Generic

Cybersecurity News

 

Cyber extortionists are hitting hedge funds
Help Net Security
05/12/15

Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the recent SALT hedge fund conference. Encrypting a user's or an organization's important files via crypto ransomware then asking for money to decrypt them has proved very lucrative for cyber crooks. Not only do many individual users fall for the scheme and ultimately pay the ransom, but so do businesses and organizations that should have their files regularly backed up and that you would not expect to comply with the crooks' demands (e.g. police departments).


Cyber security: Insurance industry challenges and opportunities
Property Casualty 360
05/11/15

The National Association of Insurance Commissioners' (NAIC) "Principles for Effective Cyber Security Insurance Regulatory Guidance" adopted on April 16, 2015, by the Cyber Security Task Force highlight an industry under cyberattack. The Anthem and Premera breaches, which exposed personally identifiable information of nearly 100 million people and the likelihood (perhaps certainty) of additional attacks on the industry, highlight the fact that: Those in the insurance industry who are not proactively managing the threat of cyber incursion are likely to suffer severe adverse consequences. Indeed, Anthem is suffering over 50 class action lawsuits and intense regulatory and law enforcement scrutiny.


Connected Cars—Is the risk worth the reward?
ISACA blog
05/11/15

There is a revolution taking place in the automotive industry that will affect nearly every car owner, driver and passenger. It is the introduction of connected cars and the promise of enhanced safety and convenience.With that promise comes massive security and privacy risk. After all, cars will be operated by highly intelligent computing devices that can be accessed remotely. Driver override will be built-in, but malicious tampering is possible. And in this case, there is absolutely no margin for error.


The rise in healthcare cybercrime
Cisco Blogs
04/28/15

US healthcare organizations are being targeted by sophisticated and highly organized cybercriminals. Healthcare is so poorly protected compared to other industries and ranks close to the bottom in information security spend, so it is unsurprising that the information systems of payers, providers, and bio-pharmaceutical organizations are considered low-hanging fruit by cyber criminals. Healthcare simply does not have the people, processes, or the technology to protect itself quickly against the onslaught. Furthermore it lacks the financial resources to hire the expertise needed to fix information security programs or to purchase the advanced security services and tools needed to protect its non-public data.


U.S. asks China to investigate cyber attack targeting U.S. sites
Reuters
05/08/15

The United States has asked Beijing to investigate reports that China interfered with Internet content hosted outside the country and used it to attack U.S. websites. A State Department official said, "The cyber attack manipulated international web traffic intended for one of China's biggest web services companies and turned it into malicious traffic directed at U.S. sites." He said the United States asked Chinese authorities to investigate the cyber attack and report its findings. The Chinese government has repeatedly denied it has anything to do with hacking.


The Chinese military is afraid wearables will reveal its secrets
Next Gov
05/11/15

China’s military has warned troops and the wider public that network-connected wearable devices pose a national security risk when used by military personnel.the PLA and militaries the world over are probably less afraid of intentional acts like photographing and distributing classified information, and more worried about the passive data collection and transmission happening on these devices. The PLA’s warning says that fitness trackers and watches, if compromised, could send data on soldiers’ locations, movements, and even health conditions to whoever has gained access, and is a sign wearable tech is on the list of cyberwar battlefields, alongside email inboxes and USB drives.


China tightens cybersecurity controls to limit foreign spying
ZDNet
05/08/15

China has proposed a fresh wave of cybersecurity legislation to tighten its grip on the county's information technology structure and further localize the use of tech products. China has included cybersecurity as an important element of a draft national security law. The document proposes tighter controls on the country's information technology structure in response to US intelligence agency surveillance.


What does China-Russia 'no hack' pact mean For US?
Dark Reading
05/11/15

Russia and China on May 8 signed a pact agreeing not to hit one another with cyberattacks. Experts agree, however, that the countries don't actually have any intention of ceasing their cyberespionage campaigns against each other. They say that the agreement instead is political posturing intended to send a message to the United States and its allies, though they differ slightly on what that message is, what motivated Russia and China to send it, and what it means for the U.S.


Russia and China from cyber alliance
SC Magazine
05/11/15

Russia and China signed a cyber security agreement May 8 saying that neither would launch cyber attacks against the other.Under the terms of the pact, the two nations will work together to combat technology that may “destabilize the internal political and socio-economic atmosphere,” texts of the agreement on the Russian government website said. The two nations will also share law enforcement information and security technologies.


Cybersecurity Market Report
Cybersecurity Ventures
05/15

This quarterly Cybersecurity Market Report looks at a wide array of cybersecurity market issues, including market sizing and industry forecasts from consolidated research by IT analyst firms, emerging trends, employment, the federal sector, hot companies on the Cybersecurity 500 list, notable M&A, investment and IPO activity and more.


Dept. of Veteran Affairs takes on increasing number of cyberthreats
Fed Tech
05/11/15

In March, the Department of Veterans Affairs agency blocked 1.19 billion malware instances and 358 million intrusion attempts, numbers that show sharp increases from February. VA Department CIO Stephen Warren said the agency is buckling down on “continuous monitoring technology, reinforcing external network connections, and security training.” Warren would like to see an increased budget for cybersecurity, and he’s hopeful that more collaboration with other federal agencies could yield some key insights on taking on cybersecurity threats.


DOJ guidance offers tips for cyber incident response
Federal Times
05/11/15

Attorney General Loretta Lynch said she will focus on investigating and prosecuting cyber crimes and stressed the need for law enforcement to work with the private sector to achieve true cybersecurity. To help meet the challenge, the Dept. of Justice (DOJ) announced the release of a new guidance document outlining best practices for companies developing a response plan or reacting to a breach. DOJ developed the guidance as a means of helping the private sector keep up with the changing landscape of cyber crime and plans to continuously revise it as a living document.


NSA chief wants action on stalled cyber bills
The Hill
05/11/15

Passing legislation to increase the public-private exchange of data on hackers is one of the most important ways Congress can help the country thwart cyberattacks, National Security Agency Director Adm. Michael Rogers said May 11.A pair of threat-sharing bills passed the House by wide margins last month, but the Senate’s companion legislation appears stalled until lawmakers determine whether to reform the NSA’s surveillance authority.


Gulf leaders want cyber assurances from Obama
The Hill
05/11/15

Leaders and delegates from the Gulf Cooperation Council — which includes Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates — plan to push President Obama for better cybersecurity cooperation during a May 14 summit at Camp David. The request is part of a broader security guarantee U.S. Gulf allies are seeking as they warily eye the rise of extremist threats in the region and the near-complete nuclear talks with Iran that would lift sanctions on the country.


U.S. makes new push for global rules in cyberspace
Politico
05/05/15

The U.S. government has launched an all-out diplomatic push to impose peacetime international rules of the road on cyberspace. Officials have been promoting the idea of guidelines for acceptable nation-state cyber behavior in conferences and bilateral meetings across the globe for several months. Now, in the most significant move to date, the U.S. government has formally proposed a slate of such peacetime cyber “norms” to a United Nations body — norms that U.S. military and civilian officials pledge to honor and think other nations ought to live by too.


Satellite to the first responder rescue
Signal
05/01/15

Emergency management agencies throughout the U.S. are seeking technology to make networks more resilient, and satellite connectivity is considered key toward that objective, experts say. Some jurisdictions are employing broadband and satellite systems on their own while others await the development of the First Responder Network Authority (FirstNet), created in 2012 by Congress to be part of the National Telecommunications and Information Administration (NTIA). FirstNet would acquire a nationwide broadband data network for the nation’s local, state and federal first responders: police, fire departments and emergency medical services.


Commercial IT fuels DoD information environment
Armed With Science - The Official DoD Science Blog
05/11/15

Defense Department Chief Information Officer Terry Halvorsen is leading a charge to modernize the department’s information technology-cyber enterprise using every available tool, especially those in commercial markets, a defense official in the CIO’s office said. David A. Cotton, acting deputy CIO for information enterprise, recently spoke about how DoD is leveraging the power of commercial IT to give its workforce access to information at the point of need.


4 takeaways from the Pentagon’s new cyber strategy
Fed Tech
05/07/15

Defense Secretary Ash Carter unveiled a new cybersecurity strategy for the Pentagon last month, the first significant revision of the Defense Department’s cybersecurity strategy since it was issued in 2011. The new strategy focuses on a number of key areas, including cyber-related research and development, increased collaboration with technology leaders in Silicon Valley and stronger partnerships with the Department of Homeland Security (DHS). While the policy, which you can read here, touches on several major issues, here are four key takeaways from it and a handful of other announcements Carter made on April 23.


Can the Navy maintain cyber power projection?
C4ISR & Networks
05/11/15

In November 2012, the U.S. Navy produced a document titled Navy Cyber Power 2020. The objective was to create and sustain an advantage in cyber domain, a very tall order given the rapid and continuous change that is taking place in offensive and defensive cyber operations. Defining the future capabilities is necessary for dominance in cyber power projection and is an extremely challenging undertaking. There is little doubt that this requires a true commitment and long-term funding.


Army’s top cyberwarrior talks collaboration at University of Washington
Government Technology
05/06/15

Lt. Gen. Edward Cardon, chief of the Army's Cyber Command, was part of a University of Washington-Tacoma forum on cybersecurity that drew several hundred participants from military, local government agencies, academia and the private sector. They spent a day looking for ways they might collaborate to protect critical infrastructure from potentially crippling network attacks. UWT has been a home for those discussions in recent years, anchored by a growing cybersecurity program it developed in response to recommendations from the National Guard.


US cyber chief says hackers to 'pay a price'
Defense News
05/11/15

The US strategy of "deterrence" for cyber attacks could involve a wide range or responses, potentially including the use of conventional weapons, the nation's top cyber warrior said May 11.Adm. Michael Rogers, who heads the US Cyber Command as well as the National Security Agency, told a Washington forum that the idea of cyber deterrence is evolving but that there are many ways to get that message across. "Because an opponent comes at us in the cyber domain doesn't mean we have to respond in the cyber domain," 
Rogers said.


Pentagon frets over China's cyber capabilities
FCW
05/08/15

Offensive operations are increasingly a flash point in one of the world's most important bilateral relationships in cyberspace. In an annual report to Congress published May 8, Defense Department officials expressed pointed concerns about China's pursuit of offensive cyber capabilities. The report came a week after China's defense ministry objected to what it said was the offensive nature of the Pentagon's cyber strategy.


Joint Force headquarters changes defense networking
Signal
05/01/15

The Defense Department, facing an increase in defensive cyber operations, now has the command and control it needs to wage those actions on its information network. The Joint Force Headquarters Department of Defense Information Network consolidates efforts that previously were dispersed among the services and organizations, and agencies and services now will take orders and direction from the Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN). This also applies to agencies within the U.S. Cyber Command (CYBERCOM) that have been a part of this work in the past.


Juniper research: Cybercrime to cost businesses $2.1 trillion by 2019
Signal
05/11/15

A new study from Juniper Research (U.K.) suggests that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, almost four times the estimated cost of breaches in 2015. The study finds that the majority of these breaches will come from existing information technology and network infrastructure. While new threats targeting mobile devices and the Internet of Things (IoT) are being reported at an increasing rate, the number of infected devices is minimal compared to traditional computing devices.


5 solutions for when IoT mixes with biometrics
Computer Business Review
04/27/15

The Internet of Things (IoT) will redefine identity management using biometrics to unlock bank apps, email accounts but also cars, homes and personal health databases. By 2016, IoT will drive device and user relationship requirements in 20% of new identity and access management (IAM), with new biometrics to emerge in a key role. In this, CBR investigates how biometrics will reshape IoT and user experience.

Healthcare data breaches from cyberattacks, criminals eclipse employee error for the first time
Dark Reading
05/07/15

A new Ponemon Report reveals just how hot healthcare data is for hackers, as cybercriminals and nation-state actors are targeting healthcare organizations for their valuable data. The report finds that cyberattacks and physical criminal activity now have officially surpassed insider negligence as the main cause of a data breach in healthcare organizations. Close to 45% of all data breaches in healthcare are due to criminal activity such as cybercriminal and nation-state hacks, malicious insiders, and physical theft, a 125% increase in such activity over the past five years.


ICS-CERT issues advisory on Hospira infusion pump flaws
SC Magazine
05/06/15

Last year, news surfaced that the Department of Homeland Security was investigating suspected flaws in medical devices and hospital equipment – and now, one of the rumored devices under inspection has been found vulnerable to remotely exploitable bugs. DHS' Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has published an advisory, noting that version 5.0 and prior of LifeCare PCA Infusion System was impacted by an improper authorization flaw and an insufficient verification of data authenticity vulnerability.


Google says mobile now dominates search
Computer World
05/06/15

Google now gets more search queries from mobile devices than it does from PCs. A company executive also says that more Google searches take place on mobile devices than on computers in 10 countries including the U.S. and Japan.The news about mobile search overshadowing desktop searches means we've officially entered a "mobile-first" world, according to Zeus Kerravala, an analyst with ZK Research.


Russia and China to collaborate on information security
SC Magazine
05/06/15

Russia's government has approved a draft agreement with China which will see the two countries cooperate on international information security, a government website reported. "The agreement's purpose is to offer legal and organizational bases for cooperation between Russia and China in international information security," according to TASS. "The agreement lists basic threats, offers directions, approaches, forms and mechanisms of cooperation in the sphere."


CFTC views cybersecurity and data integrity as top priorities; may issue regulations
Data Protection Report
05/04/15

Cybersecurity has recently become a high priority issue at the US Commodity Futures Trading Commission (CFTC) – the agency overseeing designated contract markets, swap execution facilities, derivatives clearing organizations, swap data repositories (SDRs), swap dealers, futures commission merchants, commodity pool operators and other derivatives market participants. CFTC staff has indicated that the Commission is considering a rule that would impose cybersecurity obligations aimed at markets and clearing organizations, but not at banks or other market participants.


Agency CIOs need to Be aware of the dangers of consumer tech
Next Gov - Tech Insider
05/07/15

While the benefits of IT consumerization are real, the “impedance mismatch” between consumer and enterprise requirements remains a constant source of risk and uncertainty for IT managers. In this context, the old saying retains all of its relevance: “Let the buyer beware.”


New military chief is 'strategist,' not cyber expert
The Hill
05/05/15

President Obama’s pick to become the nation’s next top military officer, Marine Gen. Joseph Dunford Jr., bucks a recent trend of cyber-focused appointments. “He’s not a cyber expert,” said Peter Metzger, a former CIA intelligence officer and Marine who served with Dunford on four occasions. “But he doesn’t need to be.”Cyber military specialists believe the Obama administration is seeking an operational expert and relationship builder, not a technological savant, to carry out Defense Secretary Ashton Carter’s recently unveiled cyber vision.


Guard, Reserve are X factors in cyber plans
FCW
05/07/15

The National Guard and Reserves are underutilized resources and represent a “huge treasure” in the Pentagon’s development of a cyber force, Defense Secretary Ashton Carter told the Senate Appropriations Defense Subcommittee. The Pentagon's recently released 2011 cyber strategy said the Reserve component “offers a unique capability for supporting each of DOD’s missions, including for engaging the defense industrial base and the commercial sector...It represents DoD’s critical surge capacity for cyber responders.” The Army National Guard, for one, plans to establish 10 new cyber protection teams over the next three fiscal years.


US Navy cyber launches strategic plan
Defense News
05/07/15

The commander of US Navy Cyber announced a five-year strategy, and like the Pentagon's cyber strategy announcement two weeks earlier, acknowledged the dire need for talented workers with the skills to fend off the nation's foes. Vice Adm. Jan Tighe, who assumed command of Fleet Cyber Command/10th Fleet a year ago, said the US Navy is strengthening its ability to defend against intrusions, launch offensive cyber weapons and field 40 cyber mission teams — a task that is halfway done.


Navy rolls out new five-year cyber strategy
Federal News Radio
05/07/15

The Navy has marked the five-year anniversary of its Fleet Cyber Command by rolling out a new cyber strategy to carry it through the next five. The plan is organized around five big-picture priorities, each of them accompanied by tasks the service says it needs to complete within the next 18 months. Navy leaders view the 18-month benchmarks as important because they will provide verifiable, measurable markers of whether their evolving cyber capabilities are actually delivering progress in defending service networks from adversaries and turning cyber into a weapon system that can be used by combatant commanders around the world, alongside or in place of bombs or missiles.


Navy's new cyber strategy prioritizes threats
FCW
05/06/15

Nearly two years after Iranian hackers poked holes in the Navy’s cyber defense, the service’s cyber command has released a five-year strategy that tries to ensure that never happens again -- or at least minimizes the damage when it does. Vice Adm. Jan Tighe, the head of the command and architect of the strategy, wants what any head of a large enterprise would: awareness of network vulnerabilities. But the unique vastness of the networks she is charged with defending has made that situational awareness elusive, so the new strategy sets out to give the Navy a common operating picture in cyberspace by deploying more sensors and other network tools.


Air Force CIO describes requirements nightmare
FCW
05/05/15

Updating the IT architecture of the Air Force’s Air Operations Centers, the levers of command and control for the service’s air, space and cyberspace operations, is a requirements nightmare that has stalled because of a lack of resources, according to Lt. Gen. William Bender, the service's chief information officer.Bender described the AOC upgrade as an unsavory blend of cost constraints and "requirements creep," in which various people involved in the project have proffered requirements for it. Another Air Force official in the CIO office said the new architecture will help the cybersecurity of the AOCs by enabling information sharing across systems and applications.


Navy, Marine Cyber fought off all net attackers since 2013
Breaking Defense
05/06/15

When Iran hacked the Navy-Marine Corps Intranet in fall 2013, it shook up the sea services’ approach to cybersecurity. Thanks to that new vigilance, their networks have fended off every subsequent attack, the head of Navy Cyber Command said.That doesn’t mean no one breached any portion of any Navy or Marine Corps network, Vice Adm. Jan Tighe told reporters, saying, “What we’re talking about is an actual operation, not that initial penetration.”


Newly disclosed US cyber-terrorism strategy: Attacking to defend
The Source
04/29/15

A new Defense Department cybersecurity strategy indicates the Pentagon will be actively using cyber-attacks to defend against foreign threats.  The move comes after several attacks that penetrated both US government and corporations by several key countries last year, and the decision to go public with the matter is in hopes of deterring attacks according to the documentation.


Mobile threats on the rise, Q1 2015 report shows
SC Magazine
05/06/15

Some of the most noteworthy findings in the Kaspersky Lab “IT Threat Evolution Report for Q1 of 2015” involve mobile devices. In the first quarter of this year, Kaspersky Lab saw 3.3 times as many new malicious mobile programs in Q1 2015 than it did in the final quarter of last year.


Companies are falling behind on securing their SAP environments
CIO
05/06/15

More than 95 percent of SAP systems deployed in enterprises are exposed to vulnerabilities that could lead to a full compromise of business data, a security firm claims. Onapsis, a Boston-based company that specializes in SAP security audits, also found that the average time-to-patch for SAP vulnerabilities is more than 18 months—12 months for SAP to issue fixes and 6 months for companies to deploy them.This suggests that many companies are falling behind on SAP security, even though these systems hold some of their most critical and confidential information.


Cyber attacks aren't just targeting big business
Help Net Security
05/06/15

A new survey found that 81% of small business owners believe cybersecurity is a concern for their business, and that 31% of small businesses have experienced a cyber-attack or attempted cyber attack. However, despite these concerns, less than half (42%) of survey respondents have invested resources in cybersecurity protection in the last year.Additionally, 70% of small business owners do not believe the federal government is doing enough to combat cyber-attacks and an overwhelming majority (83%) would support federal tax incentives or grants to small businesses that invest in cybersecurity measures.


Army opens its training network to non-CAC access
Defense Systems
05/06/15

The Army has made it easier to access its primary website for training information, allowing soldiers to log in with a username and password without requiring a Common Access Card. The move opens up the Army Training Network to access via smartphones and tablets that don’t have CAC readers. Despite the associated security concerns with opening access, Army Chief of Staff Gen. Ray Odierno directed the move as a way to ensure the widest possible access to authoritative training information. To ameliorate security concerns, the Army’s Training Management Directorate made a few changes to the network, such as segregating information that was For Official Use Only, which was only available to CAC card users.


An exit interview with Jeremy Grant, NSTIC director and NIST's lead on digital identity
Fierce Government IT
05/04/15

Jeremy Grant left the National Institute of Standards and Technology April 30 after spending the last four years leading an effort to improve digital identity management nationwide. Grant's office and a public-private partnership called the Identity Ecosystem Steering Group are tasked with the real-world implementation of the White House's National Strategy for Trusted Identities in Cyberspace, an initiative to create trust online. Grant had been the director of the NSTIC program office since it was stood up in 2011. In an interview, he discussed recent developments with NSTIC, the program's biggest accomplishments and some challenges that lie ahead. 

The cyber gold rush
The Christian Science Monitor – Passcode
05/03/15

While California’s Silicon Valley is the technology capital of America, cities and states across the country are now vying to dominate the next big economic frontier – the booming market for securing what actually lies within the nation’s electronic networks.From California to Texas to Florida, public and private groups are positioning themselves to win millions in federal contracts and from venture capital firms. Some are going to extraordinary lengths to build what they call “a cybersecurity ecosystem.” As an example, economic and business organizations in Virginia, Maryland, and the District of Columbia are competing with each other, but one expert says they should band together.


State CIOs see rapid shift to the cloud
Government Technology
05/02/15

Reservations that state IT leaders once had about putting government systems in the cloud are fading fast. State CIOs interviewed at a recent conference are aggressively adopting cloud-based services, with some saying they intend to run anywhere from half to almost all of traditional data center infrastructure on hosted platforms within the next few years.


Report: To aid combat, Russia wages cyberwar against Ukraine
NPR
04/28/15

A new report by security firm Lookingglass charges that the Russian military is waging a sustained cyber campaign against Ukrainian military and law enforcement agencies. The purpose is to extract a steady stream of classified documents that can aid violence and on-the-ground combat.


China blames hacking attack for recent Internet problems
Reuters
05/01/15

A hacking attack using malware from overseas servers was to blame for Internet problems in China earlier this week that prevented users accessing a number of popular foreign websites, an official state-run newspaper said. The English-language China Daily, citing the National Computer Network Emergency Response Technical Team Coordination Centre, an agency that monitors China's Internet safety, said the redirection happened because some servers in China were "contaminated" by malware from overseas servers.


New guidance from the SEC: Cyber security best practices
JD Supra
05/04/15

On April 28, 2015, the U.S. Securities and Exchange Commission’s Division of Investment Management (the “Division”) issued a Guidance Update to investment and fund advisers on the topic of improving cyber security. While it is titled only as “Guidance”, firms and individuals who are subject to SEC regulations should pay close heed to the spirit, if not the letter of the cyber security best practices discussed in the Update.


FBI cyber boss gets bigger portfolio
FCW
05/04/15

The FBI has given one of its top cyber officials a new assignment. Joseph Demarest, who had been assistant director of the bureau’s cyber division since 2012, is now associate executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch.The new position, created by FBI Director James Comey, expands Demarest’s portfolio beyond cybersecurity to include criminal investigations, incident response and international operations.


GAO knocks SEC on info security, password management
Federal Times
05/04/15

A review of procedures at the Securities and Exchange Commission showed, among other deficiencies, a lack of information security, particularly around maintaining baseline cybersecurity standards, password settings and network services, according to a new report from the Government Accountability Office. At the base of the issue is a failure to update the agency's configuration baselines — the set of standards for managing access and control within networks.


Could big data fix government’s cyber problem?
Next Gov
04/28/15

A new study points to “big data analytics” as a potential savior to cybersecurity strategies across government, with 86 percent of those cybersecurity professionals polled stating “big data would significantly improve” their organizations cybersecurity posture. But employing big data as a tool in a cybersecurity arsenal is not as simple as flipping a switch.


U.S. CIO Tony Scott: OMB's draft FITARA guidance aims to advance IT reform
Federal News Radio
04/30/15

The much-anticipated guidance to reform how agencies buy and manage information technology is littered with words such as "shall," "must" and "all" to underscore the importance and expectations of not just federal chief information officers, but everyone across the CXO landscape. But the one underlying message from OMB in the 31-page draft guidance to implement the Federal IT Acquisition Reform Act (FITARA) is the mistakes made 20 years ago will not be repeated. OMB released the draft guidance April 30 for public comments. The comment period will remain open until May 30, but OMB wants substantive remarks in the first two weeks of May so it can refine the document as it goes along.


CYBERCOM to outsource $475 million worth of offense and defense work
Next Gov
05/01/15

The emerging Pentagon division that coordinates military cybersecurity and cyberattacks is asking private contractors to help finish standing up the Cyber Command. Among the tasks to be assigned under a request for proposals are support for eavesdropping to detect threats and assistance with repelling hacks equivalent to an armed attack against the nation. The potentially five-year contract is capped at $475 million and covers nearly 20 task areas, according to the new performance work statement.


Air Force setting up separate Silicon Valley office
FCW
05/01/15

A week after the Defense Department announced it would open an office in Silicon Valley, the Air Force says it is following suit and is already setting up a California office designed to “rapidly turn technologies toward operational capabilities,” Air Force CIO Lt. Gen. William Bender said May 1.Given that Bender has had an Air Force liaison in Silicon Valley building relationships with academia for a year, “I didn’t see fit to wait on” getting it set up, he said. The new Air Force cell in Silicon Valley will complement the Pentagon office there, he added.Solidifying a presence in Silicon Valley is Bender’s latest move to shake up the Air Force’s approach to IT since becoming CIO in September.


The Pentagon's risky offensive cyberstrategy
The Christian Science Monitor - Passcode (opinion)
05/01/15

While the Pentagon's new cybersecurity strategy puts more weight on striking back against criminal or nation-state hackers, a more effective way to deter attacks may be through diplomacy, law enforcement, and sanctions.


Marine Corps cyber task force stood up, will report to Commandant this summer
U.S. Naval Institute News
04/28/15

The Marine Corps Cyber Task Force stood up in late April to create courses of action to address manpower, organizational, acquisition and other problems for cyberspace operations. Marine Corps Commandant Gen. Joseph Dunford had addressed offensive and defensive cyber operations when he released his commandant’s planning guidance in January, which sparked an operational planning team to look at framing the Marines’ cyber problem. Dunford followed up with additional guidance asking for a cyber task force during an executive offsite, and the resulting task force will take the problem-framing and create courses of action to improve Marine Corps cyber operations.


DOD's cyber evolution, four years later
Defense Systems
04/29/15

The Defense Department has released a much-needed update its 2011 Strategy for Operating in Cyberspace. The new version, while hitting on many of the same general points—information sharing, bolstering alliances in the cyber realm and protecting DOD infrastructure, to name a few—clearly reflects the evolution and escalation of threats and cyberspace operations over the last four years.


Virginia delegation urges Air Force to locate cyber operations squadron at Joint Base Langley-Eustis
Augusta Free Press
04/29/15

Sens. Mark R. Warner (D-VA) and Tim Kaine (D-VA) along with Reps. Scott Rigell (R-VA-2), Bobby Scott (D-VA-3), Gerry Connolly (D-VA-11), Rob Wittman (R-VA-1), and Randy Forbes (R-VA-4), have renewed their bi-partisan request that the Air Force Space Command strongly consider locating a Cyber Operations Squadron (COS) at Joint Base Langley-Eustis (JBLE). The Air Force is considering potential locations for as many as four Cyber Operations Squadrons, and site locations are widely expected to be announced sometime this summer.


Not just for law enforcement anymore: The evolution of biometrics
Secure ID News
05/04/15

In the past 40 years, fingerprint science has moved from examiners studying ink-stained sheets with magnifying glasses to Automated Fingerprint Identification Systems (AFIS), which use computer systems and software to pull up possible matches. This does not remove the human aspect as examiners still compare the actual fingerprint image to the AFIS-selected matches.