department of Defense Information Network (DODIN). “What comes back from the cloud is actually just a video-like representation of the webpage. There’s nothing executable in it,” Landress explains.
As the number of electronic devices connected to the Internet grows, so does the security risk and the chance of data exfiltration by adversaries. Warfighters’ use of Internet of Things devices makes the military increasingly vulnerable, experts say. In addition, as the concentration of smart sensors and connected tools widens, the military may not be able to conduct unexpected operations.
Supply chain security has been of concern to government leaders for decades, but with attacks now originating in industrial control systems (ICS) from supply chain vulnerabilities and with an increasing reliance on the Internet of Things (IoT), Congress is stepping up its involvement. For example, legislators have promised that more stringent standards will soon be enforced.
The Defense Information Systems Agency (DISA) has begun the implementation phase for the Fourth Estate Network Optimization Initiative and will now begin building the network for 14 defense agencies. The endeavor will standardize equipment, enhance cybersecurity, improve interoperability and save significant money, DISA officials say.
Five cyber technology firms will vie for top honors as a six-month series of Innovation Showcase competitions reaches its climax on February 27 in Arlington, Virginia. These efforts are part of an ongoing attempt by AFCEA to apply the principle of the popular venture capital television show to bring new technologies to the attention of government organizations seeking vital solutions. Following the cyber technology Innovation Showcase, AFCEA will host another Innovation Showcase at its Small Business Innovation Summit on May 1.