The increase in cyberthreats from both internal and external sources has put the onus on government agencies, particularly at the federal level, to implement strong cybersecurity architectures. While encryption is an essential component, without careful implementation, criminals easily can exploit its weaknesses, and the emerging power of quantum computing could compound the problem.
The Cyber Edge
An offshoot of social media, crowdsourcing could hold solutions to some of the biggest cybersecurity problems the U.S. Defense Department faces. The burgeoning field could find fixes for thorny legacy problems as well as emerging cyberthreats. This is exactly what is taking root at the Joint Forces Staff College in a course offered to service members and their Defense Department civilian equivalents learning cyber concepts in joint, interagency and multinational environments.
The U.S. Defense Department’s information technology combat support agency plans to hit the kill switch on a number of systems to improve network management. The Defense Information Systems Agency is converging functions such as network operations, defensive cyber operations and network situational awareness, thanks to smart, automated technologies. Most network management technologies will be eliminated by 2021 in favor of one system, or perhaps a suite of systems. The agency is working toward a converged, integrated solution that will provide the complete set of tools needed to gather big data and to operate, visualize, sustain, maintain and defend the system.
Society’s insatiable appetite for connecting objects in the physical world to the Internet has industry’s wheels turning to fuel the materializing disruptive ecosystem called the Internet of Things, or IoT. But the good of convenience goes hand in hand with the bad of cyber risks, experts warn, spurring the U.S. government’s search for the self-healing networks of the future based on the automation tools of today.
A new way of configuring networks eliminates security vulnerabilities that date back to the Internet’s origins. Instead of building multilayered protocols that act like flashing lights to alert hackers to their presence, network managers apply a single layer that is virtually invisible to cybermarauders. The result is a nearly hack-proof network that could bolster security for users fed up with phishing scams and countless other problems.
AFCEA International’s Continuing Education (CE) program has grown dramatically since its start in 2012. The program primarily supports maintenance of CompTIA and Global Information Assurance Certification (GIAC) related to Department of Defense Directive 8570.01-M compliance but also fulfills some continuing education and cybersecurity certification maintenance requirements for the (ISC)2, the National Contract Management Association (NCMA), the Project Management Institute (PMI), the Generally Accepted Government Auditing Standards (GAGAS) and the Defense Acquisition Workforce. In addition, AFCEA Leadership Forums have been approved for George Mason University continuing education units (CEUs).
Researchers at Sandia National Laboratories helped develop a potentially game-changing cybersecurity system that mimics the human brain’s ability to analyze data, and they are now testing the technology on the labs’ highly targeted networks.
The U.S. Defense Information Systems Agency, or DISA, launched a new cyber assessment program, known as a Command Cyber Operational Readiness Inspection (CCORI), that provides the Defense Department and federal agencies a greater understanding of the operational risk their missions face because of their cybersecurity posture, according to an agency statement.
Rep. Ted Lieu is no stranger to having his cellphone "hacked." Intruders recently were able to track his whereabouts, eavesdrop on conversations with staff members and access his text messages and email.
Fortunately for Lieu, the intrusion was part of a 60 Minutes segment last year that the TV news program did to highlight mobile device vulnerabilities. The California Democrat knew of the hackers who had successfully exploited his phone's Signaling System Seven, aka SS7, security flaw that compromises the global network that connects phone carriers. The same vulnerabilities still exist one year later, Lieu shared on Thursday during a Capitol Hill demonstration about mobile security, or lack thereof.
The White House’s first federal budget blueprint unveiled Thursday seeks to fund the nation’s cybersecurity efforts by boosting budgets of the U.S. Defense Department and Department of Homeland Security—an initiative officials say will guard against the magnified threat landscape that is only getting worse.
Do you work for a cyber company with federal government contracts? If so, hold onto your hat, because $210 billion in government information technology contracts will expire this year and be re-competed.
WikiLeaks is posting thousands of files Tuesday the organization says detail the CIA’s efforts to surveil overseas targets by tapping otherwise ordinary devices that are connected to the Internet. The anti-secrecy group launched a “new series of leaks,” this time taking aim at the CIA’s Center for Cyber Intelligence, which falls under the agency’s Digital Innovation Directorate.
If you can’t beat the hackers, join them—or at least act like them. By hacking a system from within, security experts can identify vulnerabilities and try to stay one step ahead of increasingly sophisticated cyber criminals. Thinking like an attacker cultivates an offensive mindset that leads to streamlined systems that incorporate the best of human skills and automated capabilities to shore up defenses from the inside out.
The U.S. Secret Service is putting into place its first-ever cyber and information technology strategic plan, which provides a path forward through 2021. Among other goals, the plan calls for the agency to build a world-class network operations security center and to continue the march toward greater mobility for special agents and uniformed officers.
What will you be doing in 20 years? Have you planned that far ahead? As anyone who thought floppy disks or landlines would stand the test of time knows, predicting that far out is a challenge, especially when it comes to technology. But the U.S. Army has done just that, outlining its vision for an effective, modern enterprise network in the strategic document “Shaping the Army Network: 2025-2040.”
Advances in genomics, medical sensors and data-driven health care increasingly are enabling doctors and patients to make personalized and targeted care decisions. But the effectiveness of these precision medicine capabilities depends on critical cybersecurity components to protect patient privacy and the integrity of patient data.
With cyberspace emerging as a critical warfare domain, U.S. military leaders have been forced to dump both old habits and doctrine in the name of network security. These arduous tasks are part of adapting to the new normal of the digital age, which can include contorting Army policies and actions to win modern wars and address global crises, says Essye Miller, the Army’s director of cybersecurity.
Some U.S. Marine Corps cyber warriors are playing their way toward proficiency. The Corps’ Delta Company, Communication Training Battalion, has turned to gamification to foster a new cyber instruction method that is becoming much more than fun and games. Retooling teaching techniques gave rise to what is dubbed “2-3-6 training” to integrate the intelligence directorate with operations and communications, which in military parlance are designated by the numerals 2, 3 and 6.
A defense-in-depth architecture built around a dual-data model reduces the risk of supervisory control and data acquisition networks being hacked or their data being stolen. The dual-data approach makes connecting various sensors and legacy systems easy, and initial tests show that adding a defense-in-depth architecture provides a degree of security not found in many of these networks, which often lack effective protection against intruders.
Cyber capabilities have dramatically transformed the battlefield and how conflicts are resolved. Traditionally, battles were fought in conventional domains—land, air, sea, space—using kinetic, psychological and economic means to defeat opponents. In the cyber realm, anything goes. There are no rules. And adversaries are developing advanced cyber capabilities just as quickly as the United States, threatening critical infrastructure and other systems. So-called cyber-to-physical attacks, when hackers target physical buildings, networks and sites, demonstrate the potentially catastrophic results of a successful campaign against power, water and transportation services.