are hitting hedge funds
Hedge funds are increasingly targeted by cyber extortionists, John Carlin,
US Assistant Attorney General for National Security, has warned the audience at
the recent SALT hedge fund conference. Encrypting a user's or an organization's
important files via crypto ransomware then asking for money to decrypt them has
proved very lucrative for cyber crooks. Not only do many individual users fall for the
scheme and ultimately pay the ransom, but so do businesses and organizations
that should have their files regularly backed up and that you would not expect
to comply with the crooks' demands (e.g. police departments).
security: Insurance industry challenges and opportunities
Property Casualty 360
The National Association of Insurance Commissioners' (NAIC)
"Principles for Effective Cyber Security Insurance Regulatory
Guidance" adopted on April 16, 2015, by the Cyber Security Task Force
highlight an industry under cyberattack. The Anthem and Premera breaches, which
exposed personally identifiable information of nearly 100 million people and
the likelihood (perhaps certainty) of additional attacks on the industry,
highlight the fact that: Those in the insurance industry who are not
proactively managing the threat of cyber incursion are likely to suffer severe
adverse consequences. Indeed, Anthem is suffering over 50 class action lawsuits
and intense regulatory and law enforcement scrutiny.
Cars—Is the risk worth the reward?
There is a revolution taking place in the automotive industry that will
affect nearly every car owner, driver and passenger. It is the introduction of
connected cars and the promise of enhanced safety and convenience.With that promise comes massive security and
privacy risk. After all, cars will be operated by highly intelligent computing
devices that can be accessed remotely. Driver override will be built-in, but
malicious tampering is possible. And in this case, there is absolutely no
margin for error.
rise in healthcare cybercrime
US healthcare organizations are being targeted by sophisticated and highly
organized cybercriminals. Healthcare is so poorly protected compared to other
industries and ranks close to the bottom in information security spend, so it
is unsurprising that the information systems of payers, providers, and
bio-pharmaceutical organizations are considered low-hanging fruit by cyber
criminals. Healthcare simply does not have the people, processes, or the
technology to protect itself quickly against the onslaught. Furthermore it
lacks the financial resources to hire the expertise needed to fix information
security programs or to purchase the advanced security services and tools
needed to protect its non-public data.
asks China to investigate cyber attack targeting U.S. sites
The United States has asked Beijing to investigate reports that China
interfered with Internet content hosted outside the country and used it to
attack U.S. websites. A State Department official said, "The cyber attack
manipulated international web traffic intended for one of China's biggest web
services companies and turned it into malicious traffic directed at U.S. sites."
He said the United States asked Chinese authorities to investigate the cyber
attack and report its findings. The Chinese government has repeatedly denied it
has anything to do with hacking.
Chinese military is afraid wearables will reveal its secrets
China’s military has warned troops and the wider public that
network-connected wearable devices pose a national security risk when used by
military personnel.the PLA and
militaries the world over are probably less afraid of intentional acts like
photographing and distributing classified information, and more worried about
the passive data collection and transmission happening on these devices. The
PLA’s warning says that fitness trackers and watches, if compromised, could
send data on soldiers’ locations, movements, and even health conditions to
whoever has gained access, and is a sign wearable tech is on the list of
cyberwar battlefields, alongside email inboxes and USB drives.
tightens cybersecurity controls to limit foreign spying
China has proposed a fresh wave of cybersecurity legislation to tighten its
grip on the county's information technology structure and further localize the
use of tech products. China has included cybersecurity as an important element
of a draft national security law. The document proposes tighter controls on the
country's information technology structure in response to US intelligence
does China-Russia 'no hack' pact mean For US?
Russia and China on May 8 signed a pact agreeing not to hit one another
with cyberattacks. Experts agree, however, that the countries don't actually
have any intention of ceasing their cyberespionage campaigns against each
other. They say that the agreement instead is political posturing intended to
send a message to the United States and its allies, though they differ slightly
on what that message is, what motivated Russia and China to send it, and what
it means for the U.S.
and China from cyber alliance
Russia and China signed a cyber security agreement May 8 saying that
neither would launch cyber attacks against the other.Under the terms of the pact, the two nations
will work together to combat technology that may “destabilize the internal
political and socio-economic atmosphere,” texts of the agreement on the Russian
government website said. The two nations will also share law enforcement
information and security technologies.
This quarterly Cybersecurity Market Report looks at a wide array of
cybersecurity market issues, including market sizing and industry forecasts
from consolidated research by IT analyst firms, emerging trends, employment,
the federal sector, hot companies on the Cybersecurity 500 list, notable
M&A, investment and IPO activity and more.
of Veteran Affairs takes on increasing number of cyberthreats
In March, the Department of Veterans Affairs agency blocked 1.19 billion
malware instances and 358 million intrusion attempts, numbers that show sharp
increases from February. VA Department CIO Stephen Warren said the agency is
buckling down on “continuous monitoring technology, reinforcing external
network connections, and security training.” Warren would like to see an
increased budget for cybersecurity, and he’s hopeful that more collaboration
with other federal agencies could yield some key insights on taking on
guidance offers tips for cyber incident response
Attorney General Loretta Lynch said she will focus on investigating and
prosecuting cyber crimes and stressed the need for law enforcement to work with
the private sector to achieve true cybersecurity. To help meet the challenge,
the Dept. of Justice (DOJ) announced the release of a new guidance document
outlining best practices for companies developing a response plan or reacting
to a breach. DOJ developed the guidance as a means of helping the private
sector keep up with the changing landscape of cyber crime and plans to
continuously revise it as a living document.
chief wants action on stalled cyber bills
Passing legislation to increase the public-private exchange of data on
hackers is one of the most important ways Congress can help the country thwart
cyberattacks, National Security Agency Director Adm. Michael Rogers said May
11.A pair of threat-sharing bills
passed the House by wide margins last month, but the Senate’s companion
legislation appears stalled until lawmakers determine whether to reform the
NSA’s surveillance authority.
leaders want cyber assurances from Obama
Leaders and delegates from the Gulf Cooperation Council — which includes
Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates — plan
to push President Obama for better cybersecurity cooperation during a May 14 summit
at Camp David. The request is part of a broader security guarantee U.S. Gulf
allies are seeking as they warily eye the rise of extremist threats in the
region and the near-complete nuclear talks with Iran that would lift sanctions
on the country.
makes new push for global rules in cyberspace
The U.S. government has launched an all-out diplomatic push to impose
peacetime international rules of the road on cyberspace. Officials have been
promoting the idea of guidelines for acceptable nation-state cyber behavior in
conferences and bilateral meetings across the globe for several months. Now, in
the most significant move to date, the U.S. government has formally proposed a
slate of such peacetime cyber “norms” to a United Nations body — norms that
U.S. military and civilian officials pledge to honor and think other nations
ought to live by too.
to the first responder rescue
Emergency management agencies throughout the U.S. are seeking technology to
make networks more resilient, and satellite connectivity is considered key
toward that objective, experts say. Some jurisdictions are employing broadband
and satellite systems on their own while others await the development of the
First Responder Network Authority (FirstNet), created in 2012 by Congress to be
part of the National Telecommunications and Information Administration (NTIA).
FirstNet would acquire a nationwide broadband data network for the nation’s
local, state and federal first responders: police, fire departments and
emergency medical services.
IT fuels DoD information environment
Armed With Science - The Official DoD
Defense Department Chief Information Officer Terry Halvorsen is leading a
charge to modernize the department’s information technology-cyber enterprise
using every available tool, especially those in commercial markets, a defense
official in the CIO’s office said. David A. Cotton, acting deputy CIO for
information enterprise, recently spoke about how DoD is leveraging the power of
commercial IT to give its workforce access to information at the point of need.
takeaways from the Pentagon’s new cyber strategy
Defense Secretary Ash Carter unveiled a new cybersecurity strategy for the
Pentagon last month, the first significant revision of the Defense Department’s
cybersecurity strategy since it was issued in 2011. The new strategy focuses on
a number of key areas, including cyber-related research and development,
increased collaboration with technology leaders in Silicon Valley and stronger
partnerships with the Department of Homeland Security (DHS). While the policy,
which you can read here, touches on several major issues, here are four key
takeaways from it and a handful of other announcements Carter made on April 23.
the Navy maintain cyber power projection?
C4ISR & Networks
In November 2012, the U.S. Navy produced a document titled Navy Cyber Power
2020. The objective was to create and sustain an advantage in cyber domain, a
very tall order given the rapid and continuous change that is taking place in
offensive and defensive cyber operations. Defining the future capabilities is
necessary for dominance in cyber power projection and is an extremely
challenging undertaking. There is little doubt that this requires a true
commitment and long-term funding.
top cyberwarrior talks collaboration at University of Washington
Lt. Gen. Edward Cardon, chief of the Army's Cyber Command, was part of a
University of Washington-Tacoma forum on cybersecurity that drew several
hundred participants from military, local government agencies, academia and the
private sector. They spent a day looking for ways they might collaborate to
protect critical infrastructure from potentially crippling network attacks. UWT
has been a home for those discussions in recent years, anchored by a growing
cybersecurity program it developed in response to recommendations from the
cyber chief says hackers to 'pay a price'
The US strategy of "deterrence" for cyber attacks could involve a
wide range or responses, potentially including the use of conventional weapons,
the nation's top cyber warrior said May 11.Adm. Michael Rogers, who heads the US Cyber Command as well as the
National Security Agency, told a Washington forum that the idea of cyber
deterrence is evolving but that there are many ways to get that message across.
"Because an opponent comes at us in the cyber domain doesn't mean we have
to respond in the cyber domain," Rogers said.
frets over China's cyber capabilities
Offensive operations are increasingly a flash point in one of the world's most
important bilateral relationships in cyberspace. In an annual report to
Congress published May 8, Defense Department officials expressed pointed
concerns about China's pursuit of offensive cyber capabilities. The report came
a week after China's defense ministry objected to what it said was the
offensive nature of the Pentagon's cyber strategy.
Force headquarters changes defense networking
The Defense Department, facing an increase in defensive cyber operations, now
has the command and control it needs to wage those actions on its information
network. The Joint Force Headquarters Department of Defense Information Network
consolidates efforts that previously were dispersed among the services and
organizations, and agencies and services now will take orders and direction
from the Joint Force Headquarters (JFHQ) Department of Defense Information
Network (DODIN). This also applies to agencies within the U.S. Cyber Command
(CYBERCOM) that have been a part of this work in the past.
Juniper research: Cybercrime
to cost businesses $2.1 trillion by 2019
A new study from Juniper Research (U.K.) suggests that the rapid digitization
of consumers’ lives and enterprise records will increase the cost of data
breaches to $2.1 trillion globally by 2019, almost four times the estimated
cost of breaches in 2015. The study finds that the majority of these breaches
will come from existing information technology and network infrastructure.
While new threats targeting mobile devices and the Internet of Things (IoT) are
being reported at an increasing rate, the number of infected devices is minimal
compared to traditional computing devices.
solutions for when IoT mixes with biometrics
Computer Business Review
The Internet of Things (IoT) will redefine identity management using biometrics
to unlock bank apps, email accounts but also cars, homes and personal health
databases. By 2016, IoT will drive device and user relationship requirements in
20% of new identity and access management (IAM), with new biometrics to emerge
in a key role. In this, CBR investigates how biometrics will reshape IoT and
data breaches from cyberattacks, criminals eclipse employee error for the first
A new Ponemon Report reveals just how hot healthcare data is for hackers,
as cybercriminals and nation-state actors are targeting healthcare
organizations for their valuable data. The report finds that cyberattacks and
physical criminal activity now have officially surpassed insider negligence as
the main cause of a data breach in healthcare organizations. Close to 45% of
all data breaches in healthcare are due to criminal activity such as
cybercriminal and nation-state hacks, malicious insiders, and physical theft, a
125% increase in such activity over the past five years.
issues advisory on Hospira infusion pump flaws
Last year, news surfaced that the Department of Homeland Security was
investigating suspected flaws in medical devices and hospital equipment – and
now, one of the rumored devices under inspection has been found vulnerable to
remotely exploitable bugs. DHS' Industrial Control Systems Cyber Emergency
Response Team (ICS-CERT) has published an advisory, noting that version 5.0 and
prior of LifeCare PCA Infusion System was impacted by an improper authorization
flaw and an insufficient verification of data authenticity vulnerability.
says mobile now dominates search
Google now gets more search queries from mobile devices than it does from
PCs. A company executive also says that more
Google searches take place on mobile devices than on computers in 10 countries
including the U.S. and Japan.The news
about mobile search overshadowing desktop searches means we've officially
entered a "mobile-first" world, according to Zeus Kerravala, an
analyst with ZK Research.
and China to collaborate on information security
Russia's government has approved a draft agreement with China which will
see the two countries cooperate on international information security, a
government website reported. "The agreement's purpose is to offer legal
and organizational bases for cooperation between Russia and China in
international information security," according to TASS. "The
agreement lists basic threats, offers directions, approaches, forms and
mechanisms of cooperation in the sphere."
views cybersecurity and data integrity as top priorities; may issue regulations
Data Protection Report
Cybersecurity has recently become a high priority issue at the US Commodity
Futures Trading Commission (CFTC) – the agency overseeing designated contract
markets, swap execution facilities, derivatives clearing organizations, swap
data repositories (SDRs), swap dealers, futures commission merchants, commodity
pool operators and other derivatives market participants. CFTC staff has
indicated that the Commission is considering a rule that would impose
cybersecurity obligations aimed at markets and clearing organizations, but not
at banks or other market participants.
CIOs need to Be aware of the dangers of consumer tech
Next Gov - Tech Insider
While the benefits of IT consumerization are real, the “impedance mismatch”
between consumer and enterprise requirements remains a constant source of risk
and uncertainty for IT managers. In this context, the old saying retains all of
its relevance: “Let the buyer beware.”
military chief is 'strategist,' not cyber expert
President Obama’s pick to become the nation’s next top military officer,
Marine Gen. Joseph Dunford Jr., bucks a recent trend of cyber-focused
appointments. “He’s not a cyber expert,” said Peter Metzger, a former CIA
intelligence officer and Marine who served with Dunford on four occasions. “But
he doesn’t need to be.”Cyber military
specialists believe the Obama administration is seeking an operational expert
and relationship builder, not a technological savant, to carry out Defense
Secretary Ashton Carter’s recently unveiled cyber vision.
Reserve are X factors in cyber plans
The National Guard and Reserves are underutilized resources and represent a
“huge treasure” in the Pentagon’s development of a cyber force, Defense
Secretary Ashton Carter told the Senate Appropriations Defense Subcommittee. The
Pentagon's recently released 2011 cyber strategy said the Reserve component
“offers a unique capability for supporting each of DOD’s missions, including
for engaging the defense industrial base and the commercial sector...It
represents DoD’s critical surge capacity for cyber responders.” The Army National Guard, for one, plans to establish
10 new cyber protection teams over the next three fiscal years.
Navy cyber launches strategic plan
The commander of US Navy Cyber announced a five-year strategy, and like the
Pentagon's cyber strategy announcement two weeks earlier, acknowledged the dire
need for talented workers with the skills to fend off the nation's foes. Vice
Adm. Jan Tighe, who assumed command of Fleet Cyber Command/10th Fleet a year
ago, said the US Navy is strengthening its ability to defend against
intrusions, launch offensive cyber weapons and field 40 cyber mission teams — a
task that is halfway done.
rolls out new five-year cyber strategy
Federal News Radio
The Navy has marked the five-year anniversary of its Fleet Cyber Command by
rolling out a new cyber strategy to carry it through the next five. The plan is
organized around five big-picture priorities, each of them accompanied by tasks
the service says it needs to complete within the next 18 months. Navy leaders
view the 18-month benchmarks as important because they will provide verifiable,
measurable markers of whether their evolving cyber capabilities are actually
delivering progress in defending service networks from adversaries and turning
cyber into a weapon system that can be used by combatant commanders around the
world, alongside or in place of bombs or missiles.
new cyber strategy prioritizes threats
Nearly two years after Iranian hackers poked holes in the Navy’s cyber
defense, the service’s cyber command has released a five-year strategy that
tries to ensure that never happens again -- or at least minimizes the damage
when it does. Vice Adm. Jan Tighe, the head of the command and architect of the
strategy, wants what any head of a large enterprise would: awareness of network
vulnerabilities. But the unique vastness of the networks she is charged with
defending has made that situational awareness elusive, so the new strategy sets
out to give the Navy a common operating picture in cyberspace by deploying more
sensors and other network tools.
Air Force CIO
describes requirements nightmare
Updating the IT architecture of the Air Force’s Air Operations Centers, the
levers of command and control for the service’s air, space and cyberspace
operations, is a requirements nightmare that has stalled because of a lack of
resources, according to Lt. Gen. William Bender, the service's chief information
officer.Bender described the AOC upgrade
as an unsavory blend of cost constraints and "requirements creep," in
which various people involved in the project have proffered requirements for
it. Another Air Force official in the CIO office said the new architecture will
help the cybersecurity of the AOCs by enabling information sharing across
systems and applications.
Marine Cyber fought off all net attackers since 2013
When Iran hacked the Navy-Marine Corps Intranet in fall 2013, it shook up
the sea services’ approach to cybersecurity. Thanks to that new vigilance,
their networks have fended off every subsequent attack, the head of Navy Cyber
Command said.That doesn’t mean no one
breached any portion of any Navy or Marine Corps network, Vice Adm. Jan Tighe
told reporters, saying, “What we’re talking about is an actual operation, not
that initial penetration.”
disclosed US cyber-terrorism strategy: Attacking to defend
A new Defense Department cybersecurity strategy indicates the Pentagon will
be actively using cyber-attacks to defend against foreign threats. The
move comes after several attacks that penetrated both US government and
corporations by several key countries last year, and the decision to go public
with the matter is in hopes of deterring attacks according to the
threats on the rise, Q1 2015 report shows
Some of the most noteworthy findings in the Kaspersky Lab “IT Threat
Evolution Report for Q1 of 2015” involve mobile devices. In the first quarter
of this year, Kaspersky Lab saw 3.3 times as many new malicious mobile programs
in Q1 2015 than it did in the final quarter of last year.
are falling behind on securing their SAP environments
More than 95 percent of SAP systems deployed in enterprises are exposed to
vulnerabilities that could lead to a full compromise of business data, a
security firm claims. Onapsis, a Boston-based company that specializes in SAP
security audits, also found that the average time-to-patch for SAP
vulnerabilities is more than 18 months—12 months for SAP to issue fixes and 6
months for companies to deploy them.This suggests that many companies are falling behind on SAP security,
even though these systems hold some of their most critical and confidential
aren't just targeting big business
Help Net Security
A new survey found that 81% of small business owners believe cybersecurity
is a concern for their business, and that 31% of small businesses have
experienced a cyber-attack or attempted cyber attack. However, despite these
concerns, less than half (42%) of survey respondents have invested resources in
cybersecurity protection in the last year.Additionally, 70% of small business owners do not believe the federal
government is doing enough to combat cyber-attacks and an overwhelming majority
(83%) would support federal tax incentives or grants to small businesses that
invest in cybersecurity measures.
opens its training network to non-CAC access
The Army has made it easier to access its primary website for training
information, allowing soldiers to log in with a username and password without
requiring a Common Access Card. The move opens up the Army Training Network to
access via smartphones and tablets that don’t have CAC readers. Despite the
associated security concerns with opening access, Army Chief of Staff Gen. Ray
Odierno directed the move as a way to ensure the widest possible access to
authoritative training information. To ameliorate security concerns, the Army’s
Training Management Directorate made a few changes to the network, such as
segregating information that was For Official Use Only, which was only
available to CAC card users.
exit interview with Jeremy Grant, NSTIC director and NIST's lead on digital
Fierce Government IT
Jeremy Grant left the National Institute of Standards and Technology April
30 after spending the last four years leading an effort to improve digital
identity management nationwide. Grant's office and a public-private partnership
called the Identity Ecosystem Steering Group are tasked with the real-world
implementation of the White House's National Strategy for Trusted Identities in
Cyberspace, an initiative to create trust online. Grant had been the director
of the NSTIC program office since it was stood up in 2011. In an interview, he
discussed recent developments with NSTIC, the program's biggest accomplishments
and some challenges that lie ahead.
cyber gold rush
Christian Science Monitor – Passcode
While California’s Silicon Valley is the technology capital of America,
cities and states across the country are now vying to dominate the next big
economic frontier – the booming market for securing what actually lies within
the nation’s electronic networks.From
California to Texas to Florida, public and private groups are positioning
themselves to win millions in federal contracts and from venture capital firms.
Some are going to extraordinary lengths to build what they call “a
cybersecurity ecosystem.” As an example, economic and business organizations in
Virginia, Maryland, and the District of Columbia are competing with each other,
but one expert says they should band together.
CIOs see rapid shift to the cloud
Reservations that state IT leaders once had about putting government
systems in the cloud are fading fast. State CIOs interviewed at a recent
conference are aggressively adopting cloud-based services, with some saying
they intend to run anywhere from half to almost all of traditional data center
infrastructure on hosted platforms within the next few years.
To aid combat, Russia wages cyberwar against Ukraine
A new report by security firm Lookingglass charges that the Russian
military is waging a sustained cyber campaign against Ukrainian military and
law enforcement agencies. The purpose is to extract a steady stream of
classified documents that can aid violence and on-the-ground combat.
blames hacking attack for recent Internet problems
A hacking attack using malware from overseas servers was to blame for
Internet problems in China earlier this week that prevented users accessing a
number of popular foreign websites, an official state-run newspaper said. The
English-language China Daily, citing the National Computer Network Emergency
Response Technical Team Coordination Centre, an agency that monitors China's
Internet safety, said the redirection happened because some servers in China
were "contaminated" by malware from overseas servers.
guidance from the SEC: Cyber security best practices
On April 28, 2015, the U.S. Securities and Exchange Commission’s Division
of Investment Management (the “Division”) issued a Guidance Update to
investment and fund advisers on the topic of improving cyber security. While it
is titled only as “Guidance”, firms and individuals who are subject to SEC
regulations should pay close heed to the spirit, if not the letter of the cyber
security best practices discussed in the Update.
cyber boss gets bigger portfolio
The FBI has given one of its top cyber officials a new assignment. Joseph
Demarest, who had been assistant director of the bureau’s cyber division since
2012, is now associate executive assistant director of the FBI’s Criminal,
Cyber, Response and Services Branch.The
new position, created by FBI Director James Comey, expands Demarest’s portfolio
beyond cybersecurity to include criminal investigations, incident response and
knocks SEC on info security, password management
A review of procedures at the Securities and Exchange Commission showed,
among other deficiencies, a lack of information security, particularly around
maintaining baseline cybersecurity standards, password settings and network
services, according to a new report from the Government Accountability Office.
At the base of the issue is a failure to update the agency's configuration
baselines — the set of standards for managing access and control within
big data fix government’s cyber problem?
A new study points to “big data analytics” as a potential savior to
cybersecurity strategies across government, with 86 percent of those
cybersecurity professionals polled stating “big data would significantly
improve” their organizations cybersecurity posture. But employing big data as a
tool in a cybersecurity arsenal is not as simple as flipping a switch.
CIO Tony Scott: OMB's draft FITARA guidance aims to advance IT reform
Federal News Radio
The much-anticipated guidance to reform how agencies buy and manage
information technology is littered with words such as "shall,"
"must" and "all" to underscore the importance and
expectations of not just federal chief information officers, but everyone
across the CXO landscape. But the one underlying message from OMB in the
31-page draft guidance to implement the Federal IT Acquisition Reform Act
(FITARA) is the mistakes made 20 years ago will not be repeated. OMB released
the draft guidance April 30 for public comments. The comment period will remain
open until May 30, but OMB wants substantive remarks in the first two weeks of
May so it can refine the document as it goes along.
to outsource $475 million worth of offense and defense work
The emerging Pentagon division that coordinates military cybersecurity and
cyberattacks is asking private contractors to help finish standing up the Cyber
Command. Among the tasks to be assigned under a request for proposals are
support for eavesdropping to detect threats and assistance with repelling hacks
equivalent to an armed attack against the nation. The potentially five-year
contract is capped at $475 million and covers nearly 20 task areas, according
to the new performance work statement.
Force setting up separate Silicon Valley office
A week after the Defense Department announced it would open an office in
Silicon Valley, the Air Force says it is following suit and is already setting
up a California office designed to “rapidly turn technologies toward
operational capabilities,” Air Force CIO Lt. Gen. William Bender said May 1.Given that Bender has had an Air Force
liaison in Silicon Valley building relationships with academia for a year, “I
didn’t see fit to wait on” getting it set up, he said. The new Air Force cell
in Silicon Valley will complement the Pentagon office there, he added.Solidifying a presence in Silicon Valley is
Bender’s latest move to shake up the Air Force’s approach to IT since becoming
CIO in September.
Pentagon's risky offensive cyberstrategy
The Christian Science Monitor -
While the Pentagon's new cybersecurity strategy puts more weight on
striking back against criminal or nation-state hackers, a more effective way to
deter attacks may be through diplomacy, law enforcement, and sanctions.
Corps cyber task force stood up, will report to Commandant this summer
U.S. Naval Institute News
The Marine Corps Cyber Task Force stood up in late April to create courses
of action to address manpower, organizational, acquisition and other problems
for cyberspace operations. Marine Corps Commandant Gen. Joseph Dunford had
addressed offensive and defensive cyber operations when he released his
commandant’s planning guidance in January, which sparked an operational
planning team to look at framing the Marines’ cyber problem. Dunford followed
up with additional guidance asking for a cyber task force during an executive
offsite, and the resulting task force will take the problem-framing and create
courses of action to improve Marine Corps cyber operations.
cyber evolution, four years later
The Defense Department has released a much-needed update its 2011 Strategy
for Operating in Cyberspace. The new version, while hitting on many of the same
general points—information sharing, bolstering alliances in the cyber realm and
protecting DOD infrastructure, to name a few—clearly reflects the evolution and
escalation of threats and cyberspace operations over the last four years.
delegation urges Air Force to locate cyber operations squadron at Joint Base
Augusta Free Press
Sens. Mark R. Warner (D-VA) and Tim Kaine (D-VA) along with Reps. Scott
Rigell (R-VA-2), Bobby Scott (D-VA-3), Gerry Connolly (D-VA-11), Rob Wittman (R-VA-1),
and Randy Forbes (R-VA-4), have renewed their bi-partisan request that the Air
Force Space Command strongly consider locating a Cyber Operations Squadron
(COS) at Joint Base Langley-Eustis (JBLE). The Air Force is considering
potential locations for as many as four Cyber Operations Squadrons, and site
locations are widely expected to be announced sometime this summer.
just for law enforcement anymore: The evolution of biometrics
Secure ID News
In the past 40 years, fingerprint science has moved from examiners studying
ink-stained sheets with magnifying glasses to Automated Fingerprint
Identification Systems (AFIS), which use computer systems and software to pull
up possible matches. This does not remove the human aspect as examiners still
compare the actual fingerprint image to the AFIS-selected matches.