cyber

January 13, 2021
By Kimberly Underwood
Cybersecurity experts warn of possible growing cyber risks from domestic unrest. Credit: Shutterstock/Sergey Nivens

Officials in U.S. federal and state governments need to consider and address the possible cyber risks stemming from the current civilian unrest, cyber experts advise. Until now, the federal government, especially, has had a foreign intelligence focus, said Adm. Michael Rogers, USN (Ret.).

January 6, 2021
Posted by Julianne Simpson
Credit: Shutterstock/Aleksandar Malivuk

The Defense Digital Service (DDS) and HackerOne announced the launch of the DDS’s latest bug bounty program with HackerOne. It is the eleventh such program for DDS and HackerOne and the third with the U.S. Department of the Army.

Hack the Army 3.0 is a security test— time-bound and hacker-powered—aimed at revealing vulnerabilities so they can be resolved before they are exploited by adversaries. The bug bounty program will run from January 6, 2021, through February 17, 2021, and is open to both military and civilian participants.

January 1, 2021
By Kimberly Underwood
When the GAO performs cybersecurity-related audits and reports its findings, the watchdog provides key recommendations to agencies to improve their networks and information technology from risks. The GAO also follows up to see how an agency implemented those recommendations. Credit: Illustration by Chris D’Elia based on images from GAO Reports and lurri Motov/Shutterstock

It is no secret that the U.S. government is grappling with cybersecurity issues across its organizations and agencies. The good news is that the government has an auditing agency that investigates possible weaknesses or cybersecurity gaps and makes key recommendations to rectify problems: the U.S. Government Accountability Office, known as GAO.

January 1, 2021
By Lt. Col. (G.S.) Stefan Eisinger
Military and civilian personnel work hand in hand to tackle challenges in cyberspace. Credit: Bundeswehr

Germany, the United States and many other nations are facing a more diverse, complex, quickly evolving and demanding security environment than at any time since the end of the Cold War. The resulting challenges to national and international security and stability could be as harmful to societies, economies and institutions as conventional attacks.

December 30, 2020
By George I. Seffers
Army Sgt. Evan Tosunian (l) and Sgt. Allan Sosa, both assigned to the California Army National Guard’s 224th Sustainment Brigade, install single-channel ground and airborne radio systems in a Humvee at the National Guard armory in Long Beach, California, in May. The Army’s standardized, reprogrammable encryption chip known as RESCUE will help secure communications for radios, computers, unmanned vehicles and other systems. Credit: Army Staff Sgt. Matthew Ramelb, California Army National Guard

The U.S. Army’s universal, reprogrammable encryption chip is in final testing and may be destined for the service’s next-generation encryption fill device, other military services or possibly even the commercial sector.

The REprogrammable Single Chip Universal Encryptor (RESCUE) technology was developed to be a government-owned, general-purpose cryptographic module and architecture that is highly tailorable to counter emerging cryptographic threats. It uses standardized encryption algorithms designed by the National Security Agency (NSA) and the National Institute for Standards and Technology.

January 1, 2021
By Jennifer Zbozny
Roderick Wilson performs a scan to ensure all computer equipment on the installation has the proper operating system and software patches installed at Anniston Army Depot. Credit: Jennifer Bacchus

The U.S. Army upped the tempo when Gen. Mark Milley, USA, fired off his first message to the force in August 2015 as the newly sworn-in Army Chief of Staff: “Readiness for ground combat is—and will remain—the U.S. Army’s No. 1 priority.” Today, Gen. Milley is the chairman, Joint Chiefs of Staff, and the Army has rebuilt its tactical readiness through a transformational process that it is now expanding to focus on strategic readiness.

January 1, 2021
By M.D. Miller
When people around the world are communicating, they must use precise terms to ensure they are referring to the same topics, problems, results and solutions. Credit: Shutterstock/Rawpixel.com

Emerging technology, state actors such as Russia and China, and nonstate actors including ISIS, are often quoted as some of the greatest threats to computer and network security. But before the United States can engage with these threats effectively, the war against words must take place.

One place to start is by eliminating the word “cyber” as a descriptor. The term has been used and overused, manipulated and exploited so many times and in so many places, it has become meaningless. What individuals or organizations mean or want when they use it is impossible to say. It’s time to scrap the word altogether and instead specify technical concepts at a more granular level.

December 23, 2020
By Harvey Boulter
Shutterstock/Thitichaya Yajampa

Experts have issued fresh warnings to U.S. citizens over the enormous amount of sensitive, personal information being routinely captured and commoditized, and that this same information is being weaponized by the country’s adversaries. A panel at the recent AFCEA TechNet Cyber conference highlighted that data gathering by Facebook, WhatsApp and Google presents a significant risk to both individuals and the nation.

December 17, 2020
Posted by Kimberly Underwood
The extent of the global cyber attack by purported Russian threat actors has the U.S. government forming a new group to provide a coordinated response. Credit: Shutterstock/Alexander Limbach

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA, reported yesterday that the Federal Bureau of Investigation, the Office of the Director of Intelligence and CISA itself had created a Cyber Unified Coordination Group. The move was necessary given the alarming cyber compromise, a Trojan-style attack by threat-actor UNC2452 with ties to Russia. The attack, identified by FireEye, reached North American, European, Asian and Middle Eastern governments, technology firms, telecommunications, consulting companies and other entities, the company said. 

December 4, 2020
By George I. Seffers
With U.S. adversaries expected to be using quantum computing technologies in the next several years, officials at the Defense Information Systems Agency are exploring quantum-resistant technologies.Credit: metamorworks/Shutterstock

Because U.S. adversaries likely will be able to use quantum computers within the next several years, Defense Information Systems Agency (DISA) officials are beginning to explore quantum-resistant technologies and the role the agency might play in developing or deploying those technologies.

December 2, 2020
By George I. Seffers
The vast troves of personal data on U.S. citizens are now being weaponized by foreign adversaries, panelists warn.at TechNet Cyber. Credit: Meranna/Shutterstock

Massive amounts of sensitive information on U.S. citizens are being collected, created, shared, bought and sold, and in some cases used as a weapon by the country’s adversaries, according to a panel of experts speaking at the AFCEA TechNet Cyber conference, a virtual event held December 1-3.

The information is gathered and sold by companies such as Facebook and Google and the producers of a wide range of applications, programs and technologies. 

December 3, 2020
By Robert K. Ackerman
A Prandtl-M prototype is air launched by a Carbon Cub aircraft in a NASA test to simulate the flight conditions of the Martian atmosphere. The conventional aircraft in the Earth’s atmosphere is used to test a prototype interplanetary probe to glean knowledge that would be applied millions of miles distant. Credit: NASA imagery

Amassing data serves little purpose if it is not processed into knowledge, and that knowledge is largely wasted if leaders don’t understand what they have and how it can best be used.

That was just part of the message on empowering knowledge delivered by a NASA expert on the second day of TechNet Cyber 2020, AFCEA’s virtual event held December 1-3. Tiffany Smith, chief knowledge officer and information technology manager in NASA’s Aeronautics Research Mission Directorate, emphasized the importance of understanding both the knowledge at hand, knowledge priorities and the people who will exploit that knowledge to the fullest.

December 2, 2020
By Robert K. Ackerman
Credit: metamorworks/Shutterstock

Innovative ideas may hold the key to thwarting cyber adversaries emboldened by opportunities offered in the COVID-19 pandemic. And, the source of these innovative approaches may be diverse personnel who break the mold of conventional cybersecurity professionals.

December 2, 2020
By Robert K. Ackerman
Brig. Gen. Paul Fredenburgh III, USA, is the deputy commander, JFHQ-DODIN.

The Joint Force Headquarters-Department of Defense Information Network (JFHQ-DODIN) is partnering with a broad base of national security organizations and industry to counter an increasing threat to U.S. forces and their operations worldwide. The JFHQ-DODIN seeks to meet this challenge with four primary focus areas that include new technologies such as automation to move data, hone commanders’ information and defend the network.

December 1, 2020
By George I. Seffers
While human cyborgs may still be the stuff of science fiction, the science may be a little closer to reality following breakthroughs in materials used for neural links and other implants that offer a wide array of benefits, including potential medical advances. Credit: Ociacia/Shutterstock

Electronic implants in the brain or other parts of the body may be more efficient and effective due to a recent breakthrough by researchers at the University of Delaware. The advance potentially offers a wide array of biotechnology benefits and could also allow humans to control unmanned vehicles and other technologies with the brain.

December 1, 2020
By George I. Seffers
The Defense Information Systems Agency and the Joint Artificial Intelligence Center are collaborating on an artificial intelligence tool to enhance cybersecurity for the Defense Department. Credit: Titima Ongkantong/Shutterstock

The U.S. Defense Department is developing a machine learning tool that can more quickly detect cyber intrusions and enable a more rapid response.

December 1, 2020
By Robert K. Ackerman
A U.S. Army infantryman radios his situation report during an exercise. Future defense communications systems are likely to be smaller and more comprehensive as the military and industry collaborate on new information technology capabilities that help the warfighter in the battlespace. Credit: Capt. Lindsay Roman, USA

Speed will be the order of the day for military information systems as new technologies incorporate breakthrough innovations. Hardware also will transform as capabilities grow in influence. But above all, the entire defense information system community is undergoing major cultural changes spawned by a combination of innovation and disease.

November 23, 2020
By Kimberly Underwood
The Air Force's new initiative, Operation Flamethrower, is meant to aggressively get rid of legacy policies, processes and equipment that are not effective. Credit: Shutterstock/Mack Pansuwan

The U.S. Air Force, led by Brig. Gen. Chad Raduege, USAF, the Air Combat Command’s A-6, along with Deputy Chief Information Officer Lauren Knausenberger, is pursuing Operation Flamethrower, an aggressive project to abandon legacy network-related policies, processes or equipment that are not working. The tongue-in-cheek name of the effort is meant to illuminate the nature in which leaders will eliminate ineffective or redundant components in order to drive innovation.

“We are ruthlessly going after these things and setting them on fire,” Knausenberger said.

November 18, 2020
By Kimberly Underwood
The Air Combat Command conducted successful cyber red team and penetration testing of its emerging cloud-enabled zero trust architecture, reports Lt. Gen. Chris Weggeman, USAF, speaking virtually on November 17 during the AFCEA Alamo Chapter's annual ACE conference.

The U.S. Air Force is on track to provisionally stand up its first and only Spectrum Warfare Wing (SWW)— known as the 350th SWW—this spring. The organization will be responsible for electronic warfare and so-called electromagnetic spectrum missionware. The 350th SWW’s role will run the gamut of providing such capabilities along the development, hosting, integration, testing and distribution phases, reported Lt. Gen. Chris Weggeman, USAF, deputy commander, Air Combat Command (ACC).

November 17, 2020
By Robert K. Ackerman
Credit: Shutterstock/VideoFlow

Adversaries are stepping up their efforts to exfiltrate information and weaken the U.S. supply chain through cyberspace. These efforts aim to both wreck the country from within and strengthen the hand of the adversary wielding the digital sword, according to a U.S. government official.

New government security measures are designed with these challenges in mind, and they can help secure targeted small businesses. The Cybersecurity Maturity Model Certification (CMMC), which is rolling out, is designed to help mitigate the effects of adversarial activities in cyberspace.

November 17, 2020
By Gregory Touhill and Arthur Friedman
Online privacy poses concerns for U.S. national security, businesses and private citizens. Credit: mtkang/Shutterstock

As the United States enters the third decade of the 21st century, our nation faces growing and rapidly evolving threats to our information technology, infrastructure, networks and data. Indeed, the ever-present threat of cyber attacks is one of the most significant challenges we face, impacting economic, political, societal and national security concerns. This ever-present threat touches every corner of our economy and every level of our government, from municipalities and school districts to state election databases to the Internal Revenue Service, Office of Personnel Management and the Defense Department.

November 16, 2020
By Julianne Simpson
Credit: Shutterstock/FoxyImage

Building on the success of the inaugural June issue of SIGNAL Kids, AFCEA is proud to report the second issue will be released in December. The focus of the issue is cybersecurity, featuring an international section and an interview with a chief architect from the Naval Information Warfare Center.

The first issue was viewed by more than 13,000 readers and downloaded almost 200 times. AFCEA has long been committed to STEM learning and, especially in the time of COVID-19 when virtual learning is the new normal, is pleased to provide this additional resource to parents and educators.

November 9, 2020
By George I. Seffers
Leaders help their teams turn big ideas into diamonds, says Vice Adm. Nancy Norton, USN, DISA director and commander, JFHQ-DODIN. Credit: CoreDESIGN/Shutterstock

It is not necessary for a leader to be the most brilliant person in an organization but to foster innovation and ensure those with big ideas are given opportunities to succeed, according to Vice Adm. Nancy Norton, USN, the Defense Information Systems Agency (DISA) director and the commander for the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN).

November 6, 2020
 

STS Systems Support LLC, San Antonio, Texas, has been awarded a $21,040,702 firm-fixed-price contract for 67th Cyberspace Wing operations support services. Work will be performed at Joint Base San Antonio (JBSA) - Lackland, Texas, and is expected to be completed November 30, 2021. Fiscal year 2021 operation and maintenance funds in the amount of $1,897,325 are being obligated at the time of award. The Acquisition Management and Integration Center, JBSA-Lackland, Texas, is the contracting activity (FA7037-21-F-0003).

November 6, 2020
By George I. Seffers
The Defense Information Systems Agency provides a wide array of communications support for warfighters around the globe, including modernized electromagnetic spectrum operations tools and intelligence, surveillance and reconnaissance systems. Credit: U.S. Defense Department Photo/Gunnery Sgt. Ezekiel Kitandwe

Despite the global pandemic, the Defense Information Systems Agency (DISA) has never stopped providing warfighters with critical connections needed to conduct multidomain warfare and never let up on the daily battles in cyberspace, says Vice Adm. Nancy Norton, USN, the agency’s director and the commander of Joint Forces Headquarters for the Department of Defense Information Systems Network.

Adm. Norton made the comments during an AFCEA TechNet Cyber webinar on November 5. The webinar is part of a series of webinars leading up to the TechNet Cyber conference scheduled for December 1-3.

November 4, 2020
By Kimberly Underwood
Cybersecurity officials reporter few cyber attack interruptions on Election Day. Credit: Shutterstock/vesperstock

Despite attempts from adversaries such as China, Iran and Russia to compromise voting on America’s Election Day, the election system worked well, even with the record levels of voting, reported senior officials with the U.S. Department of Homeland Security’s (DHS’) Cybersecurity and Infrastructure Security Agency (CISA). The cybersecurity concerns now move to protecting the final vote counting, canvasing, auditing, certification and inauguration phases.

November 1, 2020
By Kimberly Underwood
U.S. Air Force airmen monitor computers in support of the Advanced Battle Management System Onramp 2 exercise in September at Joint Base Andrews, Maryland. The military held multiple exercises this fall that proved some of the initial concepts of joint warfighting across all domains. Credit: Air Force photo by Senior Airman Daniel Hernandez

The U.S. military is rapidly pursuing Joint All-Domain Command and Control, known as JADC2, as a way to confront near-peer adversaries China, Russia and other nations. The effort requires innovative computing, software and advanced data processing; emerging technologies such as artificial intelligence, cloud and 5G communications; along with integration of the military’s existing legacy systems. Leaders have learned that to fully implement JADC2, they have to shed some of the military’s old practices.

November 1, 2020
By George I. Seffers
Soldiers assigned to 1st Stryker Brigade Combat Team use satellite communication systems at the National Training Center, Fort Irwin, California, in March. Next summer, the Army intends to take its premier command, control, communications, cyber, intelligence, surveillance and reconnaissance experiment to the Indo-Pacific theater. It will mark the service’s first full-sized technology development experiment in a combat theater. Credit: U.S. Army/Pfc. Rosio Najera

When the U.S. Army conducts its Multi-Domain Operations Live experiment in the Indo-Pacific region next year, it will mark the first time the service has undertaken a full-scale technology development experiment in a combat theater. The goal is to assess technologies under the same conditions they will face in times of war, rather than in a stateside setting.

November 1, 2020
By Nicholas A. Strnad and Lt. Col. Elizabeth Agapios, USA
Army scientists explore materials at the nanolevel with the goal of finding stronger or more heat-resistant properties to support the Army of the future. Credit: U.S. Army photo by David McNallyArmy scientists explore materials at the nanolevel with the goal of finding stronger or more heat-resistant properties to support the Army of the future. Credit: U.S. Army photo by David McNally

Nanotechnology continues its march through the field of electronics, enabling faster and more energy-efficient computer processors, larger computer memory density and increased battery capacity. These ever-shrinking micro and nanodevices require advanced manufacturing methods to produce. Atomic-scale processing refers to a collection of these methods that may be used to deposit and remove material at the smallest scales, a single atomic layer at a time.

October 27, 2020
 

Information management is an integral part of any military operation, and in today’s operations, technology is a common tool used to facilitate a shared understanding of intel. A growing trend for military bases is to install large format direct-view LED video walls in locations like command centers, control rooms and briefing rooms to show an integrated big picture of data feeds and video feeds critical to decision-making during the mission. As global cyber threats increase and the Department of Defense ramps up expectations for cybersecurity, the manufacturing location for any technology systems which send and receive signals is a forefront concern for equipment installations for the military and government.

October 27, 2020
By George I. Seffers
Staff Sgt. Keila Peters, USA, an embedded noncommissioned officer within the Army C5ISR Center, conducts testing on equipment for the command post survivability effort during Network Modernization Experiment 20 at Joint Base McGuire-Dix-Lakehurst, New Jersey, July 27, 2020. The Army's new deputy chief of staff for G6 has laid out three pillars for his restructured office that include cyber, signal, electronic warfare and networking priorities. Credit: U.S. Army C5ISR Center photo/Jasmyne Douglas

During an October 27 telephonic roundtable discussion with reporters, Lt. Gen. John Morrison, USA, Army Deputy Chief of Staff, G-6, revealed four pillars for the restructured office. They include building a unified network; posturing signal, cyber and electronic warfare forces for multidomain operations; reforming and operationalizing cybersecurity processes; and driving effective and efficient network and cyber investments.

October 26, 2020
By Robert K. Ackerman
Credit: Shutterstock/greenbutterfly with elements from NASA

Traditional institutions are falling by the wayside as technologies and geopolitics undergo multiple revolutions. Political parties, global relations, sociological structures and education all are changing shape as a tsunami of new trends overwhelms traditional ways and means.

The result of these changes is that formerly disparate disciplines are becoming more interconnected than before. Digitization has become a common thread throughout all, but other factors have created symbiotic relationships that must be taken into account as humankind meets the challenges emerging in this new era.

October 23, 2020
By George I. Seffers
C5ISR Center electronics engineer Michelle Moore studies vehicle positions while evaluating the Blue Force Tracking Resiliency effort during Network Modernization Experiment 20 at Joint Base McGuire-Dix-Lakehurst, New Jersey, September 29. The experiment also included autonomous agents monitoring the network. Credit: U.S. Army C5ISR Center photo/Jenna Mozeyko

The recently completed Network Modernization Experiment (NetModX) included an army of autonomous agents unleashed in defense of the network and in some cases also protected other artificial intelligence (AI) technologies.

NetModX is a science and technology experiment held July 20-October 2 at Joint Base McGuire-Dix-Lakehurst, New Jersey. The science and technology experiment provides lessons learned for Army acquisition decisions, science and technology specifications, requirements and strategies necessary to modernize the force. Systems that performed well this year might ultimately end up in the Army’s arsenal as part of the capability sets to be fielded in 2023 and 2025.

October 22, 2020
By Julianne Simpson
Katie Arrington, chief information security officer for Acquisition and Sustainment, U.S. Department of Defense, says there’s no point in developing software if it’s not secure, during a webinar on securing the federal software supply chain.

Anyone moving through the ecosystem of software development and cyber over the last few decades has heard cool words to describe it: Waterfall, Cobalt, Agile, DevOps and now DevSecOps.

DevSecOps may be the latest term but the idea behind it remains constant: Security should be a priority from the start.

October 21, 2020
By Kimberly Underwood
From l-r, U. S. Army Sgt. Cody Conklin of the 4th Infantry Division from Ft. Carson, Colorado, and Sgt. Carl Higgins, USA, of the Intelligence, Information, Cyber, Electronic Warfare and Space, or I2CEWS, formation from Joint Base Lewis McCord, WA, detect and mitigate adversarial radio signals during Cyber Blitz 19. The I2CEWS have made good progress since then, in integrating advanced capabilities for multidomain operations. Credit: U.S. Army Combat Capabilities Development Command by Edric Thompson

The U.S. Army continues to improve the cyberspace and electronic warfare capabilities of its soldiers. A key part of this effort are the changes the service is making to its Cyber Corps formations, and how they organize and add cyberspace and electronic warfare (EW) personnel to their ranks, said Brig. Gen. Paul Craft, USA, chief of cyber and commandant of the U.S. Army Cyber School headquartered at Fort Gordon, Georgia.

October 16, 2020
By Robert K. Ackerman
Credit: Shutterstock/Aleksandar Malivuk

In addition to institutions such as NATO and the European Union (EU), one of the biggest players in North Atlantic defense is data, say European experts. Yet, nations often overlook the lessons generated by the private sector and not always pursuing effective investments in military information technology.

Those points were discussed at the AFCEA Europe Joint Support and Enabling Command (JSEC) virtual event in late September. Maj. Gen. Erich Staudacher, GEAF (Ret.), AFCEA Europe general manager, offered that data increasingly sprawls into military mobility. He recited an old Latin saying that navigation is necessary, all the more in this sea of data.

October 1, 2020
By Robert Hoffman
Marines with Marine Corps Forces Cyberspace Command work in the cyber operations center at Lasswell Hall, Fort Meade, Maryland. MARFORCYBER Marines conduct offensive and defensive cyber operations in support of U.S. Cyber Command and operate, secure and defend the Marine Corps Enterprise Network. Credit: Staff Sgt. Jacob Osborne, USMC

Automation software tools are being under-utilized, especially in the U.S. Defense Department. While the department has purchased and used automated scanning tools for security and compliance, it has been slow to adopt automation for many other tasks that would benefit from the capability, such as easing software deployment and standardization and, once developed, increasing the speed of overall automation.

October 1, 2020
By Kimberly Underwood
As the deadly COVID-19 virus spread around the world, so did the attacks from malicious cyber actors, taking advantage of the unsure times, say experts from leading cybersecurity firms. Credit: Shutterstock/VK Studio

While the world was facing the rapid and deadly spread of the severe acute respiratory syndrome coronavirus 2, most commonly known as COVID-19, malicious cyber attackers were also at work, increasing the number of attacks, switching methods, taking advantage of the boom in Internet, network and email users, and playing on fears during the uncertain time, cybersecurity experts say. Companies struggling to maintain operations are still leaving gaps in digital security, they warn.

October 7, 2020
By Ray Rothrock
Just like basic personal hygiene during a pandemic, practicing cyber fundamentals comes down to the individual and consistency. Photo credit: vientocuatroestudio/Shutterstock

When it comes to nefarious deeds, the COVID-19 pandemic has been a gold mine for bad actors. In addition to wreaking havoc for individuals and healthcare organizations, federal agencies are also prime targets. Case in point: a portion of the Department of Health and Human Services’ (HHS) website was recently compromised, in what appears to be a part of an online COVID-19 disinformation campaign. 

In a time of heightened cyber risk and limited human and fiscal resources, how can agencies protect their networks from malicious actors by taking a page from the COVID playbook? They can diligently practice good (cyber) hygiene.

In fact, there is a direct correlation between personal and cyber hygiene.

October 1, 2020
By Kimberly Underwood
To roll out a massive cloud project of electronic health records in 93 days during the beginning of the pandemic required a team of teams from the Program Executive Office Defense Healthcare Management Systems and other organizations.  PEO DHMS

Facing a pandemic and an aging legacy medical record system with limited data storage capacity at an on-premise data center in Charleston, South Carolina, the Enterprise Intelligence & Data Solutions (EIDS) team, sprang into action to complete a game-changing cloud migration project. The effort, called the Accelerated Migration Project, or AMP, moved petabytes of secondary healthcare data and related applications to the cloud. The project digitally transforms access to U.S. Defense Department medical records and offers better data analytics and more reliable information discovery, driving improved outcomes in patient care and business operations, experts say.

October 1, 2020
By Joseph Mitola III
Senior Airman Daniel M. Davis, USAF, 9th Communications Squadron information system security officer, looks at a computer in the cybersecurity office on Beale Air Force Base. Cybersecurity airmen must manage more than 1,100 controls to maintain the risk management framework. Credit: U.S. Air Force photo by Airman Jason W. Cochran

Users need to transition all networked computing from the commercial central processing unit addiction to pure dataflow for architecturally safe voting machines, online banking, websites, electric power grids, tactical radios and nuclear bombs. Systems engineering pure dataflow into communications and electronic systems can protect them. The solutions to this challenge are in the users’ hands but are slipping through their fingers. Instead, they should grab the opportunity to zeroize network attack surfaces.

October 1, 2020
By Dirk W. Olliges
Leslie Bryant, civilian personnel office staffing chief, demonstrates how to give fingerprints to Jayme Alexander, Airmen and Family Readiness Center casualty assistance representative selectee. Although requiring fingerprints to access information is better than single-factor identification verification, it should be part of a multifactor authentication approach. Credit: 2nd Lt. Benjamin Aronson, USAF

The two-factor authentication schema is often heralded as the silver bullet to safeguard online accounts and the way forward to relegate authentication attacks to the history books. However, news reports of a phishing attack targeting authentication data, defeating the benefits of the protection method, have weakened confidence in the approach. Furthermore, hackers have targeted account recovery systems to reset account settings, yet again mitigating its effectiveness. Facilitating additional layers of security is crucial to bolstering user account protection and privacy today and into the future.

September 29, 2020
 

The ability to perform data science at the edge is growing increasingly important for organizations across the public sector. From smart traffic cameras to hospitals using data processing for faster diagnosis and warfighters leveraging data in theater, the need to derive actionable intelligence at the edge has never been greater.

Gartner researchers predict that by 2025 three quarters of enterprise-generated data will be created and processed at the edge, outside of a traditional data center or cloud. Fulfilling the promise of real-time edge data processing and analysis requires significant intelligence and computational horsepower that’s close to the action.

September 29, 2020
By Ned Miller, Chief Technical Strategist, McAfee U.S. Public Sector

Over the last few months, Zero Trust Architecture (ZTA) conversations have been top-of-mind across the DoD. We have been hearing the chatter during industry events all while sharing conflicting interpretations and using various definitions. In a sense, there is an uncertainty around how the security model can and should work. From the chatter, one thing is clear—we need more time. Time to settle in on just how quickly mission owners can classify a comprehensive and all-inclusive acceptable definition of Zero Trust Architecture.

September 25, 2020
By Maryann Lawlor
Enterprisewide Risk Management (ERM) consists of the formal identification of major risks to the organization’s mission.

Cybersecurity is now a significant area of focus and concern for senior leaders who have witnessed cyber events that have resulted in significant financial and reputational damage. However, for many organizations, data defense continues to be a technology-focused effort managed by the technical “wizards.” Board of director discussions often zero in on describing the latest cyber threats rather than taking a long-range approach.

But cybersecurity is more than a technical challenge. Enterprise risk management (ERM) is an effective tool to assess risks, including those with cyber origins, but few businesses or agencies use the technique for this purpose, cyber experts assert.

September 11, 2020
By Kimberly Underwood
Once more of an operational and end-user experience tool, identity management has evolved to be a core aspect of cybersecurity, especially as part of zero trust architecture, say panelists Wednesday at the FedID conference.

The need to move away from a perimeter-based cybersecurity model—the moat and castle approach—to a cloud-enabled zero trust architecture—an underlying framework that essentially is like placing a security door in front of each and every application—is apparent. Similarly, identity, once mostly an operational and user experience-driven technology, has evolved to be a core aspect of cybersecurity, verifying a user in a network or activity, said Frank Briguglio, strategist, Global Public Sector, SailPoint.

September 3, 2020
By Shaun Waterman
Photo credit: Pixabay

The global economy—and especially more technologically advanced countries like the United States—are increasingly dependent on space-based capabilities like GPS and satellite communications.

“When considering our daily lives,” explained retired Canadian Gen. Robert Mazzolin, now chief cybersecurity strategist for the Rhea Group, a global engineering firm. “There’s not an operation or activity that’s conducted anywhere at any level that’s not somehow dependent on space capabilities,” he went on.

September 9, 2020
 

Federal agencies and especially the DOD are quickly embracing cloud computing for many IT requirements. Traditional computing paradigms are giving way to distributed computing that is fundamental to the dynamic and ephemeral cloud environment.

At the same time, the user base is also becoming much more distributed, particularly in this era of increased remote work. Teams of globally dispersed personnel from the DOD, partner organizations and even supporting contractors are now regularly leveraging the cloud to share information critical to mission fulfillment.

September 9, 2020
By Shaun Waterman
A GPS III satellite circles the earth. Photo Credit: United States Government, GPS.Gov

​​On both sides of the Atlantic, NATO and European leaders are struggling to address the threat posed to vital space systems by foreign hackers, cyber warfare and online espionage. Huge swathes of the global economy are utterly dependent on orbital capabilities like GPS that look increasingly fragile as space becomes more crowded and contested.

September 1, 2020
By George I. Seffers
Unmanned aircraft have proved immensely valuable to the military and to intelligence agencies, but they are sometimes too noisy for stealthy reconnaissance. The Intelligence Advanced Research Projects Activity is developing a silent and miniature aerial drone known as the Little Horned Owl. Credit: U.S. Defense Department photo by Petty Officer 3rd Class Jeffrey S. Viano, U.S. Navy

The cloud computing infrastructure at the Intelligence Advanced Research Projects Activity allowed the organization to pivot to a new teleworking norm during the pandemic that’s not much different than the old norm. The organization has conducted business as usual, hiring program managers, adding office directors, creating and killing programs, and continuing to meet the intelligence community’s technology needs.

Catherine Marsh, director of the Intelligence Advanced Research Projects Activity, known as IARPA, was told on March 12 to “lean forward,” and she did, allowing almost the entire staff to telecommute beginning the next day. Even contractors work from home legally, securely and effectively.