Recently, Secretary of State Michael Pompeo, in response to Executive Order 13800, released recommendations to the President of the United States on the subject of cybersecurity. Included was an emphasis both on domestic policy and international cooperation to achieve several key diplomatic, military and economic goals. The specific focus on international cooperation is a big step in the right direction. The United States has a chance to demonstrate international leadership on a complex issue, while setting the groundwork necessary to protect national interests.
Millions of times every single day, antagonists search for entry into the U.S. Defense Department’s networks. They come from all over: Russia, China, North Korea, Iran. Some are sponsored by nation-states; others are terrorist groups.
ClearForce of Vienna, Virginia, a small business with a prestigious board of directors, was named the champion of an AFCEA shark tank tournament that featured a total of 14 small businesses offering 15 different entrepreneurial technologies. The winner of a two-month long shark tank competition for entrepreneurial cyber-related technology was selected by audience participants in an innovation summit.
A small business providing advanced data security is the third and final firm selected in an AFCEA Small Business Innovation Shark Tank competition to uncover innovative emerging technologies. The company, Avocado of San Jose, California, won against six other firms with its distributed and deterministic layer-7 application security platform.
The U.S. Office of Management and Budget released a report this spring showing the abysmal state of cybersecurity in the federal government. Three-quarters of the agencies assessed were found to be “at risk” or “at high risk,” highlighting the need for a cyber overhaul. The report also noted that many agencies lacked “standardized cybersecurity processes and IT capabilities,” which affected their ability to “gain visibility and effectively combat threats.”
Medical technologies such as electronic devices implanted or injected into the human body are the next growth area for hackers pursuing money or control of individual people. With nanotechnology implants already being used for some medical treatments, advances in their application could pose as great a cybersecurity threat as what faces the Internet of Things, experts say.
When Alexander Woody was born, his mother knew she needed to forge a new path career-wise. She enrolled in an associate's degree program at her local community college and studied computer programming.
“She hit that program really hard back in the '90s and was able to succeed,” says Woody, who is now an Army specialist working as a counter pursuit operator within the National Security Agency’s (NSA’s) Cybersecurity Threat Operations Center.
Spc. Woody ended up with the NSA after finding himself also at a career crossroad. He studied chemistry at North Carolina State University and sometimes tutors high school students struggling with chemistry. But he realized it wasn’t the right career choice for him.
The U.S. Navy is working to speed cyber capabilities to the force to keep up with both technology innovation and adversarial activities. Major obstacles can be found both internally and externally, and security concerns dominate all modernization efforts.
The U.S. Department of Homeland Security’s Science and Technology Directorate is working to improve the resiliency of smartphones and other mobile technologies through directed research and development initiatives. Not as secure as office computers, mobile devices are becoming the preferred target for malicious actions by cyber adversaries. In many cases, smartphones, tablets and other electronic devices simply do not have the same protections available for more traditional computing technologies, experts say. The level of attacks also is moving “deeper down the mobile device stack,” from the application and mobile operating system layers to the hardware and infrastructure layers, according to the department.
It has become increasingly evident that artificial intelligence (AI) and machine learning (ML) are poised to impact government technology. Just last year, the General Services Administration launched programs to enable federal adoption of AI, and the White House encouraged federal agencies to explore all of the possibilities AI could offer. The benefits are substantial, but before the federal government can fully take advantage of advancements like AI, federal agencies must prepare their IT infrastructure to securely handle the additional bandwidth.
The U.S. Air Force is developing a methodology for assessing the cyber resiliency of weapon systems and examining how to standardize that methodology across the service. The effort could improve the security of hundreds of weapon systems, including aerial refueling planes, fighter jets and inertial navigation systems.
The cyber realm has redefined the meaning of warfare itself. Conflict in cyberspace is constant, low-cost and uninhibited by traditional definitions of territory and country. Now, governments, militaries and private research groups from America to South Korea are taking cyber capabilities one step further, using developments in artificial intelligence and machine learning to create autonomous weapons that will soon be deployed into battle.
Machine learning already has been used in both cyber and kinetic weapons, from autonomously firing gun turrets to human-superior social engineering attacks. While these advances are noteworthy, these machines are neither entirely intelligent nor autonomous.
The recent dissemination of classified information through media outlets and social media indicate that contemporary insider threat management has entered a new phase. Unlike previous generations that adhered to a strict code of silence, some millennials in charge of keeping U.S. secrets safe have the urge to share information they deem the public has the right to know. Rather than going through official channels to reveal actions they believe are wrong, people like Chelsea Manning, Edward Snowden and Reality Winner leak classified material through media and are just the first indication of information management processes that must change with the times.
The U.S. Defense Department is leaning forward by investing in capabilities that equip U.S. cyber forces with a warfighting platform to achieve, maintain and defend cyberspace superiority. The Unified Platform will be critical to realizing U.S. Cyber Command’s vision to maneuver globally and seamlessly between defense and offense across the cyberspace domain and defend far forward into an adversary’s cyber space.
Wary that the Internet of Things (IoT) could be used to introduce unwanted and unchecked security risks into government networks, senators last year created a piece of legislation that placed minimum security standards around IoT devices sold to and purchased by government agencies. The IoT Cybersecurity Improvement Act of 2017 specifically cites the need for regulation of “federal procurement of connected devices,” including edge computing devices, which are part of the IoT ecosystem.
U.S. Army officials conducting the third annual Cyber Quest experiment, which ends today, will issue a report in about 30 days that will determine which of the systems involved will transfer to programs of record. The exercise consists of an array of systems, including artificial intelligence and machine learning, that help provide situational understanding of the cyber and electronic warfare realms.
Traffic on optical transport networks is growing exponentially, leaving cyber intelligence agencies in charge of monitoring these networks with the unenviable task of trying to sift through ever-increasing amounts of data to search for cyber threats. However, new technologies capable of filtering exploding volumes of real-time traffic are being embedded within emerging network monitoring applications supporting big data and analytics capabilities.
With the arrival of June, we’re at the halfway point of an already busy year for the cybersecurity industry. With each passing year, our sector continues to demonstrate its evolving approach to fighting cyber threats, as cyber crime itself continues to evolve.
As both business and government move forward with digital transformation initiatives to improve processes and efficiency, the overall security attack surface continues to expand with more potential points of access for criminals to exploit. However, our industry is tackling these challenges head-on, with numerous innovative solutions continuing to come to market.
When National Science Foundation officials announced in February that three major providers of cloud computing were donating up to $9 million collectively for big data research, they already were looking for ways to broaden the effort to include a wider variety of topics, including cybersecurity. The expansion is intended to benefit both research and education initiatives and is necessary, in part, because the cloud providers now acquire cutting-edge hardware before it is made available to researchers.
The U.S. Army’s Communications-Electronics Research, Development and Engineering Center, known as CERDEC, is gearing up to face increasing asymmetrical threats in cyberspace. The center looks to improve cyber operations, information warfare, electronic countermeasures and information security, among other areas. Its efforts are prompted as the military finds itself fighting or preparing to fight more and more in cyberspace, in conjunction with the traditional domains of sea, air, land and space.