In today’s environment, the network no longer can be considered a safe zone. Every asset an organization possesses and every transaction it conducts must be secured as if it were a standalone item continually exposed to the full range of cyber threats. The realization that perimeter protection alone is not sufficient has led to the security concept of Zero Trust. In this never-trust/always-verify approach, all entities and transactions rely on multiple solutions to work together and secure digital assets.
The vulnerabilities of machine learning models open the door for deceit, giving malicious operators the opportunity to interfere with the calculations or decision making of machine learning systems. Scientists at the Army Research Laboratory, specializing in adversarial machine learning, are working to strengthen defenses and advance this aspect of artificial intelligence.
As the U.S. Army continues to evolve its newest warfighting domain, the cyber domain, information plays a key role. The service is working to incorporate information capabilities along with intelligence, electronic warfare, cyber and space, as well as with traditional fire capabilities.
In December, the Army released a doctrine guiding multidomain operations through 2028. The policy acknowledges that U.S. adversaries are contesting all domains, and that in the information environment American dominance is not guaranteed.
The newly created Cyber and Non-Kinetic Operations Division within the Air Combat Command is expected to reach full strength this summer. The new organization integrates multiple missions, including cyber, electronic warfare, intelligence and information warfare.
The maritime services continue to maintain a balance between cyber and kinetic weapons even while engaged in a daily cyber conflict.
Leaders for all three maritime services—the Navy, Marines and Coast Guard—participated in a town hall forum during the AFCEA-USNI West 2019 Conference in San Diego, and they agreed that cyber conflict rages on.
“If you’re asking me if I think we’re at war, I think I’d say yes,” Gen. Robert Neller, USMC, Marine Corps commandant, told one audience member. “We’re at war right now in cyberspace. We’ve been at war for maybe a decade. They’re pouring oil over the castle walls every day.”
The United States is fully engaged in combat operations in the cyber realm, according to a panel of military officials at the AFCEA-USNI West conference in San Diego.
Lt. Gen. Robert Shea, USMC (Ret.), president and CEO of AFCEA International, who served as moderator on the panel, kicked off the discussion saying the nation is in “Phase III” in the information domain. Phase III refers to the multiple stages of war. According to GlobalSecurity.org, the phases include: halting an invasion, force buildup and deployment, counteroffensive or counterattack, and ensuring postwar stability.
China is investing heavily in the Indo-Pacific, a critical region of the world for strategic purposes, and luring poorer countries away from the United States, said Thomas Modly, undersecretary of the Navy.
Modly made the comments during an afternoon luncheon address on the first day of the West 2019 Conference in San Diego.
Last year the U.S. Defense Department released a cyber strategy and followed that with posture review that identified more than 90 gaps in cybersecurity capabilities, many of which were determined to be critical shortcomings. This year, officials expect to begin implementing the strategy, beginning with several priority areas involving endpoint management, network visibility, user authentication and cyber force development, according to Brig. Gen. Dennis Crall, USMC, deputy principal cyber advisor, Office of the Secretary of Defense.
The U.S. Navy is consolidating its information warfare efforts to ensure effective operations across the breadth of the fleet and its ashore assets. This endeavor ties together training, doctrine and equipping as new threats and technologies rapidly change the nature of the information operations realm.
The U.S. Coast Guard is pursuing digital solutions to support its unique set of military, law enforcement, humanitarian, regulatory and diplomatic responsibilities. It is no small feat to provide information technology to its workforce of 87,570, as well as to its cutters, boats, and aircraft that move along the coastline and inland waterways protecting the United States.
Months after initiating a project to research and rapidly field information warfare-related technologies, the U.S. Navy has expanded the effort servicewide and expects to field the first system by the end of fiscal year 2019.
The Space and Naval Warfare Systems Command (SPAWAR) Systems Center Atlantic announced last summer the formation of an industry consortium for the Information Warfare Research Project (IWRP). The intent is to leverage the flexible contracting platform known as other transaction authority (OTA) to rapidly develop and deploy technologies.
The major challenges faced by federal agencies and DoD components in managing their cybersecurity and other risks include personnel shortages, daunting compliance requirements and the need for consistent data reporting and management across multiple elements of a diverse and geographically dispersed enterprise.
The RSA Archer Suite helps by automating the drudge work, providing context for incident reports, and other data flows and ensuring a common taxonomy, workflow and metrics across the enterprise. RSA Archer leaves human security personnel free to look at the bigger picture—and make decisions based on real-time, accurate information, intuitively displayed.
A broad misconception is that the U.S. Army Signal Corps is a single-function organization, but its responsibilities have grown over time, and it is now a vital element of communications support that applies technology to ensure mission success. As much as the Army performs maneuver operations on land, it also performs signal offensive, defensive and stability operations in the cyber domain.
The Army’s Signal officers are expected to perform duties well beyond communications support. Signal organizations are the nexus of cyber and electronic warfare activities.
Two years’ experience at the U.S. Cyber Command has shaped U.S. Coast Guard Rear Adm. Dermanelian’s perspective as he implements, as commander, the Coast Guard Cyber Command’s three main missions: (1) defending the Coast Guard’s portion of the Department of Defense Information Network, or DODIN; (2) protecting the maritime transportation sector; and (3) enabling cyber operations. The admiral is dual hatted as the assistant commandant for command, control, communications, computers and information technology/CG-6 as well as being the commander of the Coast Guard Cyber Command.
More than a year has passed since the Modernizing Government Technology (MGT) Act was signed into law, cementing the establishment of a capital fund for agencies to support their special IT projects. The MGT Act prompted defense and intelligence agencies to accelerate the replacement of legacy systems with innovative and automated technologies, especially as they explore new ways to mitigate security risks like those experienced all too often by their private sector counterparts.
The Defense Information Systems Agency (DISA) has reorganized its technology innovation efforts into a single organization designed both to work with outside research organizations and to operate across internal agency lines. The new organization, known as the Emerging Technologies (EM) Directorate, will tap legacy expertise but apply it in a new approach to incorporating innovation, according to DISA.
There is not enough skilled talent for the growing need of the cyber community. Based on a state-by-state analysis on cyberchair.org, there are currently 320,000 open cyber jobs in the United States. Projections get worse. According to a CISCO report, by 2020 there will be 1 million unfilled cyber positions worldwide.
“We need to make systemic changes to address that gap,” said Rob Joyce, senior cybersecurity strategy advisor to the director, National Security Agency (NSA), and former cybersecurity advisor to the president.
The United States faces a threat unlike any in its history. The cyber threat zips around the world at blinding speeds and continually transforms. It can neutralize billion-dollar weapon systems and leave entire cities in the dark. It also can be wielded by superpowers, smaller governments or criminal organizations. At the same time, however, legislation, strategies, policies, authorities and a vigorous spirit of cooperation across government and the international community are all aligning to meet that threat.
The federal government’s comfort level with the cloud improves, due in part to standards and more offerings from commercial cloud providers.
Although it is already ubiquitous in the private sector, cloud computing has had a slow adoption by the federal government. That trend is shifting, an expert says, as the federal government, as well as state and local governments, employ more cloud computing.
The U.S. Transportation Command was the first U.S. Defense Department organization to begin moving its cyber capabilities, along with command and control applications, to a commercial cloud environment. More than a year later, the unified command is making strides in transferring its unclassified systems and is sharing lessons learned that will make the path to cloud usage smoother for others to follow.