AFCEA offers a wide range of white papers, EBooks, case studies, event videos and analytical content in our Resource Library. These documents may be relevant to your work and of interest to you as a member of the global defense, security and intelligence community. The content updates often so please bookmark this page and come back frequently.
Registration is required to access the documents. This registration information is minimal and is only shared with the sponsor of the specific document you access.
The whole is greater than the sum of its parts when the two combine forces for information technology. BY ROBERT K. ACKERMAN
The U.S. Army is building a tighter relationship with industry to tap commercial expertise and avoid long procurement delays that often render new information technologies obsolete before they are fielded
Author: Zoho Corporation
Free e-book that aids in improving your enterprise IT security
Most IT admins have asked themselves at some point in time, "How do I achieve and sustain enterprise IT security?"
With cybercriminals sneaking into enterprises using new techniques every day, IT administrators have never been busier. Download your free e-book to understand the challenges in sustaining enterprise IT security, and learn how to overcome these challenges by implementing security-first procedures, securing corporate and personal data, maintaining user privacy, and increasing employee p ...
Author: Attivo Networks
With traditional cybersecurity, companies play a cat-and-mouse game to identify, block, and prevent threats. A deception program changes this by giving defenders the ability to learn about attackers in the same way attackers try to learn about their targets. Once an organization knows an attacker is in the network, it can observe the attacker's behaviours and patterns. This background helps security teams better understand what attackers are after and the best way to respond.
In our deepest and most wide-ranging report yet, we explore user knowledge of a broad range of best practices for cyber hygiene, security, and compliance. The report analyzes millions of responses gathered from our Security Education Platform. Our latest Beyond the Phish Report includes: Data from nearly 130 million questions answered by customers end users Users understanding of 14 cybersecurity topics Two new categories: users understanding of unintentional and malicious insider threats and a view of executives cybersecurity knowledge Knowledge comparisons across 16 i ...
This cybersecurity report analyses data from tens of millions of simulated phishing attacks sent through Proofpoint's Security Education Platform over a 12-month period, as well as an extensive survey of our global database of infosec professionals. It also includes survey data from thousands of working adults in seven countries, the US, UK, France, Germany, Italy, Australia, and Japan providing cybersecurity insights into end-user security awareness and behavior around phishing, ransomware, and more. Direct feedback from infosec professionals on today's threat landscap ...
Author: Thundercat & Symantec
Nothing in the field of information technology is more dynamic than software development. For consumers, individual personal mobile communications devices are constantly upgraded by weekly downloads of new apps. For large organizations such as the military services, vital information systems must be upgraded repeatedly and quickly, lest they enter the world of obsolescence. And, when it comes to security, obsolescence could be the death knell for any national security organization in a time of crisis.
Upgrading security across the breadth of a military service poses ...
TABLE OF CONTENTS 1. Threats evolution in the cyber-space 2. Situational awareness to face multi-domain threats 3. Cyber situational awareness: Leonardo solution 4. AI to improve human performance and decision-making processes 5. Who we are
Author: Owl Cyber Defense
This document includes an overview of critical infrastructure, the associated cybersecurity challenges including a background on industrial control system (ICS) security, and provides a synthesis of the most recent available guidance to secure critical infrastructure and the various supporting systems within a defense context. It is intended as a best practice primer for the cybersecurity of DoD critical infrastructure, and to provide a basic foundation of accumulated knowledge.
This document includes an overview of critical infrastructure, the associated cybersecurity challenges including a background on industrial control system (ICS) security, and provides a synthesis of the most recent available guidance to secure critical infrastructure and the various supporting systems within a defense context. It is intended as a "best practice" primer for the cybersecurity of DoD critical infrastructure, and to provide a basic foundation of accumulated knowledge.
Author: Attivo Networks
The implementation of a comprehensive cybersecurity plan to protect Industrial Automation and Control Systems (IACS), including SCADA, is critical to protecting confidential company information, complying with applicable laws and maintaining safe and reliable operations. A defense-in-depth approach to cybersecurity reduces risk with each effective layer of protection and combines a mix of defense and offense measures for the maximum protection against a breach. The implementation of a Dynamic Deception solution provides the real-time visibility into threats that have by ...
This edition of The Cyber Edge celebrates and recognizes the contributions of women in cybersecurity and STEM. All of the articles in the section were written by women and feature expert opinions on operating in a time where information o en can be a weapon.
Despite obvious and compelling needs for ways to measure security, AFCEA's Cyber Committee found that there is no consensus about how to measure security. To the contrary, its members found that the security metrics are all over the map with most organizations admitting in confidential discussions that they are not comfortable with the metrics they are using.
Author: Attivo Networks
The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) Matrix provides a model for cyber
adversary behavior, reflecting various phases of an adversary's lifecycle and the platforms they are known to target. It is designed
to help determine which technologies work or fail, identify gaps to improve security posture and processes, prioritize work on
detecting and deterring techniques, and to evaluate new security technology. ATT&CK is useful for understanding security risk
against known adversary behavior, planning security improv ...
2019 AFCEA Army Signal Conference Solutions Showcase Compendium
Prior to the conference, the U.S. Army identified opportunities for industry to offer potential solutions to problems the service and joint force must address both today and in the near future. The list included cloud and application migration/enterprise/hybrid cloud strategy; data cleansing; total army asset visibility/configuration management; risk management framework optimization; continuous cyber security compliancy monitoring; insider threat, zero trust environment; and protected data.
Author: Intelsat General Corporation
Cyber threats are growing more advanced, with networks constantly under attack from entities in search of critical data to deny transmission or steal information. Intelsat EpicNG delivers reliability, security, performance and the flexibility to keep pace with changing geographic and mission requirements. Intelsat EpicNG's advanced digital payload creates an enhanced environment for battling interference and for mitigating jamming, assuring government organizations have coverage and providing connectivity for any operation. Intelsat EpicNG satellites successfully provid ...
As cybersecurity has become more complex, traditional methods do not account for the wide range of issues related to securing corporate data and handling privacy concerns. New technology, improved processes and broad workforce education are all required for a modern security posture. Adopting a new approach requires cultural change within an organization, but it also requires a diverse set of skills. A new report by CompTIA examines the ways that businesses are building security teams, using internal and external resources, to assemble the expertise needed for security ...
Author: A3 Missions
Federal agencies increasingly need data-derived insights to address complex challenges, deliver mission success, and optimize resources for maximum effectiveness and efficiency. Whether the challenge is to contain a fast-spreading disease, model and monitor network activity, rapidly assess a battlefield, uncover fraud, or efficiently maintain a fleet of ships, the rapid exploitation of data is essential to getting the job done and providing situational understanding.
Formed in 2015, A3 Missions is a Georgia based LLC that specializes in Data Center Infrastructur ...
Cybercriminals have long profited by selling stolen financial and personal data. Of late, they've added another alarming technique: encrypting an organization's data where it's stored and demanding payment for the recovery key.
This type of cyberattack, called ransomware, is rising: One study indicates that a business is attacked every 40 seconds. The public sector is a target for ransomware because small agencies, local governments and educational institutions are less likely to have strong security measures and full data backups.
Many are also working w ...
For a computing paradigm, "Resilience is the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation". Resilience is related to survivability, which builds on the disciplines of security, fault tolerance, safety, reliability, and performance. This paper focuses on cyber security approaches to achieve cyber resilience when developing technologies, systems, networks, and platforms.
The cyber domain is like any other military or intelligence theater of operations: Success requires highly skilled, well-trained and experienced professionals.
Technology in the form of advanced systems, tools and software are indispensable, and staying ahead of adversaries requires constant innovation. But just like any weapons system, ordnance or strategic plan, the best technology is of limited value without the people to make it work at its highest level. We recruit and train pilots for new generations of aircraft; we must do the same for cyber warriors.