SIGNAL Media Blog

December 10, 2018
By Paul Parker
The U.S. defense community is buzzing about open source containers, but the technology presents security concerns. Credit: TheDigitalArtist/Pixabay

Open source containers, which isolate applications from the host system, appear to be gaining traction with IT professionals in the U.S. defense community. But for all their benefits, security remains a notable Achilles’ heel for a couple of reasons.

First, containers are still fairly nascent, and many administrators are not yet completely familiar with their capabilities. It’s difficult to secure something you don’t completely understand. Second, containers are designed in a way that hampers visibility. This lack of visibility can make securing containers extremely taxing.

Layers upon layers

November 30, 2018
By Sean Berg
Small contractors remain cyber's weak link in the defense industrial chain. Credit: TheDigitalArtist/Pixabay

The U.S. defense industrial supply chain is vast, complex and vulnerable. Organic components, large-scale integrators, myriad commercial service providers, and tens of thousands of private companies sustain the Defense Department. According to the SANS Institute, the percentage of cyber breaches that originate in the supply chain could be as high as 80 percent.

October 26, 2018
By Karyn Richardson
Planning ahead can take much of the stress out of data migration. Credit: Shutterstock

Implementing a new system can be an exciting time, but the nagging questions and doubts about the fate of data you’ve literally spent years collecting, organizing and storing can dampen this excitement.

This legacy data often comes from a variety of sources in different formats maintained by a succession of people.
 Somehow, all the data must converge in a uniform fashion, resulting in its utility in the new solution. Yes, it is hard work and no, it is not quick. Fortunately, this scrubbing and normalization does not have to be a chaotic process replete with multiple failures and rework.

October 24, 2018
By Michael Carmack
Small and medium-sized defense contractors are increasingly targeted by malicious hackers seeking to steal intellectual property. Credit: GDJ/Pixabay

It comes as no surprise that U.S. adversaries continue to target and successfully exploit the security weaknesses of small-business contractors. A successful intrusion campaign can drastically reduce or even eliminate research, development, test and evaluation (RDT&E) costs for a foreign adversary. Digital espionage also levels the playing field for nation-states that do not have the resources of their more sophisticated competitors. To bypass the robust security controls that the government and large contractors have in place, malicious actors have put significant manpower into compromising small- and medium-sized businesses (SMBs).

October 22, 2018
By Mike Lloyd
Artificial intelligence is still too easily fooled to secure networks without human assistance. Credit: geralt/Pixabay

Artificial intelligence can be surprisingly fragile. This is especially true in cybersecurity, where AI is touted as the solution to our chronic staffing shortage.

It seems logical. Cybersecurity is awash in data, as our sensors pump facts into our data lakes at staggering rates, while wily adversaries have learned how to hide in plain sight. We have to filter the signal from all that noise. Security has the trifecta of too few people, too much data and a need to find things in that vast data lake. This sounds ideal for AI.

October 15, 2018
By Paul Parker
Technical, physical, and departmental silos could undermine the government’s Internet of Things security efforts. Credit: methodshop/Pixabay

Every time federal information technology professionals think they’ve gotten in front of the cybersecurity risks posed by the Internet of Things (IoT), a new and unexpected challenge rears its head. Take, for instance, the heat maps used by GPS-enabled fitness tracking applications, which the U.S. Department of Defense (DOD) warned showed the location of military bases, or the infamous Mirai Botnet attack of 2016.

October 11, 2018
By Ken Peterman
Hybrid adaptive networks combines the power of U.S. military and commercial satellite communications, maximizing warfighter capabilities and resilience. Credit: sumanley/Pixabay

Historically, the U.S. Department of Defense (DOD) has been the driver of technological innovation, inventing remarkable capabilities to empower warfighter mission effectiveness and improve warfighter safety. Yet over the past 25 years, a transformational shift has taken place in several key technology sectors, and technology leadership in these sectors is no longer being driven by the military, but rather by the private sector. 

September 24, 2018
 
Forces deployed around the world need the ability to transmit securely on their networks.

A special operations officer who needed secure network connectivity to transmit data anywhere on the globe gained the capability in less than a minute by using Cyberspace Operations Infrastructure, or CSOI.

That officer was able to send data securely across the open network because CSOI uses the 256-bit Advanced Encryption Standard (AES) encryption mode. A 128-bit header uses a series of standards built out in the 1990s initially to secure drones. It also is used to cloak energy grids and older military architectures that will not attain IPv6, according to Robert Osborne, chief technology officer at IMPRES, the developer of CSOI.

September 11, 2018
By Paul Parker
Strip away the spin around software-defined networking, and IT administrators are left with the same basic network management processes under a different architectural framework, says Paul Parker with SolarWinds. Credit: geralt/Pixabay

The need for next-generation networking solutions is intensifying, and for good reason. Modern software-defined networking (SDN) solutions offer better automation and remediation and stronger response mechanisms than others in the event of a breach.

But federal administrators should balance their desire for SDN solutions with the realities of government. While there are calls for ingenuity, agility, flexibility, simplicity and better security, implementation of these new technologies must take place within constraints posed by methodical procurement practices, meticulous security documentation, sometimes archaic network policies and more.

September 5, 2018
By Tony Franklin
Image courtesy of Intel

As edge technologies continue to get smarter, faster, and more connected, incredible opportunities have emerged for the public sector to accelerate time to value and reduce costs. These mission-specific solutions are also simpler and faster to deploy!

August 29, 2018
By Paul Parker
Agencies should consider taking five fundamental steps to fortify networks before the next cyber attack. Credit: Daria-Yakovleva/Pixabay

Government IT professionals have clear concerns about the threats posed by careless and untrained insiders, foreign governments, criminal hackers and others. For the government, cyber attacks are a matter of life. We must deal with them as a common occurrence.

August 6, 2018
By Andrew Kelleher
The NSA has had significant, and perhaps surprising, influence on the standards for destroying no-longer-needed data. Credit: PRILL/Shutterstock

Never before has there been such an intense focus on data security and privacy. With data breaches increasing exponentially and the European Union’s recent implementation of the General Data Protection Regulation (GDPR), data security has been at the forefront of news stories over the past several months, with both businesses and consumers suddenly paying very close attention. With this increased attention has come an understanding that data continues to exist even when it is no longer needed or used. Due to this newfound understanding and GDPR’s “Right to be Forgotten,” the eradication of data has new urgency and has become critical to a successful data security program.

July 11, 2018
By John Kupcinski
Cyber threat intelligence may be helpful in countering government fraud, waste and abuse. Credit: Shutterstock

Fraud, waste, and abuse (FWA) remains a major challenge to the federal government. From 2012 to 2016, the 73 federal inspectors general (IGs), who are on the frontline of fighting FWA, identified $173 billion in potential savings and reported $88 billion in investigative recoveries and 36,000 successful prosecutions and civil actions.

July 9, 2018
By Shaun Bierweiler
It may be a great time for government agencies to leap into open source, but looking first is always advised, says Shaun Bierweiler of Hortonworks. Credit: Sambeet/Pixabay

In February 2018, the Department of Defense (DOD) Defense Digital Service (DDS) relaunched Code.mil to expand the use of open source code. In short, Code.mil aims to enable the migration of some of the department’s custom-developed code into a central repository for other agency developers to reduce work redundancy and save costs in software development. This move to open source makes sense considering that much of the innovation and technological advancements we are seeing are happening in the open source space.

July 3, 2018
By Bob Nilsson
Government network automation paves the way for artificial intelligence and machine learning. Credit: Shutterstock

It has become increasingly evident that artificial intelligence (AI) and machine learning (ML) are poised to impact government technology. Just last year, the General Services Administration launched programs to enable federal adoption of AI, and the White House encouraged federal agencies to explore all of the possibilities AI could offer. The benefits are substantial, but before the federal government can fully take advantage of advancements like AI, federal agencies must prepare their IT infrastructure to securely handle the additional bandwidth.

June 26, 2018
By Jesse Price
As cyber attacks increase, the combination of big data capabilities and network analytics will allow network monitoring agents to shift from defense to offense. Credit: Shutterstock

Traffic on optical transport networks is growing exponentially, leaving cyber intelligence agencies in charge of monitoring these networks with the unenviable task of trying to sift through ever-increasing amounts of data to search for cyber threats. However, new technologies capable of filtering exploding volumes of real-time traffic are being embedded within emerging network monitoring applications supporting big data and analytics capabilities.

June 20, 2018
By Jane Melia
Cybersecurity trends so far this year include a stern reminder that the threat of nation-sponsored cyber attacks cannot be ignored. Credit: TheDigitalArtist/Pixabay

With the arrival of June, we’re at the halfway point of an already busy year for the cybersecurity industry. With each passing year, our sector continues to demonstrate its evolving approach to fighting cyber threats, as cyber crime itself continues to evolve.

As both business and government move forward with digital transformation initiatives to improve processes and efficiency, the overall security attack surface continues to expand with more potential points of access for criminals to exploit. However, our industry is tackling these challenges head-on, with numerous innovative solutions continuing to come to market.

May 8, 2018
By Seli Agbolosu-Amison
Four policies give government agencies they flexibility and authority to limit cyber risks. Credit: katielwhite91/Pixabay

As a result of recent federal legislative and administrative activity, government agencies are expected to launch significant modernizations of their cybersecurity systems, get offensive with hackers and take a more strategic approach to risk. Combined, these policy directives promise to transform our government into a robust digital society, gaining greater resiliency to cyber threats by leveraging opportunities while reinforcing standards and procedures.

Here’s a breakdown of the key components of the four policies:

May 31, 2018
By Paul Parker
After enjoying a period without peers, the U.S. now find itself facing a variety of threats, including Russia, China and terrorist groups. Credit: TheDigitialArtist/Pixabay

The days of the United States’ stature as a force without equal appear to be over. The threat of near-peer competition with increasingly sophisticated adversaries is growing. As Secretary of Defense James Mattis says in the National Defense Strategy, "America has no preordained right to victory on the battlefield."

November 9, 2017
By Tom Jenkins
Software-defined networking offers an array of network modernization benefits.

The Department of Defense (DOD) Operational Test and Evaluation Fiscal Year 2016 Annual Report indicates that while there has been significant cybersecurity progress over the past few years, network defense as a warfighting function continues to be undervalued.

Despite the department’s concerted and progressive network modernization efforts, many networks are built on outdated legacy architectures that were never designed to address the challenges posed by continually evolving threat vectors. Neither agile nor flexible enough to be able to adjust, they are vulnerable to the security risks posed by increasingly intelligent, nimble and enterprising hackers.

Pages