A team at the U.S. Army Research Laboratory has created four generalized linear models to predict the number of cyber intrusions a company or government will experience on its network. To design the models, the team used empirical data about successful cyber intrusions committed against a number of different organizations obtained from a cyber defense services provider that defended the organizations’ networks.
The Cyber Edge
A survey of thousands of information technology professionals reveals that a majority of organizations have too few security workers and nearly half do not provide adequate resources for security training. According to the “IT Professionals Are a Critically Underutilized Resource for Cybersecurity” study, 51 percent of the respondents said their systems are less able to defend against a cyber attack compared to a year ago.
Half of all Americans and 100 percent of the work force had their personal information compromised in the Equifax hack this summer. While critical data, such as what was stolen in the hack, requires better data protection, enhancing its protection is no longer enough. Resiliency has to be a critical capability too.
The increasing nature of computing capabilities, the number of technologies that are interconnected to the cyber world, the amount of data generated, and the speed at which data is reported are all reshaping everyday life. To harness this new dynamic, the commercial computer industry has already switched to a more agile way of developing software. More and more, the military is moving to advance the development of cyber-based infrastructure under this changing environment.
A cyber strike may not be the most effective deterrent against adversaries, Tom Bossert, assistant to the president for homeland security and counterterrorism, National Security Council, told the audience at the 2017 Intelligence and National Security Summit in Washington, D.C.
If a “bad actor” is engaging in increasingly unacceptable behavior, he said, “I think what we’ll have to do is punch him in a way that’s real-world and not cyber-world.” Deterrent actions will be “commensurate with the expense” and also will be done in such a way that it will not “create a long-term escalatory posture.”
Facing mounting threats, cyber hunt teams—aka security operations teams—are turning to machine learning technologies to sift through heaps of data and detect malicious activity faster than ever. People excel at making decisions with the right information, and machines excel at analyzing and retrieving actionable intelligence from large amounts of data. This duo is much more dynamic when working together than apart. Consider Tony Stark and his Iron Man suit versus the fictional character HAL 9000 from the Space Odyssey series.
Superman might have beaten bullets with his speed, but the U.S. Defense Department intends to do better. It has its sights set on developing cognitive technologies—computer vision, machine learning, natural language processing, for example—that are faster than the speed of human thought.
The military plans to tap machine learning and artificial intelligence (AI), in particular, to enhance decision making.
The U.S. General Services Administration’s latest endeavor to help government agencies increase their buying power offers a portfolio of providers to simplify the way they acquire and implement telecommunications and IT infrastructure services. According to administration officials, the 15-year, $50 billion Enterprise Infrastructure Solutions (EIS) contract, awarded this summer, will help agencies establish a solid foundation to modernize the government’s IT infrastructure, implement advanced cybersecurity solutions and improve service to the public.
Many U.S. government sectors, including defense, intelligence, public safety, cybersecurity and space, have seen a recent shift toward embracing new technologies and methodologies for delivering capabilities in a more responsive, agile manner.
The ecosystem of technologies that is driving this innovation is diverse to say the least. The foundation of this ecosystem is the underlying IT infrastructure. The evolution of hyperconverged infrastructure is maximizing the density of computing power, random-access memory and storage in these modern data centers, making it easier and more cost effective for providers to leverage and deploy applications and solutions.
The U.S. Defense Department is diving in and investing heavily to leverage the benefits provided by the burgeoning Internet of Things (IoT) environment.
After months of uncertainty, President Donald Trump announced today that he has elevated the U.S. Cyber Command to a unified combatant command. In addition, Cyber Command ultimately may be separated from the National Security Agency (NSA).
“This new unified combatant command will strengthen our cyberspace operations and create more opportunities to improve our nation’s defense,” Trump said. “The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries.”
The governments of Iran, North Korea, Russia and China are responsible for 90 percent of attacks on U.S. government agencies and private companies, said a leading cybersecurity expert at a recent conference. Most attacks come in the form of spear-phishing or email-related breaches.
To Lt. Gen. Vincent R. Stewart, USMC, director, Defense Intelligence Agency (DIA), modern warfare is a cognitive battle. To be successful, warfare must strive to control information.
In part, war is still a violent clash between hostile forces, with each force trying to impose their will on the other, the general said. Warfighting may still look like two armies crashing into one another on the battlefield.
“[This] nature of warfare hasn’t changed,” he stated. “War remains an active force to compel an adversary, nothing less.”
The menacing threat of cyberwarfare is pulling together international military leaders in an effort to combat global electronic attacks.
Commanders from key military intelligence posts—including allied commanders from the United States, Canada and the United Kingdom—will tackle the seemingly unconstrained risks from cyber criminals at an upcoming forum hosted by the Defense Intelligence Agency (DIA). The DIA’s Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference will be held August 14-16 in St. Louis.
Cybersecurity solutions company Comodo has launched a new research service called Comodemia for university, government and nonprofit educators and researchers. It gives users access to the Comodo Threat Intelligence Laboratory's cybersecurity data repository, one of the largest in the world.
Comodo's threat data comes from millions of endpoints in more than 220 countries. In the first quarter of this year, the lab detected and cataloged more than 25 million malware incidents. By the second quarter, the total grew to 97 million incidents as the company expanded its research program.
The network the Army has is not the network it needs to confront the changing face of warfare, says Maj. Gen. (P) Bruce Crawford, USA, who took over as the service’s chief information officer/G-6 nine days ago.
Gen. Crawford told the AFCEA TechNet Augusta audience the service confronts a confluence of strategic circumstances, with several major efforts all coming together at the same time. Those circumstances include the evolution of the threat, global instability that creates greater demand for ground forces, the rapid pace of technology evolution, the speed at which decisions must be made on the battlefield and emerging doctrines.
U.S. Army officials who play various roles in modernizing the network say doing so offers multiple benefits, including saving money, improving cybersecurity and offering greater flexibility on behalf of warfighters.
The officials made the comments while serving on a network modernization panel on the final day of the AFCEA TechNet Augusta 2017 conference.
On the multi-domain battlefield of the future, U.S. forces can expect to see more robots, pilotless ships and planes, and driverless convoys, as well as cyber and other game-changing capabilities, said Lt. Gen. Paul Nakasone, USA, commanding general, U.S. Army Cyber Command.
Gen. Nakasone made the comments during the afternoon keynote address at AFCEA TechNet Augusta 2017 in Augusta, Georgia.
“We are witnessing a fundamental change and transformation in the character of war," he said. “This transformation is being driven by technology and demographics, socioeconomic and political changes.”
The Army’s first doctrine for fighting in the cyberspace and electronic warfare domains already is changing the way the service operates, said Maj. Gen. John B. Morrison Jr., USA, commander, Cyber Center of Excellence and Fort Gordon, told the AFCEA TechNet Augusta audience in Augusta, Georgia.
Army officials have multiple pilot projects in the works to help define formations that will integrate cyber electromagnetic activities (CEMA).
According to Maj. Gen. John B. Morrison, Jr., USA, commander, Cyber Center of Excellence and Fort Gordon, the Army has initiated one pilot project with the Army Pacific Command and is seeking to begin another within the continental United States to better define formations that will integrate cyber, electronic warfare, signal and intelligence capabilities.