This month, Linton Wells II drew his inspiration for Mission Assurance Moves to the Fore in Cyberspace from Deputy Secretary of Defense William J. Lynn III's recently published article, Defending a New Domain: The Pentagon's Cyberstrategy. Wells summarizes Lynn's strategy points, noting that taken on a whole they have a broader implication than just cyberdefense. It has more to do with mission assurance, he says:
In less than 30 days, the U.S. Defense Department will dish out 11 prizes for innovative solutions to real-world challenges facing digital forensics examiners. And it's not too late to join the fight against cyber crime. Submissions for the 2010 Defense Department Cyber Crime Center (DC3) Digital Forensics Challenge will be accepted until November 2.
Northrop Grumman Corporation has been awarded a potential $2.63 billion task order by the U.S. General Services Administration to install a campus-wide information technology infrastructure for secure communications and operations at the U.S. Department of Homeland Security (DHS) St. Elizabeths headquarters in Washington, D.C. Northrop Grumman will design, install, test, operate and maintain a seamless, integrated and secure information technology solution throughout the DHS consolidated headquarters campus.
BAE Systems National Security Solutions, BAE Systems Advanced Information Technologies, Burlington, Massachusetts, was recently awarded a $21 million contract to design a new computer system that is highly resistant to cyber attack, is resilient in that it continues to render useful services in the face of attacks and faults, and can repair itself. The U.S. Air Force Research Laboratory, Wright-Patterson Air Force Base, Ohio, is the contracting activity.
Adventium Enterprise Limited Liability Company, Minneapolis, Minnesota, was awarded a nearly $24 million contract to develop a trusted virtual cyber defender that meets the technical, logistic, and economic constraints presented by the U.S. Air Force computing infrastructure. Air Force Research Laboratory, Rome, New York, is the contracting activity.
SRC Incorporated recently received a contract from the Department of Homeland Security's Immigration and Customs Enforcement (DHS-ICE) agency with a potential value of nearly $42 million to establish and maintain a Security Operations Center to help protect critical information technology infrastructure. This contract will enable ICE to monitor its information technology assets 24 hours a day and evaluate and respond to cyber security threats. SRC will lead a team to provide innovative cybersecurity solutions, process improvement strategies and best-of-breed technologies for ICE.
SRC Incorporated, formerly Syracuse Research Corporation, announced it has been awarded a contract from the Department of Homeland Security's Immigration and Customs Enforcement investigative agency with a potential value of nearly $42 million to establish and maintain a Security Operations Center to help protect critical information technology infrastructure. SRC will lead a team to provide innovative cybersecurity solutions, process improvement strategies and best-of-breed technologies.
ManTech International Corporation announced today that it received a new contract to support the U.S. Department of Agriculture Office of the Chief Information Officer, Agriculture Security Operations Center. ManTech will provide continous incident handling and strategic support to help detect and report malicious cyber activities on the agency's enterprise information infrastructure. The contract is estimated to be worth nearly $11 million.
Part 2 of 2
Defense Department IT budgets are now fully mortgaged to support ongoing operations and maintenance, while most large development funds are still paying for continuation of programs that were started years ago. With regard to the concerns I've raised in my previous post, here are some ideas on what should be done:
First of two parts.
According to Air Force LTG William Lord, 85 percent of cyberoperations are in defense. That being the case, How should the Defense Department protect its network and computer assets? A 2009 RAND Corporation report on cyberdeterrence asserts "...most of the effort to defend systems is inevitably the ambit of everyday system administrators and with the reinforcement of user vigilance." The report also states "...the nuts and bolts of cyberdefense are reasonably well understood."
Scalable Network Technologies Incorporated was recently awarded a project from the U.S. Defense Department's Test & Evaluation/Science & Technology Program for project StealthNet, which will provide a real-time, hardware-in-the-loop capability for simulation of cyber threats to the entire net-centric infrastructure. StealthNet is designed to address an existing gap in the Defense Department's testing infrastructure to realistically test the vulnerabilities and resilience of friendly force communications against sophisticated cyber attacks.
Kratos Defense & Security Solutions, Inc., has announced new contract awards for its flagship network management and situational awareness products, NeuralStar and dopplerVUE, from two unnamed U.S. national security and defense-focused agencies. NeuralStar is an enterprise-class information management solution that integrates data across distributed networks, and dopplerVUE is a network monitoring and management tool that brings enterprise-grade features to field and tactical networks of any size.
It's rare that an audience of industry and service members at all ranks get the chance to hear first hand from the first of a kind. But that was the case after eating lunch on Wednesday of WEST 2010. Vice Adm. Jack Dorsett, USN, the Navy's first N2/N6 may have begun his speech by wondering why he was among other high-ranking military experts at the conference, but he followed through with revealing the latest approaches the Navy is taking to achieve information dominance. The Navy is developing new mini-road maps of sorts that address nearly a dozen topics, including undersea dominance, maritime ballistic C2 and improved maritime domain awareness.
Researchers at the Georgia Institute of Technology are investigating so-called side channel signals, low-level emissions from a computer that could allow savvy cyber attackers to illegally access information. By learning more about the signals, researchers may be one day be able to help mitigate the threat.
The Georgia Tech team has developed an algorithm for measuring the strength of the leaks, which will help prioritize security efforts. They now are studying smartphone emissions, which they say may be even more vulnerable. So far, they have looked only at Android devices.
The private and financial sectors are pressing for better governmental answers to the costly cybersecurity challenges still plaguing the nation. They want the White House to create, as a minimum first step, an interagency or oversight group to facilitate information sharing. This small step is seen as a critical link between industry and government to organizing the fragmented cybersecurity efforts needed to quash mounting attacks.
While federal efforts abound, they are coordinated haphazardly, with gaps and no overarching governance—in spite of a preponderance of existing documents, plans, regulations and actions, according to experts.
Adm. Michael Rogers, USN, who leads both the National Security Agency and U.S. Cyber Command, predicts a damaging attack to critical infrastructure networks within the coming years. If an attack happens, the agency and Cyber Command will coordinate a response along with other government agencies and potentially the private sector organizations that own many of the networks.
Article updated December 3, 2014.
With a number of uncertainties coloring their activities, officials at the U.S. Army’s Communications-Electronics Research, Development and Engineering Center are preparing their program objective memorandum, laying out several key projects and goals for the coming years. The leaders are calibrating efforts to align with expected congressional funding as well as with the capabilities soldiers require for mission success.
The U.S. Navy’s Task Force Cyber Awakening, which was established in July, is expected to deliver its first report to the service’s leadership this month, task force officials say. The report will include recommendations for improving the service’s cyber posture, both ashore and afloat.
The U.S. Defense Information Systems Agency is being tasked with an operational role in the cyber domain, namely network defense. The new role creates a formal relationship between the agency, U.S. Cyber Command and the military services; integrates network operations and defense; and should ultimately improve security.