Cyber

May 1, 2019
By George I. Seffers
With about 300,000 vacant cybersecurity positions in the United States, some experts recommend the creation of a civilian cyber corps of volunteers who could be called to take action when needed. Credit: BeeBright/Shutterstock

Some military and civilian experts are calling on the United States to create a civilian cyber corps to help fill the gap in cybersecurity expertise in times of need. Such a corps could enhance state and local emergency response efforts, help protect Defense Department networks and other critical infrastructure or combat social media information warfare campaigns.

May 1, 2019
By Howard R. Bandler
While preparing for a command cyber readiness inspection (CCRI), Staff Sgt. Jerome Duhan, USAF, a network administrator with the 97th Communications Squadron, inserts a hard drive into the network control center retina server at Altus Air Force Base, Oklahoma. Air Force photo by Senior Airman Franklin R. Ramos, USAF

Thirty years after the Morris Worm, networks face a long and growing list of potential attack vectors employed by an almost limitless number of threat sources, including criminals, hacktivists and nation-state actors. In response to threats, the U.S. Defense Department has taken prudent measures to shore up vulnerable systems and networks. In accordance with the well-established practice of concentric rings of security, the most sensitive department data exists on its most secure and isolated networks.

May 1, 2019
By George I. Seffers
DISA’s Roger Greenwell manages operational and technical risks on one of the world’s most complex—and most critical—networks, the Defense Information Systems Network. Credit: geralt/Pixabay

When operating one of the most complex and critical networks on the planet, risk is a given. That risk comes in two forms, technical and operational, and managing both is a matter of balance.

Roger Greenwell, Defense Information Systems Agency (DISA) risk management executive and authorizing official, is responsible for maintaining that balance on the Defense Information Systems Network (DISN), a global enterprise network that enables information superiority and critical communications. The DISN is the core of the Department of Defense Information Network, a worldwide conglomeration of military networks.

May 1, 2019
By Lt. Gen. Robert M. Shea, USMC (Ret.)
Credit: Rawpixel.com/Shutterstock

Both the economy and education are national security issues. A nation cannot be strong militarily if it is not strong economically. Nor can a nation expect to prevail against adversaries over the long term if it does not continuously generate a trained and educated populace.

One of the biggest challenges facing industry, government and academia is the ability to recruit, develop and maintain a skilled and effective cybersecurity workforce. Businesses in the information technology realm must add skilled cyber and information technology workers to generate innovation.

May 1, 2019
By Lt. Gen. Susan Lawrence, USA (Ret.)

Within the last year and a half, an exciting development has taken place at the Defense Department: It has turned the corner on cloud.

For years, the department had followed a cautious, even wary, approach toward cloud adoption. But after reading the 2018 National Defense Strategy and the department’s new artificial intelligence (AI) and cloud strategies, one can only conclude that top defense leaders now view cloud as the cornerstone of our future military readiness.

April 25, 2019
By Kimberly Underwood
David Koh, a Singapore ministry official, confirms that cybersecurity is a top priority for his nation. Koh was a keynote speaker at the recent 8th Annual International Conference on Cyber Engagement hosted by the Atlantic Council, Dentons, Bank Polski and Texas A&M. Credit: Atlantic Council/Image Link

Singapore, in terms of size, is akin to an ant versus an elephant, said David Koh, commissioner of cybersecurity; chief executive, Cyber Security Agency, Singapore’s Prime Minister’s Office; and Defense Cyber Chief, Ministry of Defense of the Republic of Singapore. Nevertheless, the republic has put cybersecurity front and center. Even with only a population of about 5.9 million people—similar to the number of citizens in the Washington, D.C., area—Singapore is one the world’s most digitally connected cities, averaging two cellphones per citizen. 

April 22, 2019
By Jim Hansen
The amphibious assault ship USS Boxer transits the Pacific Ocean, Oct. 3, 2018. The Navy’s Combat to Connect in 24 Hours program may redefine the ability to quickly adapt to cyber combat. Credit: Navy Petty Officer 3rd Class Alexander C. Kubitza

The Navy’s new Combat to Connect in 24 Hours (C2C24) is an ambitious program that has the potential to change naval warfare as we know it.

The program is designed to improve operational efficiency by automating the Navy’s risk management framework (RMF) efforts; providing sailors with near real-time access to critical data; and accelerating the Navy’s ability to deploy new applications in 24 hours rather than the typical 18 months.

April 18, 2019
By Robert K. Ackerman
Credit: Shutterstock

The United States is falling short of badly needed cyber professionals in industry and the military, and the solution may require government incentives to rebuild this critical workforce. This effort must begin at the earliest levels of education and ramp up after secondary school, experts offer.

April 8, 2019
By John K. Porter III
Members of the JFHQ-DODIN Operations Center (JDOC) support and enable proactive defensive actions on a 24/7 basis, sharing timely and relevant operational information and intelligence with Defense Department components and partners.

The Defense Department is employing a new design for its Next Generation (NEXTGEN) cybersecurity inspection that links the inspection to an organization’s operational mission. In an era of persistent engagement in cyberspace, the goal of these new mission-based, threat-focused cyber inspections contributes to increasing the security and resilience of the Department of Defense Information Network (DODIN). These inspections simultaneously give commanders and directors a deeper understanding of their cyberspace operating environment and associated risks to their mission.

April 1, 2019
By Maryann Lawlor
System and information security can be measured in a number of ways, including how it affects the bottom line. Credit: Shutterstock

Senior executives are increasingly interested in objective measurements to determine the robustness of their organizations’ cybersecurity protections. However, measuring the adequacy of network and data security can be likened to verifying the amount of air in a room: A formula can ascertain how much air the room contains in theory, but does it take into account the leaky windows?

March 29, 2019
By Robert K. Ackerman
Maj. Gen. Garrett Yee, USA, military deputy to the Army Chief Information Officer(CIO)/G-6, offers potential solutions to the challenge of bringing innovative technologies to the force rapidly and equipping them with adequate cybersecurity.

The Army is approaching cybersecurity in “a systematic methodical way that takes into consideration that not all things have the same level of risk or threat involved,” states Maj. Gen. Garrett Yee, USA, military deputy to the Army Chief Information Officer(CIO)/G-6.

He cites as an example trying to secure a stand-alone device that is not connected to the network but has an information technology component, versus securing a device that is connected to the network. The stand-alone device offers a negligible risk, so efforts should focus on the connected device, he offers.

April 1, 2019
By Robert K. Ackerman
Soldiers participate in NATO’s multinational live-fire exercise Scorpions Fury 2018 in Romania last November. The alliance has declared cyberspace to be an operational domain on a par with land, sea and air, but it still must develop a policy to integrate cyber operationally with the kinetic effect domains. NATO photo

NATO is taking a comprehensive approach to building a cyber policy that would deter adversaries, defend its member nations and provide key capabilities in multidomain operations. This approach to the alliance’s cyberspace strategy takes into account resilience, counter-cyber activities and operational capabilities in both civilian and military elements.

Yet when it comes to NATO cyber policy, much remains to be established. With 29 member nations all having different needs and different approaches to cyber operations, the alliance has not yet arrived at a fully functional policy. It continues to seek input from its nations while incorporating necessary capabilities amid continuing changes in the cyber domain.

April 1, 2019
By Donara Barojan
While U.S. officials have focused on how Russia’s use of social media may have interfered with the 2016 presidential elections, Iran has been quietly using the platforms to forge a battle of its own. Credit: Milosz Maslanka/Shutterstock.com

Russia may have popularized the manipulation of social media to further its own agenda, but it was not the first country to do so, nor will it be the last. A number of other countries are engaging in similar tactics, but so far have flown largely under the radar. The Oxford Internet Institute found that at least 28 countries worldwide are exploiting social media to influence the public opinion of their own or foreign populations.

April 1, 2019
By Lydia Snider
Although social media platforms appear to connect individuals in similar groups, analysis of social activities enables advertisers—and adversaries—to target specific messages to users who are most likely to be influenced by certain posts. Credit: metamorworks/Shutterstock

Many people have written marketing off as frivolous, but it is a field of constant data-driven experimentation, and in the past decade social media sites such as Facebook have become state-of-the-art laboratories for honing influence messaging. In the information revolution marketplace, the organization with the most data and the ability to utilize it wins.

April 1, 2019
By Cathy Hall
By employing the Zero Trust concept, organizations benefit from a stronger security posture, including decreased reputational risk with their customers and partners. Credit: JNE Valokuvaus/Shutterstock

In today’s environment, the network no longer can be considered a safe zone. Every asset an organization possesses and every transaction it conducts must be secured as if it were a standalone item continually exposed to the full range of cyber threats. The realization that perimeter protection alone is not sufficient has led to the security concept of Zero Trust. In this never-trust/always-verify approach, all entities and transactions rely on multiple solutions to work together and secure digital assets.

March 1, 2019
By Kimberly Underwood
 archy 13/Shutterstock

The vulnerabilities of machine learning models open the door for deceit, giving malicious operators the opportunity to interfere with the calculations or decision making of machine learning systems. Scientists at the Army Research Laboratory, specializing in adversarial machine learning, are working to strengthen defenses and advance this aspect of artificial intelligence.

March 1, 2019
By Kimberly Underwood
The Army is using current operations in Afghanistan, Iraq and Syria, and partnering with U.S. Cyber Command and the Army Cyber Command, to operationalize information into current cyber operations.

As the U.S. Army continues to evolve its newest warfighting domain, the cyber domain, information plays a key role. The service is working to incorporate information capabilities along with intelligence, electronic warfare, cyber and space, as well as with traditional fire capabilities.

In December, the Army released a doctrine guiding multidomain operations through 2028. The policy acknowledges that U.S. adversaries are contesting all domains, and that in the information environment American dominance is not guaranteed.

March 1, 2019
By George I. Seffers
The Air Combat Command, which is taking the lead for cyber operations from the Air Force Space Command, is building a new division that integrates cyber, intelligence, electronic warfare and information warfare capabilities. Artist’s depiction of a digitized F-22 based on a U.S. Air Force photo by Tech. Sgt. Michael Holzworth.

The newly created Cyber and Non-Kinetic Operations Division within the Air Combat Command is expected to reach full strength this summer. The new organization integrates multiple missions, including cyber, electronic warfare, intelligence and information warfare.

February 15, 2019
By George I. Seffers
Leaders for all three maritime services—the Navy, Marines and Coast Guard—participate in a town hall forum at West 2019. Photo by Michael Carpenter

The maritime services continue to maintain a balance between cyber and kinetic weapons even while engaged in a daily cyber conflict.

Leaders for all three maritime services—the Navy, Marines and Coast Guard—participated in a town hall forum during the AFCEA-USNI West 2019 Conference in San Diego, and they agreed that cyber conflict rages on.

“If you’re asking me if I think we’re at war, I think I’d say yes,” Gen. Robert Neller, USMC, Marine Corps commandant, told one audience member. “We’re at war right now in cyberspace. We’ve been at war for maybe a decade. They’re pouring oil over the castle walls every day.”

February 15, 2019
By George I. Seffers
A West 2019 panel discusses combat operations in the cyber realm. Photo by Michael Carpenter

The United States is fully engaged in combat operations in the cyber realm, according to a panel of military officials at the AFCEA-USNI West conference in San Diego.

Lt. Gen. Robert Shea, USMC (Ret.), president and CEO of AFCEA International, who served as moderator on the panel, kicked off the discussion saying the nation is in “Phase III” in the information domain. Phase III refers to the multiple stages of war. According to GlobalSecurity.org, the phases include: halting an invasion, force buildup and deployment, counteroffensive or counterattack, and ensuring postwar stability.

Pages