Cybersecurity

  • Stuxnet\'s inability to stay stealthy may be fall-out from a failure to hit its intended targets last year.

    October 04, 2010
  • Harris Corporation has introduced a highly customizable USB thumb drive that quickly extracts targeted data from computers. The BlackJack™ is designed for military, intelligence, and law enforcement cyber security missions, where speed, stealth and accuracy are paramount considerations.

    October 01, 2010
  • Congressman Jim Langevin (D-RI) has introduced the Strengthening Cybersecurity for Critical Infrastructure Act, which would allow the Administration to create a more robust set of regulations for the information systems that control our critical infrastructure.

    October 01, 2010
  • National Cybersecurity Awareness Month officially kicks off today. In coming weeks, federal officials are expected to launch a number of public programs to raise awareness of the importance of securing the nation\'s computer networks for both government and private industry. But some officials also are using it as an opportunity to ask, \"Where will the cybersecurity workers of tomorrow come from?\"

    October 01, 2010
  • Participants will also learn how to use the Internet safely and and prevent identity theft.

    September 30, 2010
  • A U.S.-led, global exercise in cybersecurity preparedness and response is expected to wrap up in the next 24 hours. The scenario is helping seven agencies, 11 states, 12 nations and 60 private sector companies prepare for major cyber attack.

    September 30, 2010
  • A draft policy obtained by Federal News Radio details new cybersecurity requirements for more than 1,500 buildings owned by GSA\'s Public Building Service. GSA wants to standardize how facility control systems connect to GSA\'s network. The document builds on work already being done under HSPD-12.

    September 30, 2010
  • Federal Security Spotlight examines the stand-up of the new DoD Cyber Command, to be lead by General Keith Alexander. This week, we bring you a portion of a House Armed Services Committee hearing where Alexander testified. September 30, 2010

    September 29, 2010
  • The General Services Administration is drafting new rules for improving cybersecurity. Federal News Radio\'s Jason Miller joined DorobekINSIDER with details and reaction to the policy.

    September 29, 2010
  • Prepare for the worst…and hope for the best. This unofficial mantra of the emergency preparedness and response community also applies to cyber preparedness. This week seven federal agencies, 11 states, 12 international partners, and 60 private sector companies are doing just that: preparing for the worst in cyberspace. These organizations are all participants in Cyber Storm III, a global cybersecurity preparedness exercise led by the U.S. Department of Homeland Security. By the end of the week, these organizations will have responded to a fictionalized cyber threat scenario designed to test their individual and collective capabilities to respond to cyber attacks and the National Cyber Incident Response Plan (Interim Version, September 2010). Federal cyber preparedness has never been more important. The threat to federal information assets and networks is diverse, persistent, and growing. In recent testimony before the U.S. House of Representatives, General Keith Alexander, Commander of the U.S. Cyber Command, stated that U.S. Department of Defense networks are \"probed roughly 250,000 times an hour\" and characterized the \"…shift toward operationalizing cyber tools as weapons to damage or destroy\" as a \"great concern to us at Cyber Command.\" The National Cyber Incident Response Plan states: Preparedness activities, including establishing common situational awareness in a common operational picture, are shared responsibilities across Federal, State, Local, Tribal, and Territorial governments and the private sector. This week\'s Cyber Storm III exercise will provide new insight into our federal agencies\' cyber preparedness. As agencies identify lessons learned from the exercise and begin to make improvements to address areas of weakness, they should do so through a framework addressing the following elements: Governance: bringing together the mission, policies, architectures, and organizational alignment to establish the who and what for risk management strategies. Risk management: establishing risk tolerance thresholds and implementing the technologies and processes that will assess, prioritize, and monitor risk on a continual basis. Compliance: ensuring the organization maintains a cyber security posture compliant with federal laws, regulations, guidelines, and standards with the ability to demonstrate sound risk management strategies when scrutinized by internal and external auditors and Inspectors General. Operations: designing, implementing, and monitoring security controls at the operational and tactical levels to include the ability to adequately respond to, withstand, and remediate cyber attacks. General Alexander described the new approach needed for cyber deterrence by paraphrasing General Sun Tzu\'s The Art of War: \"we must understand the cyber environment and, the capabilities of our adversaries, and our own abilities.\" By evaluating federal cybersecurity programs through this framework, agencies can better understand their capabilities and live up to their shared responsibility for cyber preparedness.

    September 29, 2010
  • Microsoft has issued an out-of-band security update, blocking ongoing attacks against a flaw in the ASP.NET web application framework that can cause poor encryption implementations.

    September 29, 2010
  • Twitter and Facebook users beware: Spam is on the rise. Hackers and spammers are looking for security holes in the social networking sites, USA Today reports.

    September 28, 2010
  • $1.2 billion contract awarded to build a 1.5 million square foot data center for NSA. The facility will also provide technical assistance to the Homeland Security Department to protect federal civilian agency networks.

    September 28, 2010
  • The CIC helps enable the delivery of cyber-risk solutions by providing a collaboration space dedicated to fusing the ideas, services and technologies required to address the nation\'s toughest cybersecurity challenges.

    September 28, 2010
  • DHS kicked off a global exercise to test the capabilities of the government, other nations and the private sector, in dealing with a possible attack on computer networks. The week-long test asks participants to deal with a scenario where the attack takes down the Web.

    September 28, 2010