bnv.fnr.search/tags;tile=1;pos=top;sz=728x90;ord=
6:35 am, July 28, 2014

Search Result

Search Tags:  Cyber

Federal Cyber Security Education and Training

Cyber attacks are a growing vulnerability for our homeland security and broader national interests - and federal employees are on the front lines. In fact, Politico recently reported that Congress and other government agencies face an average of 1.8 billion cyber attacks per month. Both the number of attacks and their sophistication continue to increase at an alarming rate.

In many instances, the key to successfully combating an attack is stopping it at its entry point, which is often the unsuspecting federal employee. For example, the Politico report pointed out that "…attacks are increasingly focused on infiltrating application software on Hill staffer computers…,"noting:

    In the last five months of 2009, 87 Senate offices, 13 Senate committees and seven other offices were attacked by spear-phishing attacks, which appeared as e-mail messages to staffers urging them to open infected attachments or click on bad links.
It is critical that federal employees understand the possible types of cyber attacks in order to guard against them. Creating an awareness of cyber threats is only the beginning. Addressing a persistent and evolving threat requires persistent and evolving training. A number of key elements are required for any near-term or long-term cyber security training effort to succeed.
  • Cyber security must be an agency priority. Cyber security education and training are much like any other agency initiative: if leadership indicates that something is a priority, agency employees will take action. Agency leadership must make it clear that cyber security education and training are a priority, model the behavior they ask of their employees, and dedicate resources to address the problem and its solution. If they do so, federal employees will respond accordingly.
  • Education and training must be continuous. Hackers, terrorists, and other bad cyber actors do not wait for reporting requirements or other compelling organizational issues to decide when to attack - they just do. Education and training efforts should be ongoing, consistently updated, and test employees' understanding of the topic on a regular basis. Agencies must be as persistent and agile in their training as cyber attackers are in their efforts to do harm.
  • All agency employees must be included in training. All agency employees, and their contractors, are vulnerable to cyber attacks. No grade level is too high or too entry-level to be excluded from standard education and training.
  • Reporting and accountability measures must be implemented. Accountability mechanisms should be used to not only identify those personnel who have or have not received cyber security training, but also on how well they retain the information they have learned. The use of cyber security quizzes or other mechanisms to test the workforce's cyber knowledge provide a quantitative measure of the effectiveness of the training program as well as targeting specific personnel or subjects for deeper training.


  • The techniques used to attack information networks and exploit information are quickly evolving to the point where it is almost impossible to distinguish intrusion activity. The federal government must use an educated workforce on the cyber threat as a force multiplier as part of its cyber security strategy. Individual employees and agencies must share the responsibility for anticipating and preventing cyber attacks from succeeding.

    Tags: technology , Trusted Advisor Blog , Cybersecurity , cyber , congress , Senate , Politico

    Friday - 03/19/2010, 05:28pm EDT

The non-profit Bipartisan Policy Center

The non-profit Bipartisan Policy Center recently hosted Cyber ShockWave - a live, mock cyber attack against the nation. The exercise simulated the government's response to a cyber crisis with former Cabinet and national security experts acting as presidential advisors in the fictional drill. The exercise highlighted the dangers of cyber-terrorism and the government's preparedness to respond to such an attack.

Tags: technology , Trusted Advisor Report , Bipartisan Policy Center , cyber , Cyber-terrorism

Thursday - 02/18/2010, 05:38pm EST

Google, the NSA, and the increasing Interdependence between the Public and Private Sectors

Hackers, terrorist organizations, cyber criminals, and nation states routinely target government and corporate entities for financial gain, military intelligence, warfare, and sometimes just for notoriety and fame. Government agencies and corporations have traditionally addressed this threat independently, but the evolution of cyberspace has changed the rules. A unified front between the private and public sector has become more critical to combat these cyber threats.

The public and private sectors are becoming increasingly interdependent - the operation of our nation's critical infrastructure, including the national power grid, transportation systems, and communication networks, depends upon the ability of public and private sector networks to share information via cyberspace. Likewise, our nation's economic superiority is predicated on our ability to maintain competitive advantages in capital markets. Our enemies are not only looking for ways to exploit vulnerabilities in our critical infrastructure, but they are also increasingly looking for ways to steal our private sector's intellectual property in order to weaken our economic standing and gain an advantage in the global economy.

Google's disclosure of "sophisticated" cyber attacks on its infrastructure reportedly originating in China offers a good example. The Washington Post recently reported that Google and the National Security Agency (NSA) are forming an alliance "to better defend Google - and its users - from future attack." Putting the agreement in place will enable the NSA and Google to share critical information to analyze the attack without violating privacy laws or policies. This alliance will help Google better defend its intellectual property critical to our nation's economy while providing NSA key insight into the attack methods and motives of the attackers.

The need for such partnerships is certain to grow and will most likely extend to organizations that are not as large and resourced as Google but are just as critical to the strength of our nation's economy. Our adversaries are using similar attack methods to compromise systems across both sectors but they have not effectively partnered to share threat intelligence or early warning indicators. A formal partnership between the private and public sector allows the country to develop a unified and coordinated approach to defending our nation's assets.

Tags: technology , Trusted Advisor Blog , Google , NSA , hacker , terrorist , cyber

Thursday - 02/18/2010, 05:31pm EST

New alliance in the battle for cybersecurity

There is a new alliance in the battle for cybersecurity. Though neither side has confirmed it, The Washington Post recently reported that Google has asked the NSA to help investigate the mid-December cyber attack against its networks "to better defend Google - and its users - from future attack." This partnership demonstrates the increasing interdependencies between the public and private sector in defending against cyber threats.

Tags: technology , Trusted Advisor Report , Cybersecurity , Google , NSA , cyber

Wednesday - 02/17/2010, 04:44pm EST

Intelligence Community's annual threat assessment

Dennis Blair, Director of the Office of National Intelligence, delivered the Intelligence Community's annual threat assessment to Congress last week. Cyber threats topped the list with the Director describing malicious cyber activity as occurring on an "unprecedented scale with extraordinary sophistication" and citing network convergence and channel consolidation as increasing vulnerabilities.

Tags: technology , Trusted Advisor Report , intelligence , congress , cyber

Wednesday - 02/17/2010, 04:42pm EST

Cyber Command

As the Defense Department's proposed Cyber Command awaits confirmation hearings on its proposed commander, the services are moving forward to establish their own cyber organizations. Vice Admiral Barry McCullough reported for duty on January 29th as Commander of the newly reconstituted 10th Fleet, officially standing up the U.S. Navy's Fleet Cyber Command.

Tags: technology , Trusted Advisor Report , DoD , cyber , Barry McCullough , Navy

Wednesday - 02/17/2010, 04:39pm EST

Virtual Identity and the Growth of Cyber Crime

Thursday, December 17th, 2009 at 2:05pm

In the growing on-line world of quick and unmonitored transactions and communications, virtual identities have become common elements of people's daily lives creating limitless opportunities for criminals to recruit, launder their money, and communicate under the cloak of anonymity. A panel of leading government experts discuss the way that our adversaries use these systems and how organizations can better prepare for the threats they are facing. From a commercial, law enforcement and security perspective, panelists will explain the scope of the problems and the potential benefits that can be derived from new social media

Tags: technology , Booz Allen Distinguished Speaker Series , Virtual Identity , cyber , crime , James A. Lewis , Dr. Reobert E. Young , Roy D. Dotson , Secret Service , Department of Homeland Security , Gary Cubbage , Booz Allen Hamilton

Monday - 12/07/2009, 02:38pm EST
Listen

Information Security vs Cyber Threats

Tags: security , cyber , hackers

Friday - 04/03/2009, 07:43pm EDT
  •  
  • 5