• U.S. Air Force plans to add 1,000 new cybersecurity personnel

    Budget cuts notwithstanding, the U.S. Air Force plans to add 1,000 new personnel between 2014 and 2016 as part of its cybersecurity units. The 24th Air Force at Joint Base San Antonio-Lackland, Texas is home to the U.S. Air Force cyber command. With a budget of about $1 billion and a staff of roughly 400 military and civilian personnel, the command oversees about 6,000 cyber defense personnel throughout the Air Force.

  • NERC’s critical infrastructure protection standards ambiguous, unclear: analysts

    In January 2008, to counter cybersecurity threats to critical infrastructure assets such as bulk electricity supply (BES), North American Electric Reliability Corp.’s (NERC) launched its Critical Infrastructure Protection (CIP) standards for BES cybersecurity. The NERC-CIP is marked by uncertainties and ambiguous language, raising concerns in the industry and among industry observers as companies try to enforce the standards. “Industry now screams for a defined control set with very specific requirements that don’t permit subjective and ambiguous interpretations,” comments one analyst.

  • NIST's cybersecurity framework for infrastructure

    Company which are managing critical infrastructure in the United States and disregard the Preliminary Cybersecurity Framework, issued by the National Institute of Standards and Technology (NIST) in late October, do so at their own peril. The framework is now in its final comment stage and due to be released in mid-February. It lays out a set of comprehensive but voluntary cybersecurity practices.

  • EU issues new manual for defending ICS against cyberattacks

    ENISA, the EU’s cybersecurity agency, has issued a new manual for better mitigating attacks on Industrial Control Systems (ICS). ICS support vital industrial processes primarily in the area of critical information infrastructure such as the energy and chemical transportation industries, where sufficient knowledge is often lacking. As ICS are now often connected to Internet platforms, additional security preparations must be taken. ENISA says that the new guide provides the necessary key considerations for a team charged with ICS Computer Emergency Response Capabilities (ICS-CERC).

    • view counter

  • Federal IT spending to exceed $11 billion by 2018

    A new report from Delteks, contracted spending on cybersecurity will continue to grow from nearly $9 billion in FY2013 to $11.4 billion in FY2018, driven by multiple initiatives aimed at improving the overall cybersecurity posture of federal agencies. Persistent threats, complex and evolving policy issues, and changing technologies highlight ongoing cyber-workforce shortages to drive investments despite constrained federal IT funding.

  • Cybersecurity Manhattan Project needed

    On a daily basis, cyberattacks successfully steal U.S. intellectual property and military weapons plans, disrupt banking systems operations, and gain access to personal information which is supposed to be secure. The question: What it will take to harness America’s resources to push the country into developing effective national cyberdefense capabilities? Should it take another 9/11? Experts say that the whole must be greater than the sum of its parts. Power grid cyberattack exercises, increased cyberwarrior staffing at U.S. Cybercom, and the authorization of preemptive cyberattacks by Presidential Policy Directive 20 are individually good steps. But where is the whole? The unifying call to action? The United States may not be able to have another Manhattan Project, but it should be able to develop a Manhattan Project mentality, one which is orchestrated and executed by the U.S. cybersecurity czar or perhaps the DHS.

    • view counter

  • Cyber Gym in Israel trains cyber-defenders

    A group of IT and infrastructure companies in Israel have teamed up to launch Cyber Gym.The facility, inaugurated this month by Israel Electric Corp. (IEC), will train participants to defend against cyber attacks.When Sivan Shalom,  Israel’s Infrastructure and Energy Minister, was asked whether Israel was more concerned about a physical or a virtual attack, he said: “I think the future battle will be in cyberspace.”

  • NSA, DHS partner with academia to train next generation cyber specialists

    Universities across the United States have partnered with the NSA and DHS to prepare the next generation of cybersecurity professionals in anticipation of growing and more serious cyberattacks on the United States. Nearly 200 schools are designing new academic programs to attract more students to the growing field of cybersecurity, and with NSA and DHS as partners, the universities are preparing students for important roles in securing the nation’s digital infrastructure.

  • Cyberattacks more serious domestic threat to U.S. than terrorism: FBI

    The heads of the Federal Bureau of Investigation(FBI), Department of Homeland Security(DHS), and National Counterterrorism Center(NCTC) have declared cyber attacks as the most likely form of terrorism against the United States in the coming years. “That’s where the bad guys will go,” FBI director James Comey said about cyberterrorism. “There are no safe neighborhoods. All of us are neighbors [online].”

  • Hundreds of cyber specialists to compete at NetWars Tournament of Champions

    SANS Institute’s NetWars Tournament of Champions will be held in Washington, D.C., in mid-December. Hundreds of the brightest security professionals from around the world will compete with each other in order to determine who has the best skills in tackling cyber security challenges.

  • U.K. launches cyberwarfare reserve force

    U.K. defense secretary Philip Hammond announced that the Ministry of Defense (MoD) has begun this month to recruit the country’s top IT specialiststo join the Joint Cyber Reserve Unit (JCRU). “In response to the growing cyber threat, we are developing a full-spectrum military cyber capability, including a strike capability, to enhance the U.K.’s range of military capabilities,” Hammond said.

  • Cyberweapons likely to be an integral part of any U.S.-Syria clash

    A U.S.-led military attack on Syria may have been averted, at least for a while, by the Russian proposal to negotiate the transfer of Syria’s chemical weapons stocks to international control, but had the United States gone ahead with a strike, there is little doubt that cyberattacks would have been used by both sides. If the United States decides to attack Syria in the future, we should expect cyberweapons to be used.

  • U.S. “black budget” reveals unwieldy bureaucracy, misplaced priorities: expert

    Classified budget figures and successes and failures by American intelligence agencies, exposed for the first time this week by the Washington Post, show a massive bureaucracy with misplaced priorities, according to a cybersecurity and privacy expert. “The major failure identified in all of the post-9/11 assessments was a ‘failure to connect the dots,’” the expert said. “Nevertheless, the vast majority of the black budget is being spent on data acquisition — collecting more dots — rather than analysis.”

  • Lawmakers mull oversight of U.S. cyberattack capabilities and operations

    There has not yet been a public discussion of U.S. offensive cyberattack capabilities — and of actual U.S. cyberattacks — and the subject had been classified until a few years ago. Even after the subject came more into the open, only the fact that the United States had the capability to initiate offensive cyberattacks was acknowledged. With the growing attention to cyber operations – both defensive and offensive — the question of oversight is set to follow.

  • Former Pentagon No. 2 suspected of being source of Stuxnet leaks

    The Justice Department has informed Gen. (Ret.) James E. “Hoss” Cartwright that he is the target of an investigation into the leaking of a secret U.S.-Israeli cyber campaign to slow down Iran nuclear weapons program. The four-star Marine Corps general served as deputy chairman of the Joint Chiefs of Staff and was part of President Obama’s inner circle on many important national security issues before retiring in 2011.