Cyber

July 5, 2022
By Diego Laje
Quantum computers offer the promise to solve complex problems current devices can’t achieve; nevertheless, they also pose a threat to cybersecurity. Credit: Shutterstock/Yurchanka Siarhei

Four algorithms designed to withstand attacks by powerful quantum computers were selected as future security standards.

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) chose encryption tools that will become part of the upcoming protocols to protect activities such asincluding online banking and email.

July 1, 2022
By George I. Seffers
Soldiers conduct preventive maintenance checks on an AH-64D Apache Longbow helicopter during training at the Grafenwoehr Training Area in Germany. Army photo by Spc. Nathanael Mercado

In the two years since the Army Software Factory launched, it has sent multiple applications into production. And those apps are being developed in large part by soldiers in nontechnical career paths, including combat engineers, medics and maintenance.

Army Futures Command launched the software factory in July 2020 to test the possibility of soldiers and Army civilian employees adopting commercial practices and building software solutions for the service. If the concept proves successful, it could demonstrate a more versatile model for building and fielding Army software while also preparing soldiers to operate on a highly technical and disconnected future battlefield.

July 1, 2022
By Veronica Wendt, Michelle Ann Guo and Dr. Anteneh Girma
Access control vulnerabilities for cloud, wireless and IoT include sensitive data exposure, missing function-level access control, weak encryption and lack of auditing to review physical/logical access. Shutterstock/Andrew Suslov

New capabilities and platforms, such as Internet of Things devices and cloud computing, require updated cybersecurity implementation strategies across different technologies and platforms. One approach is to examine multiple capabilities and platforms, identifying shared vulnerabilities and mitigation strategies. Benefits of this are three-fold: results can better inform an organization’s risk assessment, limited resources can be prioritized for higher risk vulnerabilities and overall complexity of security management can be reduced. One example of this strategy is to examine cloud computing, Internet of Things devices and Wi-Fi wireless networks to find shared vulnerabilities.

July 1, 2022
By Morgan Livingston
Operationalizing secure machine learning starts at the human level. Shutterstock/Gorodenkoff

The technical features of artificial intelligence introduce vulnerabilities and lend the technology to adversarial use. And securely deploying artificial intelligence depends on integration into existing organizational structures. Leveraging and securing machine learning requires a sociotechnical approach.

July 1, 2022
By Elie Alhajjar
Threat Tracker is an autonomous threat detection system developed by a small team of engineers and scientists within Naval Surface Warfare Center Panama City Division’s Coastal and Maritime Security branch. Integrated with an advanced unmanned surface vehicle, this system can provide a fully autonomous USV escort capable of detecting and stopping a wide variety of threats. (U.S. Navy graphic)

Imagine the following scenarios: An explosive device, an enemy fighter jet and a group of rebels are misidentified as a cardboard box, an eagle or a sheep herd. A lethal autonomous weapons system misidentifies friendly combat vehicles as enemy combat vehicles. Satellite images of a group of students in a schoolyard are misinterpreted as moving tanks. In any of these situations, the consequences of taking action are extremely frightening. This is the crux of the emerging field of adversarial machine learning.

July 1, 2022
 

Raj Iyer, Army chief information officer, advises the secretary of the Army, setting the strategic direction and objectives for information technology and information management.

What are your biggest accomplishments as Army CIO so far?

It was important to establish a vision and strategy for digital transformation across the Army, and we accomplished that through the Army Digital Transformation Strategy. The strategy was important to align Army priorities and achieve unity of efforts across the Army—strategic, operational and tactical, and across all three components—Active, Guard and Reserve.

June 27, 2022
By Kimberly Underwood
Cyber and national security experts are quite alarmed with the systemic cybersecurity vulnerabilities of Microsoft Corp’s products, the company’s dependence on China for product revenue and associated consolations to the Chinese government, as well as the U.S. government’s incredible reliance on the Microsoft products across its agencies. Credit: Shutterstock/The Art of Pics

SIGNAL Media is reaching out to Microsft Corp. for comment and this article will be updated accordingly.

June 23, 2022
 
The Naval Information Warfare Center (NIWC) Pacific’s annual event to examine artificial intelligence (AI) and machine learning examined AI assurance, including the robustness of algorithms and the safety of deployed systems, amongst other topics. Credit: NIWC Pacific

Technologies grouped under big data, artificial intelligence and machine learning are impacting virtually every aspect of life today. More importantly for the U.S. military and for the companies in the defense industrial base, these technologies, generally called AI, have the potential to change warfare in profound ways.

Numerous articles in the media have discussed various aspects of how AI will impact national security agencies. This constant drumbeat is important in highlighting how essential AI is to the long-term security and prosperity of the United States.

June 1, 2022
By George I. Seffers
Fifth-generation cellular communications will be more secure than predecessor technologies but will also introduce vulnerabilities, in part because of the vast expansion of devices that is expected with the emergence of the Internet of Things. SERDTHONGCHAI/Shutterstock

A Homeland Security Department program designed to secure fifth-generation cellular communications known as 5G could complete the last of its nine projects next year.

June 24, 2022
By Nuray Taylor

A research team at vpnMentor recently reported a data breach in a Microsoft Azure cloud account belonging to the company Myeasydocs.  

Microsoft Azure, a cloud computing service for application management released nearly 13 years ago, prides itself on consistency, productivity and security. Myeasydocs, an India-based online platform company allowing users to submit documents for university, bank and many other important verification purposes, used Azure to store documents and data. The failure: zero implementation of any cybersecurity measures, thereby exposing up to 57,400 files of educational records and personally identifiable information (PII) data.  

June 13, 2022
By George I. Seffers
F-16 Fighting Falcons conduct aerial operations in the U.S. Central Command area of responsibility in May. In theory, a cyber attack on a military base wastewater treatment plant could prevent jets from providing air support during combat, experts say. Credit: Air Force Master Sgt. Matthew Plew

Converging operational systems with information systems provides an array of benefits but also allows increased opportunities for cyber adversaries. Among other remedies, two experts in the Defense Department and industry recommend zero-trust cybersecurity and training and education to cope with the increased threat.

Josh Brodbent, regional vice president for solutions engineering for the public sector, at BeyondTrust, and Lance Cleghorn, a digital services expert at Defense Digital Services (DDS), describe operational technology as systems that haven’t normally been connected to the Internet but are now becoming so at a rapid pace.

June 1, 2022
By Kimberly Underwood
Space Delta 2’s inaugural 19th Squadron in Dahlgren, Virginia, will be performing cislunar domain awareness, a key new mission to surveil and identify both friendly and adversarial activity in the space beyond the geosynchronous orbit. NASA illustration of its CAPSTONE mission that involves a microwave oven-sized CubeSat flying in cislunar space, the orbital space near and around the moon.  Illustration by Daniel Rutter, NASA

With the growing number of satellite constellations comes an increasing amount of congestion in space, in addition to existing space assets and debris. But beyond the need to identify and manage space congestion is a role not quite as needed before—that of space defense. The ability to protect assets in space from adversaries is critical to the U.S. military and allies, and it starts with adroit space domain awareness. The operators of the U.S. Space Force’s Space Delta 2 aim to provide this crucial function.

June 1, 2022
By George I. Seffers
A Rydberg receiver and spectrum analyzer detect a wide range of real-world radio frequency signals above a microwave circuit, including AM radio, FM radio, Wi-Fi and Bluetooth.  U.S. Army illustration

U.S. Army researchers are developing a quantum sensor capable of detecting electromagnetic emissions across frequency bands and at far greater ranges than traditional receivers and are considering demonstrating the capability with soldiers later this year.

The technologists at the Army’s Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center envision a shoebox-sized device capable of detecting signals across bands such as long band, short band and conventional band, which are often shortened to L-, S- and C-bands. The device might also pick up signals at far greater distances.

June 1, 2022
By George I. Seffers
After overhauling cyber training and achieving unusually high rates for students passing the National Security Agency’s cyber training, the Air Force’s 39th Information Operations Squadron shares lessons learned with others.  U.S. Air Force photo by J.M. Eddins Jr.

Passing the National Security Agency’s comprehensive cybersecurity training is no easy feat, but the Air Force’s 39th Information Operations Squadron has achieved unusually high success rates in getting students through the programs.

May 1, 2022
By Robert K. Ackerman
Two U.S. Army special forces soldiers conduct radio checks during Exercise Combined Resolve in December, which included special operations forces from Ukraine. The U.S. Special Operations Command is pursuing multiple approaches to establish communications links with special forces and partner nations, and these approaches may become part of conventional force operations.  U.S. Army photo

The U.S. Special Operations Command is developing an information technology architecture and operational plan that eventually may evolve into a template for overall U.S. Defense Department military operations. Many of the needs expressed by special operations forces are not unlike those experienced by elements of conventional service forces, and successful development and deployment of special operations digital systems can have a direct bearing on departmentwide military systems.

May 18, 2022
Posted by Kimberly Underwood
The Cybersecurity and Infrastructure Security Agency issued an emergency directive requiring federal agencies to apply VMware updates or remove specific VMware products from use until protective updates can be applied given four possible exploitable vulnerabilities that could allow cyber marauders to cause significant harm. Credit: Shutterstock/rafapress

On May 18, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive (ED) (ED 22-03) that requires federal agencies to apply VMware updates or remove specific VMware products from use until protective updates can be applied. The products possess four possible exploitable vulnerabilities that would allow cyber marauders to execute remote code on a system without authentication and to elevate network access privileges.

“For all affected VMware products identified as being accessible from the internet, agencies are directed to assume a compromise and immediately disconnect the product from their network and conduct threat hunt activities,” CISA stated. 

April 28, 2022
By Kimberly Underwood
The extent of global cyber attacks in 2021 reached a level, complexity and sophistication not seen before, experts say. Credit: Shutterstock/supimol kumying

Cybersecurity officials from Australia, Canada, New Zealand, the United Kingdom and the United States issued an advisory April 27 disclosing the most common digital vulnerabilities and exposures routinely leveraged by cyber attackers in 2021. Of the top 15 software vulnerabilities identified across all of the countries, Microsoft products accounted for nine such issues.

The United States’ Cybersecurity and Infrastructure Security Agency, National Security Agency and FBI collaborated with the Australian Cyber Security Centre, Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre and United Kingdom’s National Cyber Security Centre to issue the advisory.

May 1, 2022
By Kimberly Underwood
With Internet of Behaviors approaches being used more and more to influence human behavior, adding in explainable artificial intelligence platforms can aid humans’ understanding. Shutterstock/Zentangle

The application of explainable artificial intelligence to Internet of Behavior techniques may help provide a more trusted and understandable framework in changing human behaviors, researchers say. This combination of Internet of Things devices, artificial intelligence, data analytics and behavioral science can also achieve user and business benefits, according to a study.

May 1, 2022
By Robert K. Ackerman
While Russia has a strong community of private sector hackers willing to engage in global cyber attacks for their nation, the United States also has its own patriotic hackers who can engage in their own form of wreaking digital havoc in Russia—possibly in coordination with U.S. government efforts.  Alexander Geiger/Shutterstock

Russia’s well-known cyber attacks on Western nations could be setting the country up for a powerful backlash, offers a retired U.S. Army expert formerly based in Moscow. After years of relentless penetrations and attacks on databases and infrastructure in U.S. and NATO countries, Russia now is finding itself as much—if not more—of a target of reciprocal cyber assault capabilities increasingly wielded by the West.

May 2, 2022
 
Identity verification and credentials are key tools in protecting networks and their valuable data from breaches and compromise. Credit: PopTika/Shutterstock

Who you are, or more importantly, who your IT network thinks you are and what it allows you to do, is a crucial part of cybersecurity.

One’s identity in cyberspace is key to accessing its resources, and it is part of an ongoing battle between security teams and criminal and nation state-backed hackers trying to get in, explains Christian Lees, chief technology officer, Resecurity Inc.

Identifying an identity-based threat not only helps individuals, but entire organizations as well. “If we can help fast track the detection of a threat, that’s our role,” Lees told SIGNAL Magazine Senior Editor Kimberly Underwood in an SIGNAL Media Executive Video discussion.

January 1, 2022
By George I. Seffers
A team leader with 1st Battalion, 504th Parachute Infantry Regiment, directs movements of his team using the Harris Leader Radio during an assault on an objective during the initial operating test for the system. The rapid development and fielding of cutting-edge systems help drive the need for agility and adaptability at Army signal and cyber schools.  Nicholas Robertson, U.S. Army Operational Test Command Visual Information Specialist

The U.S. Army’s massive modernization effort requires rapid adaptability in the courses being taught in its cyber and signal schools. Efforts are underway to fundamentally change the approach to teaching and instituting courses for zero trust, cloud computing and other technology advances that will affect the future of combat.

May 2, 2022
By John Greenstein, General Manager of Public Sector, Bluescape

While improved service delivery and return on investment are top-of-mind procurement objectives when choosing a Software as a Service (SaaS) partner, federal agencies must equally prioritize “security first” measures to ensure vulnerable legacy systems are protected in today’s digitally dominated climate.

May 1, 2022
By Kimberly Underwood
Adversaries such as China are employing Internet of Behaviors approaches on a wider scale.  Shutterstock/Hugethank

The confluence of advanced digital tools, such as computer vision, along with Internet of Things devices, data science and knowledge of human nature, is enabling the greater ability to track, analyze and prompt human behavior. The use of this approach, referred to as Internet of Behaviors, is expected to skyrocket, with an estimated 40 percent of the global population’s activities by 2023 thought to be tracked digitally to influence behavior, according to Stamford, Connecticut, research firm Gartner.

May 1, 2022
By Kimberly Underwood
Intelligence community leaders, including (l-r) FBI Director Christopher Wray; Gen. Paul Nakasone, USA, director, National Security Agency and commander, U.S. Cyber Command; Avril Haines, director of National Intelligence, Office of the Director of National Intelligence; CIA Director William Burns; and Gen. Scott Berrier, USA, director, Defense Intelligence Agency, testify before Congress in March about lessons learned from Russia’s invasion of Ukraine.  Senate Select Committee on Intelligence

February’s invasion of Ukraine by Vladimir Putin was a shock to geopolitical order. NATO and the United States acted quickly to aid Ukraine while avoiding entering a war against Russia and shoring up any threat to NATO and the United States. From their early observations of the war, U.S. officials from Congress, and the cyber and intelligence communities are looking closely to glean understanding and apply key knowledge to U.S. actions and defenses.

May 1, 2022
 
Credit: NDanko/Shutterstock

As the National Security Agency’s (NSA’s) cybersecurity director, Rob Joyce oversees the agency’s Cybersecurity Directorate, which was established to prevent and eradicate cyber threats to the Defense Department, national security systems and the defense industrial base. He has served in both the cybersecurity and signals intelligence missions at NSA since 1989 and worked as the cybersecurity coordinator and acting homeland security advisor at the White House.

What would you say are your—or your team’s—greatest achievements since you started this job?

April 28, 2022
By Kimberly Underwood
Maj. Gen. Kevin Kennedy, USAF, director of operations, U.S. Cyber Command, discusses the Joint Cyber Warfighting Architecture during a keynote presentation at TechNet Cyber 2022. Photo by Michael Carpenter

One of the priorities that the U.S. Cyber Command is pursuing this year is defining and advancing the Joint Cyber Warfighting Architecture, which is designed to leverage data and cyber intelligence to provide situational awareness and battle management at strategic, operational and tactical cyber mission levels. The construct also includes an array of defensive and offensive cyber capabilities that need to be advanced and will help identify any capability gaps, thereby guiding cyber warfare capability acquisition.

April 27, 2022
By Kimberly Underwood
Raj G. Iyer, Army chief information officer, speaks to the audience at TechNet Cyber 2022 in Baltimore. Photo by Michael Carpenter

As with the U.S. industrial base, commercial market and defense sector, the cyber threats to U.S. Army networks are increasingly complex and persistent. The service’s chief information officer, Raj Iyer, along with its key communication and network leaders, are positioning the Army’s information technology infrastructure and strategically aligning its cyber posture to protect against future attacks.

Issued a year ago, the President’s Executive Order 14028, Improving the Nation's Cybersecurity, required federal agencies, including the Department of Defense, to enhance their cybersecurity and software supply chain integrity. This order has helped propel digital security, Iyer noted.

April 26, 2022
By George I. Seffers
Recent lessons learned from the Defense Information Systems Agency's Thunderdome program include the need to move more quickly to implement zero trust on the Defense Department's classified network known as SIPRNet. Credit: ArtemisDiana/Shutterstock

The U.S. Defense Information Systems Agency (DISA) intends to double down on the security of its classified networks in the coming months as it experiments with the zero-trust prototype known as Thunderdome.

Julian Breyer, DISA’s senior enterprise and security architect, reported a change in priorities while discussing Thunderdome during a panel session at AFCEA’s TechNet Cyber conference in Baltimore, April 26.

April 13, 2022
By Robert K. Ackerman
Lt. Gen. Robert J. Skinner, USAF, DISA director, describes how the agency is meeting Indo-Pacific region challenges at TechNet Indo-Pacific. Credit: Dave Livingston photo

The Defense Information Systems Agency (DISA) is viewing the Indo-Pacific region with a high level of priority as it modernizes information systems across the defense realm. Two significant adversaries pose serious threats that are technology-oriented, both in terms of advantages and disadvantages, and the agency must address those while replacing outmoded systems.

April 12, 2022
By Will Nelson
Lessons learned from the monarchs of history offer four modalities for coping with Russian cyber aggression. Credit: Shutterstock

Starting from the first recorded raid on the monastery of Lindisfarne in 793, Viking raids presented European rulers with an unprecedented challenge. Fast, sleek longships could stealthily deploy alongside the coasts of early medieval England and France, striking at wealthy, isolated targets and departing before local authorities could mount a response.

April 1, 2022
By Robert K. Ackerman
NATO’s Deputy Secretary General Mircea Geoana, along with a group of alliance ambassadors, visits the NATO Alliance Ground Surveillance Force in Sigonella. The U.S. Defense Information Systems Agency (DISA) is working with its NATO allies to improve communications across the breadth of alliance activities and systems.  NATO

The battle for cyberspace may hinge on outer space as experts expand the digital frontier. The leading U.S. military communications organization is working with partners in NATO to exploit and dominate space communication systems with an eye to hurling defense systems into an advanced technology future.

April 1, 2022
By Paul Beckman
Extended detection and response (XDR)offers critical collective monitoring of identity management, intrusion sensors, firewall and cloud applications. PopTika/Shutterstock

In today’s cyber environment, the attack surface grows exponentially day after day with no sign of slowing. With the near-geometric growth of applications, the signal-to-noise ratio has been amplified into the stratosphere. The result: The hunt for timely and important context in system and network telemetry is like trying to find a particular needle in a sea of needles.

Equally challenging is the “dwell time” of attacks—the period between initial penetration and the point of detection/eradication. In 2020, the average global dwell time was 56 days. That means that an attacker had nearly two months inside a network on average before being discovered.  

April 1, 2022
By George I. Seffers
The Defense Information Systems Agency created teams with representatives from across the agency to help define its zero trust-solution known as Thunderdome. By enhancing interagency communication and operation, the approach may change the way DISA does business.  Tartila/Shutterstock

Thunderdome, the Defense Information Systems Agency’s zero-trust solution, may enhance cybersecurity while also transforming the way the agency does business.

April 1, 2022
By Kirk Nilsson
MPE must support rapid decision making from the strategic to tactical level. At the cutting edge of coalition operations, a Green Beret with the U.S. Army’s 1st Special Forces Group (Airborne) clears a room alongside Royal Thai Army soldiers during Cobra Gold 21.  Courtesy Photo, 1st Special Forces Group (Airborne)

Today, more than ever, combatant commands, joint task forces, service components and supporting agencies need the mission partner environment to deliver the same capabilities envisioned for the U.S. Defense Department’s Joint All-Domain Command and Control concept. With two near-peer competitors dominating the defense strategy, the need for an enterprise-level mission partner environment has never been greater for promoting security cooperation while maintaining military readiness. As Cliff Fegert, former director of the Mission Partner Capabilities Office noted, “With two near peers, we do not have the luxury of preparation time, and we must have allies/partners to deter or win.”

March 31, 2022
By Maryann Lawlor
U.S. Army leaders detail the capabilities of the Joint Task Force-Civil Support common operating picture during a Joint All-Domain Command and Control System demonstration. The system synergizes multiple data feeds through real-time end-user reporting and collaborative planning. Photo Courtesy of the Defense Department

Leaders of the agency serving the services’ technology needs aims to balance cybersecurity and ease of use. Development of current and future capabilities focus on simplifying access as well as facilitating data and network protection.

As a lead up to Technet Cyber 2022, key Defense Information Systems Agency (DISA) directors are sharing their insights during weekly webinars to preview their priorities for attendees and exhibitors alike. The conference takes place next month in Baltimore.

March 28, 2022
By Shaun Waterman
The recently passed Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requires critical infrastructure operators to swiftly report substantial cyber incidents. Credit: Andrea Izzotti/Shutterstock

There’s a wind of change blowing through federal cybersecurity policy. The new SEC proposal for mandatory disclosure of cybersecurity incidents by publicly traded companies is one straw in that wind. The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) is another. But it’s a pretty hefty straw.

March 25, 2022
By Kimberly Underwood
U.S. Cyber Command Cyber National Mission Force members participate in a training and readiness exercise at Fort George Meade, Maryland, in September 2021. The CNMF plans, directs and synchronizes full-spectrum cyberspace operations to disrupt, degrade and defeat malicious cyber actors. Cyber warriors have played a considerable role in supporting the cyber defense of Ukraine, says Sen. Jack Reed, D-Rhode Island, head of the Senate Armed Service Committee. Credit: Photo by Aiyana Paschal

The United States and other NATO nations have been very careful not to go to war against Russia following Putin’s invasion of Ukraine. The nations, however, have moved to arm Ukraine, along with providing financial support and humanitarian assistance, and setting considerable sanctions against Russia. The U.S. Senate’s top military budget leader sees these steps as an initial success and identifies lessons learned or to be learned from observing the war, as well as several priorities.

March 24, 2022
By Kimberly Underwood
The U.S. 7th Fleet's flagship, USS Blue Ridge (LCC 19), sails in the Philippine Sea in April 2021. The Navy is looking for industry cyber solutions to help protect the fleet in a contested maritime environment. Credit: U.S. Navy photo by Mass Communication Specialist 2nd Class Reymundo A. Villegas III

The U.S. Navy’s Naval Information Warfare Center Atlantic Palmetto Tech Bridge is seeking industry solutions for cyberspace defense in denied, degraded and disconnected environments. The effort is open to any U.S. company, academia or other organization and accepted proposals will be evaluated at the Cyber Advanced Naval Technology Exercise that starts September 6, 2022, and runs for two weeks.

March 15, 2022
By Kimberly Underwood
Cyber strengthening efforts by the National Security Agency (NSA), U.S. Cyber Command, other governmental agencies and the private sector have aided Ukraine, at least initially, according to NSA Director General Paul Nakasone, USA, and commander, U.S. Cyber Command, testifying before the U.S. Senate last week.

An effort to help Ukraine protect its critical infrastructure from cyber attacks has succeeded at least initially. Steps taken by various governmental agencies and private industry before Russia invaded Ukraine on February 24 have strengthened its cybersecurity, said Gen. Paul Nakasone, USA, commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, testifying before the U.S. Senate Select Committee on Intelligence last Thursday.

March 8, 2022
By James Stanger
Workforce education seems to be the secret weapon organizations use to successfully implement zero trust. Credit: Stuart Miles/Shutterstock

This article is part of a series that explores zero trust, cyber resiliency and similar topics.

Over the past year or so, I’ve discovered the secret weapon that IT leaders of various U.S. government entities have deployed as they implement zero trust architectures. Their first step has been to create a comprehensive educational pathway for their workers. This is because no one can implement zero trust alone.

Zero trust: Only education can move you forward

March 1, 2022
By George I. Seffers
The Department of Homeland Security’s Science and Technology Directorate is publishing an artificial intelligence and machine learning implementation plan and building a community of interest to foster adoption of the technology across the department. Credit: sdecoret/Shutterstock

The Department of Homeland Security Science and Technology Directorate could release its artificial intelligence and machine learning strategy implementation plan as early as this month and is growing a community of interest to foster the adoption of the technologies across the department.

March 1, 2022
By Robert K. Ackerman
 Two cyber experts in the Naval Information Warfare Systems Command (NAVWAR) review the cyber baseline process. NAVWAR is implementing new approaches to ensure the security and resiliency of Navy cyber assets.  U.S. Navy photo

The Naval Information Warfare Systems Command is addressing human-technology synergy by empowering its workforce to both adapt new technologies and adapt to new technologies. The command’s personnel are working with people in its industry partners on efforts that will affect operations across the entire Navy.

March 1, 2022
By Lt. Cmdr. Derek S. Bernsen, USNR
Competitions and other extensive exercises are part of the trainings that cyber officers receive. Credit: Master Sgt. R.J. Biermann

The Defense Department must break from the Working Capital Fund model and make a strategic investment to build up new capabilities at cyber research and development commands. Failure to overcome the barriers generated by that model to improve the efficiency of these organizations would surely hand the technical advantage to adversaries who can innovate faster.

March 1, 2022
By Shaun Waterman
Artificial intelligence (AI)/machine learning (ML) is especially susceptible to hacking and can be attacked even without access to the computer network it runs on. Credit: Shutterstock/Sasun Bughdaryan

In the rush to implement national security use cases for artificial intelligence and machine learning, policymakers need to ensure they are properly weighing the risks, say experts in the field.

Like all software, artificial intelligence (AI)/machine learning (ML) is vulnerable to hacking. But because of the way it has to be trained, AI/ML is even more susceptible than most software—it can be successfully attacked even without access to the computer network it runs on.

February 28, 2022
By Robert K. Ackerman
Damien J. Terry is the chief diversity officer for DISA.

The Defense Information Systems Agency (DISA) is striving to diversify its workforce by working both within and without. Its efforts include querying existing workers for information about the work environment and laying the groundwork for bringing in new people from nontraditional sources.

These activities are coming from the newly created DISA Diversity Office. Damien J. Terry, chief diversity officer for DISA, explains that the office is pursuing a multifaceted approach to improving diversity at the agency. This includes tapping existing expertise among DISA employees and establishing mechanisms for future hires—effectively, a detailed program for recruitment and retention.

February 25, 2002
By Kimberly Underwood

The United States’ military homeland defense commands, the North American Aerospace Defense Command and the U.S. Northern Command, are facing more complex adversarial threats and current geopolitical strife, all while trying to modernize its technological capabilities to operate more effectively.

The two commands’ top cyber, data and communications leader, Brig. Gen. Eric DeLange, USAF, who is known as the J-6, is working to meet the advanced technology needs, but strives to only employ solutions that will work without failure given the urgent 24/7 operational needs.

February 23, 2022
By Kimberly Underwood
Lt. Gen. Stephen Whiting, Space Operations Command commander, shown inducting a service member into the U.S. Space Force, discussed cyber defense advancements at the 2022 Rocky Mountain Cyberspace Symposium. Credit: U.S. Space Force photo by Staff Sgt. Kirsten Brandes

The establishment of the Cyber Defense Correlation Cell for Space, or CDCCS, by the U.S. Space Force has created an important secondary layer of cyber protections, said, Lt. Gen. Stephen Whiting, USSF, commander, Space Operations Command, U.S. Space Force.

The general discussed the service’s and the Space Operations Command’s most recent cyber defense advancements yesterday at the AFCEA Rocky Mountain Chapter’s annual Cyberspace Symposium, held February 21-24, in Colorado Springs, Colorado.

February 23, 2022
By Kimberly Underwood
Panelists discuss cyber training for the Air Force during a panel at the Rocky Mountain Cyberspace Symposium 2022.

In today’s complex operating environment, airmen specializing in networking, communications and cyberspace operations need a more robust training regimen throughout their careers. The U.S. Air Force is not doing enough to prepare these specialists for future roles as chief operating officers or as so-called A-6s, officers in charge of preparing for or conducting communication and information operations. The service needs to do a much better job, according to a panel of A-6 leaders from several Air Force major commands.

February 24, 2022
By Kimberly Underwood
Credit: Alexander Supertramp/Shutterstock

In the cyber protection industry, a common mantra of having to successfully defend networks and information technology environments all of the time misses the point, according to one cyber leader. Instead, cyber warriors should identify clear, desired outcomes in regard to cyber operations.

February 22, 2022
By Dan Schulman
The Office of Management and Budget mandates that agencies allow Internet access to least one Federal Information Security Management Act Moderate system that requires authentication and is not currently Internet-accessible. Credit: jamesteohart/Shutterstock

 This article is part of a series that explores zero trust, cyber resiliency and similar topics.

The recently released federal zero-trust strategy from the Office and Management and Budget (OMB) and the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency (CISA) has one action area that has raised a few eyebrows within the zero trust community: Go ahead and open your applications to the Internet. Wait… what?