As the Defense Information Services Agency (DISA) knows, a network that complies with standards is not necessarily secure. DISA’s new evaluation program, the Command Cyber Operational Readiness Inspection (CCORI), is designed to go beyond standards. Its goal is to provide site commanders and federal agencies an understanding of mission operational risks.
The U.S. Department of Homeland Security’s Transition to Practice (TTP) program tomorrow unveils to investors, developers and integrators eight cybersecurity technologies with commercial potential. The budding future capabilities, developed with federal funding, range from helping cyber analysts deal with data overload when filtering social media content to protecting power transmission infrastructure by detecting sensor failures or identifying cyber attacks in real time.
The crippling ransomware attack last week that paralyzed hospitals, universities and businesses globally was just a cyber appetizer, experts warn. The main dish is still to come.
"That was just a big warning," says Rick McElroy, a security strategist at Carbon Black, which develops endpoint cybersecurity software to detect malicious behavior. "If you weren't impacted by this one, something is going to come down the pike that's more advanced that you’re probably not prepared for. So start to build your defenses today to get out in front of this stuff.”
President Donald Trump on Thursday signed a much-anticipated cybersecurity executive order that lays out the government's path toward strengthening federal networks.
“The trend is going in the wrong direction in cyberspace and it’s time to stop that trend and reverse it on behalf of the American people,” Thomas Bossert, White House homeland security adviser, said Thursday afternoon while announcing details of the order. The government has noted an increase in the number of attacks from “allies, adversaries, primarily nation-states, but also non nation-state actors,” Bossert said during a televised White House briefing.
More than 245 companies, organizations and academic institutions are vying to develop machine analytics tools for the intelligence community in an open competition. The starting gun for this challenge went off in April, and a total prize purse of $500,000 awaits, including $270,000 for the top five performing teams. Another $230,000 will be awarded in additional categories.
Technological development has transformed U.S. Coast Guard networks into warfighting platforms as the service operates in a dramatically different realm, a senior leader says.
“That’s significant for us,” says Rear Adm. Kevin Lunday, USCG, commander of Coast Guard Cyber Command and assistant commandant for Command, Control, Communications, Computers and Information Technology (C4IT). “It’s really the first time we’re creating an operating force for a new domain—cyberspace—since we created operating forces for aviation over a century ago.”
Zipping past a Plan B for cyber defense solutions to the end of the alphabet, the U.S. Defense Department's research arm launched Plan X and advanced platforms to conduct and assess cyber warfare like kinetic warfare.
After five years of development by the Defense Advanced Research Projects Agency (DARPA), Plan X is scheduled to transition in September to the Army's Program Executive Office for Enterprise Information Systems (PEO EIS) Project Manager Installation Information Infrastructure–Communications and Capabilities (I3C2).
Editor’s note: Hugh Montgomery, the focus of this article, passed away April 6, just weeks after this SIGNAL interview.
It is just a matter of time before other countries face insider leaks similar to those that have haunted the American intelligence community, said Hugh Montgomery, a former U.S. diplomat and a pioneering intelligence officer who served for more than six decades.
A new U.S. Army cyber-based task force hit the ground running this week to do a deep-dive, Army-wide review and strategically assess the service’s cyber needs, strengths, weaknesses and assets, officials say. Task Force Cyber Strong is one tangible outcome from a new cyber directorate created in July to spearhead the convergence of cybersecurity and electronic warfare.
The U.S. Department of Homeland Security (DHS) has submitted a report to Congress that shows some good and bad news about the security of the government’s mobile device environment. "Threats to the mobile device ecosystem are growing, but also ... the security of mobile computing is improving,” said Dr. Robert Griffin, DHS acting undersecretary for science and technology, in a written announcement.
The White House has created a council charged with tackling federal information technology services. President Donald Trump signed the executive order that stands up the American Technology Council, or ATC, to "transform and modernize" federal IT.
The U.S. government is racing to identify technologies that will resist the threat from quantum computers, which will render today’s encryption obsolete.
They do not necessarily match the hero stereotype, but computer scientists improving methods of generating random numbers just may save the day when it comes to cybersecurity.
Scientists at the University of Texas at Austin have delivered a mathematical revelation that could bring a number of benefits, but improved encryption tops the list. Cybersecurity, of course, depends on encryption, which relies on random data. Although the world is full of randomness—a roll of the dice, a flip of a coin, a lottery drawing—randomness is not always equal. When studied over time, air temperatures and stock market results, for example, actually produce predictable patterns.
You might think that homomorphic cryptography, obfuscation techniques and privacy concerns have nothing in common. You would be mistaken.
The Defense Advanced Research Projects Agency (DARPA), a division of the U.S. Defense Department that creates breakthrough technologies, is advancing these complex but intrinsically connected concepts in a series of efforts that could alter the art of making and breaking code.
The U.S. Defense Department has initiated a market research effort to identify potential industry sources under a potential five-year, $325 million acquisition program for technical support services. The market research effort could potentially lead to a contract award this fiscal year.
As if facing down escalating terror, cyber and insider threats is not enough, private businesses are hamstrung by limited budgets that make choosing how and when to defend themselves more and more difficult. This rising cluster of threats demands intense security and substantial financial resources to protect people and assets.
The struggle is most pronounced in the homeland, where private parties own the majority of assets and critical infrastructure. Relying exclusively on the U.S. government for support is no longer an option—they must engage just as vigorously after an attack.
U.S. adversaries know they can exploit cyber vulnerabilities and are getting away with it with ease and on the cheap. This reality is as befuddling to officials as it is enraging, and it has some experts calling on the federal government to embrace a new defense approach: Put up or shut up.
Though the U.S. Defense Department has spent much time and money to protect high-value network assets such as emails from cyber intruders, the systems remain vulnerable to attacks. So imagine the weaknesses to systems that haven’t garnered as much defense attention or reinforcements, a senior official said.
“We have spent a lot of time—and have been very successful at—protecting our email information,” said Daryl Haegley, program manager for Business Enterprise Integration (BEI) in the Office of the Assistant Secretary of Defense for Energy, Installations and Environment. “But what about the control systems, manufacturing systems, facilities networks, medical devices? What we’re finding is ‘not so much.’
The Department of Homeland Security’s Science and Technology Directorate (S&T) announced the transition of Hyperion, a malware detection technology, to the commercial marketplace.
A new defensive cyberspace operations facility at Joint Base San Antonio will boost the 35th Intelligence Squadron’s ability to meet growing demands for analysis of intelligence coming from multiple sources. Although located in Texas, personnel at the Cyberspace Threat Intelligence Center (CTIC) will support operations worldwide.
In 2015, the squadron’s support to the defensive cyberspace operations community increased by more than 300 percent, which led to the need for a new facility, says Lt. Col. Matthew Castillo, USAF, commander, 35th Intelligence Squadron.