The Cyber Edge

The Cyber Edge Home Page

September 15, 2021
By Kimberly Underwood
Gen. Paul Nakasone, USA (c), commander, U.S. Cyber Command, speaks on a panel at the Intelligence and National Security Summit. Photo by Herman Farrer

The cyber activities of Russia to try and impact the U.S. presidential elections of 2016 and 2020 are well known, spoken about by U.S. military cyber and other leaders. Going forward toward the mid-term election of 2022, the roster of countries attempting to harm U.S. processes is growing, reports Gen. Paul Nakasone, USA, commander, U.S. Cyber Command. And the command is already preparing to protect the 2022 elections.

September 14, 2021
By Kimberly Underwood
Chris Inglis, national cyber director, discusses cybersecurity challenges with Suzanne Kelly, CEO and publisher, The Cipher Brief, at the 2021 Intelligence and National Security Summit.

Eight weeks on the job, the national cyber director, Chris Inglis, is examining the confines of how to approach the cyber adversaries and nation states conducting malicious attacks on the U.S. government, critical infrastructure and private sector. The former deputy director of the National Security Agency and a member of that agency for 28 years, Inglis sees how the Russian government is not taking any action against perpetrators.

September 2, 2021
Posted by Kimberly Underwood
Chief Master Sgt. Denzil Hellesen, USAF (c), 3D0XX career field manager, speaks to other cyber career field leaders during a meeting at Sheppard Air Force Base, Texas, on August 23. Leaders held a week-long conference to discuss how to transform the service’s cyberspace career fields to advance Air Force cyber capabilities. Credit: U.S. Air Force photo by John Ingle

As the Air Force strives to become a digital force and embraces Chief Gen. C. Q. Brown’s vision of accelerating change, the service is streamlining its cyber and communications career fields. Headquarters Air Force leaders, National Guard and Reserve leaders and major command functional managers of the cyberspace support career field met at Sheppard Air Force Base, Texas, last week to discuss how to develop the adaptable, agile communications and cyber career fields needed to support future Air Force requirements, reported John Ingle from the 82nd Training Wing Public Affairs.

August 18, 2021
By George I. Seffers
Credit: Shutterstock/Olivier Le Moal

The Defense Information Systems Agency intends next month to award a contract for its Thunderdome zero-trust architecture and to begin implementing a prototype within six months. The new architecture is expected to enhance security, reduce complexity and save costs while replacing the current defense-in-depth approach to network security.

A defense-in-depth architecture essentially calls for placing various network protection tools, such as firewalls, antivirus protection software and secure web gateways at multiple points in the network with redundancy to keep attackers out of the network. Zero trust, on the other hand, requires that every user and every device be authenticated every time before being granted network access.

August 18, 2021
By George I. Seffers
Credit: Gerd Altmann/Pixabay

Defense Information Systems Agency (DISA) officials do not plan to try to force others in the Defense Department or military services to use its zero-trust solution known as Thunderdome.

Thunderdome is a fledgling program that offers a range of capabilities, including secure access service edge (SASE), software-defined area networking (SD-WAN), identity credential access management (ICAM) and virtual security stacks.

SASE, which is pronounced “sassy,” is a technology package that includes SD-WAN, firewall as a service and cloud access security broker. While SASE has been implemented across much of the commercial world, it has not yet been widely adopted by the government.

August 24, 2021
By Shaun Waterman
Kay Turner, senior counselor for digital identity, inclusion and payment infrastructure to the director of the Financial Crimes Enforcement Network, addresses the virtual 2021 Federal Identity Forum.

The threat to the integrity of the U.S. and global financial system posed by the crisis in online identity is a national security issue, a senior Treasury Department official told the 2021 Federal Identity Forum and Expo Monday.

August 20, 2021
By Kimberly Underwood

The U.S. Air Force is pursuing zero-trust architecture on a level not seen before with the lead command, the Air Combat Command, driving many initiatives with a comprehensive view to employ zero-trust architecture across the service’s bases, weapon systems and mission environments. Supporting the cyberspace and engineering side of the effort is the 16th Air Force’s 688th Cyberspace Wing.

July 30, 2021
By Kimberly Underwood
The Defense Information Systems Agency’s Emerging Technology Directorate is beginning a new pilot program to look at how well artificial intelligence and machine learning can be applied to automate aspects of cyber defense. Credit: Shutterstock/cybrain

The Defense Information Systems Agency, known as DISA, is expanding its artificial intelligence (AI) efforts through a research agreement and a new pilot program. While both efforts are in the beginning stages, the agency is considering how to possibly apply the so-called AI capabilities to network defense—among other areas the agency is separately pursuing—as it conducts its daily 24/7 mission of protecting the Department of Defense Information Network, or DODIN.

The agency entered into a Cooperative Research and Development Agreement, or CRADA, with Vienna, Virginia-based software company NT Concepts to apply machine learning (ML) to defensive cyber operations.

August 1, 2021
By Jeremy Miller and Dawn Yankeelov
Workforce development must include education and training for cyber readiness.  Envato/mstandret

The small business sector must seize the day and immediately begin taking the steps necessary to implement tools for cyber resilience and cyber readiness. Scaling cybersecurity services, education and training are crucial to national security.

Regarding the cyber warfare landscape for 2021, the most critical group to secure is the small and midsize business sector (SMBs), particularly following the pandemic. When working with tech-specific organizations and the military, process management and a sense of purpose can overcome inertia and apathy until a financial loss appears.

August 5, 2021
Posted by Kimberly Underwood
U.S. Cyber Command cyber warriors and a French cyber professional collaborate during a July 21 training exercise, Cyber Fort III, at Fort George G. Meade, Maryland. The Command, along with federal agencies such as the FBI, NSA, DOD and the Department of Justice, will be collaborating with the new Joint Cyber Defense Collaborative to broaden U.S. cyber defenses. Credit: U.S. Cyber Command/Josef Cole

As the United States is more and more under siege against nefarious cyber attacks, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA, has been working to educate, advise and partner to protect the nation. In its latest move, CISA has created the Joint Cyber Defense Collaborative to bring defensive cyber capabilities together across the federal government, local and state entities and the private sector, according to an August 5 statement from CISA.

August 1, 2021
By Shaun Waterman
Airman 1st Class William King, USAF, technician, 352nd Special Operations Support Squadron, troubleshoots a modem connected to a parabolic dish in August, at RAF Mildenhall, England. JADC2 relies on globe-spanning high bandwidth links like these. U.S. Air Force photo by Airman 1st Class Joseph Barron

Earlier this year, Defense Secretary Lloyd Austin signed off on the U.S. Defense Department’s first-ever strategy for Joint All-Domain Command and Control, or JADC2, giving his imprimatur to an ambitious vision of a fully networked U.S. military.

JADC2 aims to provide rear-echelon commanders with continuous connectivity to front-line sensors, providing real-time data and offering an unassailable decision advantage to U.S. forces.

On the digitally managed battlefield envisaged by JADC2, autonomous vehicles and networked weapons would be remotely controlled via cloud-based AI-enabled software, so that a coordinated attack by land, sea, air and cyber forces can be launched with the swipe of a finger.

August 1, 2021
By Cmdr. Erika De La Parra Gehlen, USN
National security objectives can only be achieved when the government and private sector work together. NSA

As China continues to threaten U.S. national security through a whole-of-society warfare strategy, a government-private sector partnership must be a fundamental component of the U.S. government’s approach to information advantage and countering China’s attacks.

July 27, 2021
By Maj. James Torrence, USA
While some tout the idea that U.S. forces could pre-emptively degrade their own technological capabilities in a peer, or near-peer conflict, doing so would lead to losing, says an Army signal officer. Credit: Andy Gin/Shutterstock

The novel 2034 by James Stavridis and Elliot Ackerman perpetuates a fundamental misunderstanding of how technology should be employed and managed in future conflicts.

The continuing narrative is that we should purposely degrade our systems in a conflict with a peer competitor because of the possibility of a degraded spectrum, cyber attacks, space-based detection and jamming. But if we preemptively degrade our technology in a peer conflict, we will lose.

In the novel, after a conflict with the Chinese Navy in which the U.S. technical systems were incapacitated, U.S. ships preemptively disabled “any interface with a computer, a GPS or [any interface] that could conceivably be accessed online.”

July 22, 2021
By Kimberly Underwood
U.S. Air Force airmen at Andersen Air Force Base, Guam, work to refuel an F-35A Lighting II aircraft assigned to Eielson Air Force Base, Alaska during the Cope North exercise in February. The airmen were conducting agile combat employment, or ACE, training during the exercise. The service’s ACE operations, which aim to bring more agility, resiliency and deterrence in a near-peer competitive environment, will be supported by its zero-trust architecture platforms. Credit: Pacific Air Forces/Senior Airmen Jona

Led by the Air Combat Command, the U.S. Air Force is pursuing zero-trust architecture on a level not seen before. One of the service’s first main use cases applies the cybersecurity measure to the agile combat employment (ACE). ACE operations provide a more lean, agile and lethal force that can generate airpower from multiple locations. ACE requires a different kind of command and control (C2) environment, as well as advanced planning concepts and logistical supply line support.

July 1, 2021
By Robert K. Ackerman
Two U.S. Navy operations specialists stand watch aboard the USS Dwight D. Eisenhower. The Navy must provide cybersecurity for major systems aboard ships as well as for smaller logistical systems, all of which are targets for digital adversaries.  U.S. Navy photo

The U.S. Navy is moving ahead at full speed to equip its assets with effective cybersecurity. However, the diverse nature of those assets—some are city-size ships while others are small but vital systems—confound planners seeking to ensure interoperable security measures.

June 22, 2021
By Kimberly Underwood

Following the success of some initial, smaller-scale efforts, the U.S. Air Force is pursuing zero trust architecture on a level not seen before. The service’s Air Combat Command is leading the charge into many more initiatives with a comprehensive view to employ zero trust architecture across its bases, weapon systems and missions.

July 1, 2021
By George Galdorisi and Sam Tangredi
A soldier wears virtual reality glasses; a graphic depiction of a chess set sits in the foreground.  Illustration created by NIWC Pacific

Winner of The Cyber Edge 2021 Writing Contest

Convincing senior defense decision makers to significantly invest in artificial intelligence capabilities that would add more value to the United States’ already digitized operational capabilities—particularly in the cyber domain—needs more than pronouncements that “AI can save the taxpayers money.” It requires a logical progression of defining the objective, identifying the need, demonstrating specific results, conducting comprehensive cost analysis and, particularly in the case of applications in the cyber domain, thoughtfully discussing resilience and deception.

By Samuel J. Richman
The vastly complex and subtle digital human network that spans civilian and military populations must be defended as rigorously as computer networks.  Shutterstock/Pop Tika

2nd Place in The Cyber Edge 2021 Writing Contest

The United States stands on the cusp of a future defined by great power competitions that will undoubtedly be characterized by broad, deep and subtle cyber warfare strategies and tactics. The nation must make a deliberate decision to defend the digital human attack surface effectively by blurring traditional battle lines and creating a combined homeland and external battlespace.

July 1, 2021
By Lt. Col. Ryan Kenny, USA
Defending digital ecosystems from information pollution data operators should be a mission the U.S. national security apparatus conducts.  Shutterstock/ NDE12019

3rd Place in The Cyber Edge 2021 Writing Contest

A military-age male left home and traveled through the city, unaware he was being surveilled. Those watching him knew his patterns and preferences. They collected his point of departure, route and destination to predict when he would be most vulnerable for attack. Arriving at a marketplace, he meandered through a few high-traffic areas. Passing down a quiet corridor, he finally provided a clear shot. His smartphone buzzed and its screen flashed: “Two-for-one sale at the nearby pretzel shop!” He was struck by a precision-guided advertisement.

June 24, 2021
Posted by Kimberly Underwood
Homeland Security Secretary Alejandro Mayorkas (c), speaking to European Union counterparts in Portugal on June 21 during the U.S.-E.U. Ministerial Meeting of Justice and Home Affairs, has announced that the Department of Homeland Security and the EU will form a working group to examine ransomware attacks. Credit: DHS

The U.S. Department of Homeland Security and the European Union will create a joint working group to address the rise of ransomware attacks in the United States and Europe. Secretary of Homeland Security Alejandro Mayorkas made the announcement during a visit this week to Portugal for the biannual U.S.-EU Ministerial Meeting‌ on Justice and Home Affairs, according to a report from the DHS. 

June 15, 2021
By Kimberly Underwood
Senior Airman Thomas Goodnoe, USAF, tactical network operations technician, 1st Combat Communications Squadron (l), and Staff Sgt. Darryl Terry, USAF, cyber transport supervisor, 1st CBCS, review their systems against their technical guides during a cybersecurity audit in 2017 at Ramstein Air Base, Germany. The Air Force has added a new detachment that will provide initial training to cybersecurity airmen before they reach their mission locations. Credit: U.S. Air Force photo/Staff Sgt. Timothy Moore

The Air Force has stood up the Cyber Security and Defense Formal Training Unit, or FTU, at Keesler Air Force Base. The new cyber education detachment will enable a more “streamlined training pipeline” for airmen to build their foundational cyber warfare capabilities for future service, joint and national responsibilities, leaders say.

June 1, 2021
By Kimberly Underwood
In its pursuit of open architecture solutions, the U.S. Navy has made “great strides” in applying the Mission Computer Alternative (MCA) platform, which is a Hardware Open Systems Technologies- (HOST-) conforming mission computer. The service is currently testing the MCA/HOST platform in its E-2D Advanced Hawkeye tactical airborne early warning aircraft and in its T-45 training aircraft (above)—and is considering how to advance the solutions to other platforms.  U.S. Navy photo

The U.S. military is using open architecture platforms on a greater scale, deploying interchangeable hardware and software systems to its major weapon programs. In particular, the Navy’s Naval Air Systems Command, known as NAVAIR, and its Program Executive Office, Aviation Common Systems and Commercial Services, are increasingly using flexible “systems of systems” in many of its major aviation programs. The application of open architecture is allowing the Navy—and the Defense Department—to consolidate common resources, decrease risk, reuse software, enhance maintenance abilities, reduce costs and increase tactical options.

June 2, 2021
By Chris Souza
Cybersecurity grows more complex with the Cybersecurity Maturity Model Certification. Effective compliance begins with effective leadership. Credit: fizkes/Shutterstock

There’s little doubt that thanks to the influx of new government regulations around privacy and data security, requirements have become the primary area of focus for many defense industrial base and General Services Administration contractors.

June 1, 2021
By Mark Spangler
 Cyber program managers must review their plans to respond to today’s evolving threat environment.  Shutterstock

Cybersecurity program managers are facing the dilemma of appropriately balancing compliance with threat tracking and mitigation. Today, amidst the ever-growing problem of data breaches, organizations are investing in protection. But simply complying with security and privacy standards seldom means systems and data are automatically secure.

June 1, 2021
By George I. Seffers
Using virtual reality, soldiers from Fort Sill, Oklahoma, get a look at components of the Army’s new prototype Long Range Hypersonic Weapon and a chance to influence how the system is designed. In the future, units may use 3D printers to build their own virtual reality headsets.  U.S. Army

The personnel within the Realities Lab at the Army Cyber Institute located at West Point explore every aspect of extended reality technologies, developing new tools, conducting studies and asking the hard questions.

The Realities Lab is dedicated to research in what is becoming known as extended reality, or XR, a term that includes augmented, virtual and mixed reality. Extended reality technologies offer a wide range of military uses, including realistic training available virtually anywhere, modeling and simulation for weapon system development, and actual situational awareness on the battlefield.

May 27, 2021
By Kimberly Underwood
Gen. Paul Nakasone, USA, commander, U.S. Cyber Command; director, National Security Agency; and chief, Central Security Service, pictured speaking in 2019 with cyber soldiers assigned Fort Meade, expects an increase in the number of cyber teams deployed at the request of foreign governments to help defend against cyber marauders. Credit: Steven Stover, 780th Military Intelligence Brigade (Cyber)

The U.S. Cyber Command, at the invitation of foreign governments, sends teams of cyber warriors overseas to aid in the search for, analysis of and protection against adversaries conducting cyber warfare.

While U.S. forces frequently deploy overseas, this is a different kind of military support. Instead of taking tanks, helicopters and ships, the U.S. military sends its cyber warriors, armed with their adroit offensive and defensive skills and digital tools.

May 25, 2021
By Kimberly Underwood
Operating for just about 7 months, the Analysis and Resilience Center for Systemic Risk, or ARC, has a unique role in helping to protect industry-owned assets that have implications to national security if attacked by cybermauraders. Credit: Shutterstock/xtock

Stood up last October—the Analysis and Resilience Center for Systemic Risk (ARC), a nonprofit, Arlington-Virginia-based organization—helps to protect the nation’s infrastructure by assessing the endemic cybersecurity risks to the critical energy, financial and other private sectors. A 2013 executive order identified some assets—on which the U.S. government relies but reside in the private sector—that if compromised by cyber attack could have a catastrophic impact on national security.

May 24, 2021
 
Cyber adversaries are creating a “wild west” environment in cyberspace where organizations must be aware of their security to protect themselves, said Gene Yoo, CEO of Resecurity Inc. Credit: Shutterstock

Recent cyber attacks against critical infrastructure such as the attack on Colonial Pipeline Co. has put cybersecurity in the spotlight.

But combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them, Gene Yoo, CEO of Resecurity Inc., told SIGNAL Magazine Editor-in-Chief Robert K. Ackerman during a SIGNAL Media Executive Video interview.

Adversaries come in different types, he added, noting that these range from part-time hacktivists to skilled professionals working for criminal organizations or state intelligence agencies.

May 19, 2021
By George I. Seffers
Data science and management are the first priorities when adopting artificial intelligence and machine learning, says the commander of U.S. Army Network Enterprise Technology Command. Credit: agsandrew/Shutterstock

If the United States is going to use artificial intelligence (AI) and machine learning (ML) to maintain a technological advantage, data science capabilities are a must, says Maj. Gen. Maria Barrett, USA, commander, U.S. Army Network Enterprise Technology Command (NETCOM).

Gen. Barrett made the remarks while serving on a panel of women cyber leaders on the final day of the AFCEA TechNet August Virtual Event Series, held May 18-19.

May 19, 2021
By Robert K. Ackerman
 Credit: metamorworks/Shutterstock

Cyber education and training should begin not in college, not in secondary school, not in middle school, not in elementary school, but at home as soon as children are able to view or use social media, say some experts. This training is important not just to lay the groundwork for future cybersecurity professionals in a field starved for expertise, but also to instill good cyber hygiene habits that can be passed on to other family members.

By Kimberly Underwood
The 67th Cyberspace Wing of the U.S. Air Force is examining the concept of software factory-as-a-service that could aid in cyber space operations, reports Wing Commander Col. Jeffrey Phillips, USAF.

The U.S. Air Force’s 67th Cyberspace Wing has been busy. The wing operationally acts as the execution arm of Air Forces Cyber, performing comprehensive cyber operations on a service and nation level. The wing has successfully proven its ability to operationalize on top of its duties to organize, train and equip, reported Col. Jeffrey Phillips, USAF, wing commander. The wing took action against Russia’s information warfare campaign over the last year, responded to the SolarWinds compromise and helped ensure the digital security of the 2020 election, Col. Phillips said during a May 18 presentation to the AFCEA Alamo Chapter.

May 18, 2021
By Kimberly Underwood
The Army’s Cyber Center of Excellence (CCoE) at Fort Gordon, Georgia, is creating a new pilot program to allow soldiers to access training before deploying, when they are at their units or when they find they are lacking in a skill. It will also let managers know in which areas a soldier is strong, says incoming Command Chief Warrant Officer (CWO) at the CCoE, CWO 5 Paul Sankey, USA.

The U.S. Army is creating a pilot program for a limited number of Signal Warrant Officers to build certain skills that the service is identifying as being crucial for the future digital battlefield. The program, currently being developed by the Army’s Cyber Center of Excellence (CCoE) at Fort Gordon, Georgia, will feature an online training platform for soldiers to access on-demand education when needed to support future signal, cyber and electronic warfare operations.

May 18, 2021
By George I. Seffers
STEM education is a vital part of attracting a cyber-savvy workforce for civil and military service. Credit: Somjai Jathieng/Shutterstock

Every cyber warrior can be a cyber recruiter, according to panelists at the AFCEA TechNet Augusta Virtual Event Series.
 
The United States faces a severe shortage in cyber personnel and in students willing to enter the cyber workforce. That shortage is even more acute in the government and the military, where talented personnel are often recruited by industry for higher pay and other incentives.
 

May 13, 2021
By Kimberly Underwood
Making ransom payments in cyber attacks only fuels the business model of malicious actors, warns the acting director of the Cybersecurity and Infrastructure Security Agency, Brandon Wales, speaking to reporters on May 13.

The Cybersecurity and Infrastructure Security Agency, or CISA, the nation’s lead federal agency for protecting government networks and critical infrastructure against cybersecurity threats, reminded agencies and the private sector not to succumb to paying ransoms in cyber attacks and to take much greater steps to shore up any vulnerabilities. “As last week’s ransomware attack against the Colonial Pipeline and recent intrusions impacting federal agencies demonstrate, our nation faces constant cyber threats from nation states and criminal groups alike,” said Brandon Wales, CISA’s acting director in a May 13 statement. 

May 13, 2021
By Kimberly Underwood
The new cybersecurity executive order from the White House calls for the federal government’s increased use of multifactor authentication, encryption, endpoint detection response, breach logging, zero-trust architecture and cloud computing, according to a senior administration official. Credit: Shutterstock/Andrea Izzotti

In an effort to increase critical infrastructure cybersecurity and better protect federal networks, President Joseph Biden signed an executive order on May 12. It includes provisions to improve information sharing between industry and the U.S. government, overhaul federal cybersecurity standards, spur the further use of cloud computing and zero trust architecture, and mandate the use of multifactor authentication and encryption. Amongst other measures, the executive order establishes a Cybersecurity Safety Review Board that would dissect a significant cyber incident and make recommendations for action.

May 1, 2021
By Kevin Tonkin
U.S. Marines assigned to the Defensive Cyberspace Operations–Internal Defensive Measures Company, 9th Communications Battalion, review network configurations in the current operations tent at Marine Corps Base, Camp Pendleton. The company executes defensive cyberspace operations for the Marine Corps Enterprise Network. Photo by Cpl. Cutler Brice, USMC, I Marine Expeditionary Force

The massive cyber attack on the United States via information technology vendor SolarWinds continues to send shockwaves through the departments of Defense, State and Homeland Security as well as other agencies. Damage assessments are ongoing. If the U.S. government in general and Defense Department in particular are to successfully defend against attacks by well-funded, patient and highly motivated enemies, they will need to change their approach to defending their networks and systems.

May 1, 2021
By Michael Grebb, David Nolan and Gabriel Martinez
Managing access to information systems involving data about drug overdoses, federal threats, criminal justice information, geographical information system (GIS) mapping or physical access to a crime scene is central to today’s public safety information technology environment. The Tennessee Dangerous Drug Task Force is part of a pilot program to advance federated ICAM initiatives for first responders. Credit: Shutterstock/Victor Yang

Public safety agencies are seeking ways to reliably grant mission-critical information access to authorized users while also ensuring security and data integrity. Technical pilot projects sponsored by the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency demonstrated cross-domain federated identity, credential and access management for secure information sharing for first responders in Texas and Tennessee.

April 6, 2021
Posted by: George I. Seffers
A newly formed industry advisory council will allow small and large businesses to provide feedback on the CMMC. Credit: Gorodenkoff/Shutterstock

The Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB), the sole authoritative source for operationalizing CMMC assessments and training by the U.S. Defense Department, has announced the formation of a cybersecurity Industry Advisory Council’s (IAC).

The CMMC-AB IAC mission is to provide a unified voice as representatives of organizations seeking certification to provide to the Defense Department and the accreditation board feedback, input and recommendations for implementing the CMMC.

April 1, 2021
By George I. Seffers
With the National Institute of Standards and Technology expected next year to select quantum-resistant algorithms for encryption and for digital signatures, an NSA official warns that departments and agencies should begin preparing now to protect national security systems in the quantum era. Credit: sakkmesterke/Shutterstock

The national security community needs to prepare now for the possibility that U.S. adversaries could develop and deploy quantum computers, which would render useless most conventional encryption algorithms, says Adrian Stanger, senior cryptographic authority, Cybersecurity Directorate, National Security Agency (NSA).

April 1, 2021
By Matt Toth and Richard Chitamitre
Training sessions, such as Cyber Shield 19, provide cybersecurity analysts opportunities to train, exchange best practices and test their cyber mettle. Credit: Army Staff Sgt. George B. Davis

The nature of military permanent change of station assignments can create gaps in the U.S. Defense Department’s protected posture to cyber assets. The current approach allows valuable institutional knowledge literally to walk out the door, often being replaced with inadequately prepared personnel walking in. This practice runs contrary to the Pentagon’s stated strategic goals that aim at building and maintaining a skilled workforce rather than solely acquiring new tools.

April 1, 2021
By Miroslav Nečas
The NATO Ministers of Defence meet in February to prepare for its summit later this year. Among the topics socially distanced attendees discussed were progress on burden sharing and missions in Afghanistan and Iraq. Credit: NATO

NATO is at risk of losing its technology edge because of emerging and disruptive technologies increasingly developed within the civil sector. The growth of peer competitors’ determination, especially China, and the decline of technology education in Western countries are eroding the advantage they once skillfully held.

To address this state of affairs, the organization’s defense ministers are examining a number of activities. As a part of this initiative, the NATO Industrial Advisory Group (NIAG) conducted a study to provide the industry view of the implications of emerging and disruptive technologies (EDTs) and Chinese advances in defense operations and military capability development.

February 1, 2021
By Mark S. Sincevich
Senior Airman Rose Li, USAF (l), and Airman 1st Class Eric Gardella, USAF, 86th Communications Squadron wing cyber readiness technicians, monitor malicious network activity during exercise Tacet Venari at Ramstein Air Base, Germany, in 2020 to prepare local cyber defenders in safeguarding critical technological infrastructures. U.S. Air Force photo by Staff Sgt. Devin Boyer

The federal government has been taking zero trust more seriously. Although a significant part of it has yet to be implemented, some initial work has been completed with zero trust network access, yet the outside-in approach to zero trust and complexity remains. But the more important aspect of zero trust relates to application and workload connections, which is what attackers care about and is not being protected today.

This “other side” of zero trust and a host-based micro-segmentation approach will lead to greater security and will stop the lateral movement of malware. Constituting multiple pilot projects is the best way forward in the inside-out approach to zero trust.

March 25, 2021
By Kimberly Underwood
Adversaries are no longer merely launching attacks from their part of the world, says Gen. Paul Nakasone, USA, commander, U.S. Cyber Command, testifying before Congress on March 25. “They can come in the United States and use our infrastructure, and there is a blind spot for us not being able to see them,” he warns.

The last year presented “unique challenges” to the military combatant command in charge of defending U.S. related interests in cyberspace. The three-year old U.S. Cyber Command, which plans and executes global cyberspace operations, activities and missions in regard to defending and advancing national interests, has spent the last year defending and mitigating against the continuing cyber threats from China, Russia, Iran and nonstate actors and criminals, reported Gen. Paul Nakasone, USA, commander, U.S. Cyber Command (CYBERCOM); director, National Security Agency (NSA); and chief, Central Security Service (CSS); in testimony before the Senate Armed Services Committee today.

March 1, 2021
By Maryann Lawlor
China’s consolidated control its political mechanisms enables a unity of effort difficult to achieve in democracies. Credit: Shutterstock/Poring Studio

The rise of the People’s Republic China as a peer competitor vying for superpower status has emerged as an important challenge for the United States. To confront this competition, policy and decision makers must preserve and extend U.S. global interests to deter China if necessary and work in the international system in which the United States plays a vital role.

March 1, 2021
By Robert K. Ackerman
Credit: DHS

The entire nation must engage in an informed debate about cybersecurity and how to stop the damage being inflicted by adversaries through cyberspace, says the director of intelligence for the U.S. Cyber Command. Brig. Gen. Matteo Martemucci, USAF, J-2 for the U.S. Cyber Command, says this debate must explore whether the roles played in cyber defense stay the way they are or change.

March 1, 2021
By George I. Seffers
The DARPA OPS-5G program has set some ambitious goals, including adoption of the technology by a mobile carrier near a military base and machine translation of open source standards. Credit: ZinetroN/Shutterstock

If all goes as planned, a major mobile cellphone carrier will ultimately adopt technology developed under the Defense Advanced Research Project’s Agency’s Open, Programmable, Secure 5G program. Doing so will allow the open-source, secure technology to proliferate as so-called Internet of Things technologies become more ubiquitous.

March 1, 2021
By George I. Seffers
A signal support system specialist prepares a radio system used to allow soldiers and airmen to keep in constant communications with one another during their missions. Graphic illustration by Regina Ali, U.S. Defense Department

The U.S. Defense Department already is looking beyond its massive $600 million investment in 5G experiments announced in October. Plans include a second round of experiments and the potential for expanding efforts with other government agencies and with international partners.

March 1, 2021
By Kimberly Underwood
One of the key challenges about 6G will be operating in ultra-high frequencies—in terahertz—and AT&T has started internal corporate development and external research at 60 U.S. universities to shape solutions for the next generation of wireless communication. Credit: Shutterstock/Den Rise

The telecommunications industry is currently rolling out the fifth-generation wireless network known as 5G, which is bringing more bandwidth, lower latency, high-speed throughput, improved reliability and increased connectivity to mobile communications. Off of that advancing communications point will come 6G, the sixth iteration of the wireless network.

March 1, 2021
By Jörg Eschweiler
Coalition Warrior Interoperability Exercise 2019 (CWIX 2019) hosted at the NATO Joint Force Training Centre in Bydgoszcz, Poland, showcased military interoperability between NATO personnel, processes and technologies. Credit: Dawn Stankus, NATO

As a lead nation, Germany has been successfully designing and implementing the Federated Service Management and Control capability as part of the development of the NATO Federated Mission Network. Throughout the joint approach, NATO member states, partner nations Austria and Switzerland, the NATO Communications and Information Agency, the Allied Command Transformation and Supreme Headquarters Allied Powers Europe, which are both NATO strategic commands, as well as Allied Command Operations have been continuously involved in its design and incremental implementation.

February 24, 2021
By George I. Seffers
U.S. intelligence community personnel may be more vulnerable while telecommuting during the pandemic, but so are U.S. adversaries, experts point out. Credit: enzozo/Shutterstock

Like the rest of the world, the U.S. intelligence community has been forced to telework during the COVID-19 pandemic, which offers opportunities, but then again, U.S. adversaries are working from home as well, which may offer opportunities, intelligence experts pointed out during a February 23 AFCEA Intelligence Committee webinar.

The online event included Melissa Planert, director, Tradecraft and Technology Group, Analysis Directorate, National Geospatial-Intelligence Agency, and Reid D, an innovator in secure government in the United Kingdom who did not want to be fully identified.