Category Archives: Cybersecurity

NDIA’s seventh Trusted Microelectronics Workshop

NDIA is pleased to offer our seventh workshop designed to identify ways in which Trusted Microelectronics can contribute to greater systems security and information assurance. In this event we plan to continue the dialogue between government and industry on the challenges for comprehensive supply chain security management and program protection at the microelectronics level. With participation from both government and industry, our workshops have provided an effective forum for direct discussions of the challenges faced by policy makers, program managers, systems developers, and supply chain managers.

More at NDIA

Advertisements

What’s Really Inside? – Semiconductor Engineering

Concern is growing that devices of all types, including military hardware, may contain extra circuits or malicious code.

via Semiconductor Engineering .:. What’s Really Inside?.

Defense.gov News Article: Carter Unveils New DoD Cyber Strategy in Silicon Valley

Defense Secretary Ash Carter today unveiled the Defense Department’s second cyber strategy to guide the development of DoD’s cyber forces and to strengthen its cyber defenses and its posture on cyber deterrence.

via Defense.gov News Article: Carter Unveils New DoD Cyber Strategy in Silicon Valley.

DoD preparing to release new cyber strategy — C4ISR&Networks

Officials at the Defense Department in the coming days will release a new cyber strategy that “will guide DoD’s activities in cyberspace in defense and support of U.S. national interests,” according to one official.

More at C4ISR&Networks.

In the cyber domain, US ready to take offense — Defense Systems

Is the U.S. ready to go on offense in the cyber domain? It is certainly taking incremental steps in that direction. Exclusively focusing on defensive measures will not deter malicious behavior such as theft of intellectual property or manipulation of data, Adm. Michael Rogers, commander of U.S. Cyber Command and the director of the National Security Agency, said at the AFCEA Cybersecurity Technology Summit in Washington today. According to Rogers, the United States right now is reacting rather than acting.

More at Defense Systems.

How to protect the IT supply chain from cyber attacks | Information Age

There is no doubt that the global IT security threat landscape has evolved over the last decade, with governments and big businesses increasingly becoming the targets of cyber attackers. … The problem is that any IT product can include tainted or counterfeit components, which may include vulnerabilities that can leave them wide-open for cyber attacks.  ... What is needed is a way of identifying trusted providers, component suppliers (hardware and software), integrators and resellers, so that customers know who is following the best practices and with whom they should partner. …”

More at Information Age.

U.S. Joint Chiefs drafting military cyber standards | Reuters

The chief U.S. weapons tester said on Tuesday he was working with the Joint Chiefs of Staff to draft military requirements to address widespread cyber vulnerabilities in nearly every arms program and military command. …

Moe at Reuters.

Pentagon to focus more on hack-proofing weapons — Reuters

Cyber attacks on U.S. weapons programs and manufacturers are a “pervasive” problem that requires greater attention, the top U.S. arms buyer said Thursday, saying that he would add cybersecurity to the Pentagon’s guidelines for buying weapons.

“It’s about the security of our weapons systems themselves and everything that touches them. It’s a pervasive problem and I think we have to pay a lot more attention to it,” Defense Undersecretary Frank Kendall told Reuters after a speech to the American Society of Naval Engineers in Washington. …

More at  Reuters.

Implementing the NIST Cybersecurity Framework in Light of Evolving Threats

Luncheon with the Distinguished Speaker:

  • Donna Dodson, Chief Cybersecurity Advisor for NIST

Panel Discussion:

  • Donna Dodson, Chief Cybersecurity Advisor for NIST
  • Matthew Scholl, Deputy Division Chief, Computer Security Division, NIST
  • Liam Randall, CEO, Critical Stack
  • Steve Mace, National Cable & Telecommunication Association
  • Dr. Mark Tehranipoor, Director, CHASE and CSI Centers, University of Connecticut

 

Moderator:

Dr. Laurent Michel, Associate Director, CSI Center, University of Connecticut

Co-Sponsors:
Center for Hardware Assurance, Security and Engineering (CHASE), University of Connecticut
Comcast Center of Excellence for Security Innovation (CSI), University of ConnecticutSchool of Engineering, University of Connecticut

 

“Systems engineering framework for cyber physical security and resilience”

“As our infrastructure, economy, and national defense increasingly rely upon cyberspace and information technology, the security of the systems that support these functions becomes more critical. Recent proclamations from the White House, Department of Defense, and elsewhere have called for increased resilience in our cyber capabilities. The growth of cyber threats extends well beyond the traditional areas of security managed by Information Technology software. The new cyber threats are introduced through vulnerabilities in infrastructures and industries supporting IT capital and operations. These vulnerabilities drive establishment of the area of cyber physical systems security. Cyber physical systems security integrates security into a wide range of interdependent computing systems and adjacent systems architectures. However, the concept of cyber physical system security is poorly understood, and the approach to manage vulnerabilities is fragmented. As cyber physical systems security is better understood, it will require a risk management framework that includes an integrated approach across physical, information, cognitive, and social domains to ensure resilience. The expanse of the threat environment will require a systems engineering approach to ensure wider, collaborative resiliency. Approaching cyber physical system security through the lens of resilience will enable the application of both integrated and targeted security measures and policies that ensure the continued functionality of critical services provided by our cyber infrastructure.”

Systems engineering framework for cyber physical security and resilience
Daniel DiMase, Zachary A. Collier, Kenneth Heffner, Igor Linkov

Advertisements