cyber security

June 15, 2021
By Kimberly Underwood
Senior Airman Thomas Goodnoe, USAF, tactical network operations technician, 1st Combat Communications Squadron (l), and Staff Sgt. Darryl Terry, USAF, cyber transport supervisor, 1st CBCS, review their systems against their technical guides during a cybersecurity audit in 2017 at Ramstein Air Base, Germany. The Air Force has added a new detachment that will provide initial training to cybersecurity airmen before they reach their mission locations. Credit: U.S. Air Force photo/Staff Sgt. Timothy Moore

The Air Force has stood up the Cyber Security and Defense Formal Training Unit, or FTU, at Keesler Air Force Base. The new cyber education detachment will enable a more “streamlined training pipeline” for airmen to build their foundational cyber warfare capabilities for future service, joint and national responsibilities, leaders say.

January 27, 2021
Posted by Kimberly Underwood
As part of its cybersecurity and critical infrastructure protection role, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, or CISA, recently conducted a virtual exercise with Major League Baseball's Cactus League. Credit: Shutterstock/Debby Wong

This week, the cybersecurity arm of the U.S. Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, known as CISA, held a virtual exercise and preparedness event with Major League Baseball’s (MLB's) Cactus League. The event aimed to boost physical security and cybersecurity at training, practices and games this spring in Arizona, CISA reported.

September 11, 2020
By Kimberly Underwood
Once more of an operational and end-user experience tool, identity management has evolved to be a core aspect of cybersecurity, especially as part of zero trust architecture, say panelists Wednesday at the FedID conference.

The need to move away from a perimeter-based cybersecurity model—the moat and castle approach—to a cloud-enabled zero trust architecture—an underlying framework that essentially is like placing a security door in front of each and every application—is apparent. Similarly, identity, once mostly an operational and user experience-driven technology, has evolved to be a core aspect of cybersecurity, verifying a user in a network or activity, said Frank Briguglio, strategist, Global Public Sector, SailPoint.

June 2, 2020

Range Generation Next LLC, Sterling, Virginia, has been awarded a $13,941,843 cost-plus-fixed-fee modification (P000297) to contract FA8806-15-C-0001 for cyber hardened infrastructure support. This modification supports an increase in launch and test range requirements. The primary locations of performance are the Eastern Range, Patrick Air Force Base, Florida; and the Western Range, Vandenberg AFB, California. Work is expected to be completed Feb. 14, 2022. Fiscal 2020 operations and maintenance funds in the amount of $13,941,843 are being obligated at the time of award. The total cumulative face value is $1,210,861,882. Space and Missile Systems Center, Peterson AFB, Colorado, is the contracting activity.

April 2, 2020

Arlington, Virginia-based Shift5, Inc., signed a Cooperative Research and Development Agreement (CRADA) with the U.S. Army Combat Capabilities Development Command Ground Vehicle Systems Center (GVSC) in Warren, Michigan, the company announced on April 2. Under the CRADA, Shift5 will support the GVSC—which is the military's research and development facility for advanced technology in ground vehicle systems—by developing ​advanced cyber defense capabilites to protect such vehicles from cyber attacks. The technology developed by Shift5 will integrate, demonstrate, and validate cyber resiliency and inform cyber situational awareness prototype solutions to defend Army platforms from proof of concept cyber attacks, the company said.

November 1, 2019
By Kimberly Underwood
Cyber experts (l-r) Ray Letteer, Will Bush, Jean-Paul Bergeaux and Lisa Lee, discuss the risks of Internet of Things devices during AFCEA Quantico-Potomac’s Annual Cyber Security Panel event on October 31 at Marine Corps Base Quantico.

With the increase of available equipment that connects to the Internet, the military needs to address the associated cybersecurity risks. The Defense Department is lacking a comprehensive strategy of how to harness these so-called IoT devices, which could be based on existing cybersecurity frameworks, advised experts at an October 31 AFCEA Quantico-Potomac Chapter luncheon.

October 7, 2019
By Kimberly Underwood
Security experts warn companies not to think separately about possible intellectual property theft and cyber attack threats, as they could be one in the same. Credit: Shutterstock/Rawpixel 

The sophisticated nature of cyber attacks and intellectual property theft performed by adversaries is only increasing, as nation-state actors continue to mount attacks to gain valuable information from the United States, its military and private companies.

The blend of cyber and human espionage is what makes China particularly effective in mounting these kinds of attacks, said Mark Kelton, senior advisor, Chertoff Group and former senior executive of the CIA. The threats to U.S. intellectual property and digitally based assets are not slowing down anytime soon, stated Sean Berg, senior vice president and general manager, Global Governments and Critical Infrastructure, Forcepoint.

August 28, 2019

Packet Forensics LLC, Virginia Beach, Virginia, was awarded a $10,000,000 modification (P00004) to previously awarded HR0011-18-C-0056 for the Defense Advanced Research Projects Agency Harnessing Autonomy for Countering Cyberadversary Systems (HACCS) research project. The modification brings the total cumulative face value of the contract to $21,200,000 from $11,200,000. Work will be performed at Virginia Beach, Virginia, with an expected completion date of August 2020. Fiscal year 2019 research and development funds in the amount of $10,000,000 are being obligated at time of award. The Defense Advanced Research Projects Agency, Arlington, Virginia, is the contracting activity.


August 15, 2019

Sabre Systems Inc., Warrington, Pennsylvania, is awarded $42,999,468 for cost-plus-fixed-fee delivery order N68335-19-F-0533 against a previously issued basic ordering agreement (N68335-16-G-0022). This delivery order provides for the research and development of cyber resilient and full spectrum cyber warfare capabilities in support of the Integrated Battlespace Simulation and Test Department, Research, Development, Test and Evaluation Infrastructure Division. Work will be performed in Patuxent River, Maryland, and is expected to be completed in August 2024.

July 15, 2019
By Kimberly Underwood
The U.S. House of Representatives, led by Democrats, passes its version of the annual defense spending authorization bill, which will have to be ironed out with the Republican-led Senate. Credit: Shutterstock/Turtix

On Friday, the U.S. House of Representatives passed their version of the National Defense Authorization Act for Fiscal Year 2020, H.R. 2500, by a vote of 220-197. Known as the NDAA, the annual legislation authorizes policy measures for the Defense Department. It varies from the Senate’s bill, S. 1790—passed on June 28—which the two legislative bodies will have to reconcile before sending a final NDAA to the president.

April 25, 2019
By Kimberly Underwood
David Koh, a Singapore ministry official, confirms that cybersecurity is a top priority for his nation. Koh was a keynote speaker at the recent 8th Annual International Conference on Cyber Engagement hosted by the Atlantic Council, Dentons, Bank Polski and Texas A&M. Credit: Atlantic Council/Image Link

Singapore, in terms of size, is akin to an ant versus an elephant, said David Koh, commissioner of cybersecurity; chief executive, Cyber Security Agency, Singapore’s Prime Minister’s Office; and Defense Cyber Chief, Ministry of Defense of the Republic of Singapore. Nevertheless, the republic has put cybersecurity front and center. Even with only a population of about 5.9 million people—similar to the number of citizens in the Washington, D.C., area—Singapore is one the world’s most digitally connected cities, averaging two cellphones per citizen. 

February 11, 2019

Booz Allen Hamilton, McLean, Virginia, was awarded a $12,884,834 modification (P00006) to contract W91RUS-18-C-0024 for cybersecurity support services. Work will be performed in Fort Huachuca, Arizona, with an estimated completion date of September 2, 2029. Fiscal year 2019 operations and maintenance Army funds in the amount of $12,884,834 were obligated at the time of the award. U.S. Army Contracting Command, Aberdeen Proving Ground, Maryland, is the contracting activity.

October 30, 2018
By Kimberly Underwood
Experts at MILCOM consider the possibility of forecasting cyber attacks. Credit: Katie Helwig

Somewhere between “hype and hope,” experts posit that aspects of a cyber attack can be predicted. They caution that success so far has been limited. If it is possible, forecasting digital invasions in advance naturally could be an important capability.

The key is predicting with enough accuracy to be helpful and with sufficient lead time, experts shared at AFCEA International and the Institute of Electrical and Electronics Engineers’ (IEEE’s) MILCOM conference on October 29 in Los Angeles.

Malicious emails have been the more forecastable type of cyber attack, the experts said.

July 1, 2018
By Kimberly Underwood

The U.S. Department of Homeland Security’s Science and Technology Directorate is working to improve the resiliency of smartphones and other mobile technologies through directed research and development initiatives. Not as secure as office computers, mobile devices are becoming the preferred target for malicious actions by cyber adversaries. In many cases, smartphones, tablets and other electronic devices simply do not have the same protections available for more traditional computing technologies, experts say. The level of attacks also is moving “deeper down the mobile device stack,” from the application and mobile operating system layers to the hardware and infrastructure layers, according to the department.

July 1, 2018
By Kimberly Underwood

Aiming to accelerate the U.S. government’s use of secure mobile technologies, the Cyber Security Division (CSD) in the Department of Homeland Security (DHS) is pursuing several research and development (R&D) projects, among other efforts, that focus on two main areas: mobile device security and mobile application security. The projects and related vendors are working to improve device security:

June 18, 2018

ICF Inc. of Fairfax, Virginia, was awarded a $31,467,870 modification to an existing contract to support the Army Research Laboratory's Cyber Security Service Provider program. The work includes both research and development and defensive cyber operations amd will be performed in Adelphi, Maryland, with an estimated completion date of June 15, 2020. Fiscal year 2018 research, development, test and evaluation funds in the amount of $2,433,999 were obligated at the time of the award. U.S. Army Contracting Command, Aberdeen Proving Ground, Maryland, is the contracting activity.

October 6, 2010
By H. Mosher

This month, Linton Wells II drew his inspiration for Mission Assurance Moves to the Fore in Cyberspace from Deputy Secretary of Defense William J. Lynn III's recently published article, Defending a New Domain: The Pentagon's Cyberstrategy. Wells summarizes Lynn's strategy points, noting that taken on a whole they have a broader implication than just cyberdefense. It has more to do with mission assurance, he says:

August 27, 2010
By Beverly Schaeffer

Recognizing a threat is the first step to addressing it, and one way to do that is to track incongruities rather than just monitoring the status quo. In this issue of SIGNAL Magazine, Chris Sanders highlights an intrusion detection architecture that does just that. His article, "The Exception Becomes the Rule," focuses on how this system enables a rapid, flexible response to cyberthreats.

March 19, 2010
By H. Mosher

In "New Document Provides Framework for Interagency Data Sharing," Henry Kenyon describes a newly released document that sets common standards for data security and risk management: the NIST Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach (NIST SP-800-37).