Challenge

now browsing by tag

 
 

Up for a new challenge | #schoolshooting | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

GREENVILLE — Height, competitiveness and a willingness to learn. At right, Tatum Johnson signs her letter of intent to join the rowing team at Michigan State University. Johnson committed to […]

The post Up for a new challenge | #schoolshooting | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Ways government, industry can overcome a perpetual challenge

Source: National Cyber Security – Produced By Gregory Evans

A congressional report recommended that the federal government takes several measures to improve its intelligence sharing relationship with industry through policy reviews and joint collaboration platforms.

The report, created by the Cyberspace Solarium Commission (made up of government and nongovernment cyber experts), presented 75 cyber policy recommendations, including the recognition that information sharing is a perpetual challenge both between feds and private industry and agencies within the federal government.

The report suggests that Congress direct the executive branch to undergo a six-month review of intelligence policies, procedures and resources to identify pieces that inhibit the intelligence community to effectively share information.

“It needs to be done better in terms of higher level of collaboration [at] more senior levels between and among the government and private sector,” said Tom Gann, chief public policy officer at McAfee.

To start, the report calls on the federal government to create a “systemically important critical infrastructure” designation that would allow operators of that infrastructure to receive special assistance from the government to secure their systems.

The information sharing relationship between the government and industry needs to include more contextualized information, Gann said, which provides greater insight into the overall threat environment. Industry doesn’t need to know just that there’s new malware and who sent it, but also what organizations and senior leaders of actors might be involved, as well as motivations.

“It’s building as complete of a picture as you can of a threat environment on a day-to-day basis … which is so important,” Gann said.

There are some efforts within the federal government focusing on improving intelligence sharing with private industry. The Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security works with private and public sector partners to protect critical infrastructure. Another effort at the NSA’s Cybersecurity Directorate is focusing on intelligence sharing with the Defense Industrial Base.

To further those efforts, the report also suggests Congress fund the creation of a “Joint Collaborative Environment,” which would host both classified and unclassified cyberthreat information, malware forensics and network data. The platform would share information with other federal agencies and owners of “important” critical infrastructure, and eventually expanding to intelligence sharing and analysis centers, and a larger swath of critical infrastructure operators. The commission also proposed a Joint Cyber Planning Cell to coordinate cybersecurity planning efforts with the private sector.

The report also recognizes that U.S. government doesn’t know how to best serve the private sector with intelligence collection. In order to mitigate that, the report recommends that the Congress mandate a “formal process to solicit and compile private-sector input to inform national intelligence priorities, collection requirements, and more focused U.S intelligence support to private-sector cybersecurity operations.”

The private sector was a critical piece of the commission’s three-pronged, layered deterrence strategy it recommended. Strengthening the feds’ relationship with the critical infrastructure operators was a key aspect of the report, as demonstrated by the participation of Tom Fanning, CEO of Southern Company, a utility company.

To further that relationship, the federal government and different cybersecurity providers, such as telecom and end-point security companies, may want to explore what it would look like to partner with the federal government and allow it to actively block malicious activity, said Michael Daly, chief technology officer for cybersecurity and special missions at Raytheon.

“I think there would be a benefit to us at least investigating that as an option — how could we use public-private partnerships to do more active blocking?” Daly said.

Daly added, “If we know that’s a malicious site, let’s not let our citizens go to it.”

Source link

The post #nationalcybersecuritymonth | Ways government, industry can overcome a perpetual challenge appeared first on National Cyber Security.

View full post on National Cyber Security

NSF #investments aim to #address growing #cybersecurity challenge

Source: National Cyber Security – Produced By Gregory Evans

NSF #investments aim to #address growing #cybersecurity challenge

Today, the National Science Foundation (NSF) announced $74.5 million in funding for foundational research and education that aims to address the growing cybersecurity challenge. This investment, through the NSF Secure and Trustworthy Cyberspace (SaTC) program, is critical to achieving a safe, secure, resilient and trustworthy cyberspace, including associated critical infrastructure such as the energy grid and transportation systems.

“The Secure and Trustworthy Cyberspace program is poised to strengthen our nation’s competitive edge through safer and more secure cyber systems, and to develop the knowledge base that will lead to a well-trained cyber workforce,” said Jim Kurose, NSF assistant director for Computer and Information Science and Engineering (CISE). “Safeguarding cyberspace requires a wealth of expertise from many disciplines, and we are especially excited about the interdisciplinary, highly collaborative nature of this portfolio across a wide range of research areas.”

The SaTC program aims to maximize the growing economic and societal benefits of computing and communication systems by ensuring their security and privacy. While this goal may seem simple at the surface, securing cyber systems and maintaining information privacy has proven quite challenging. The interplay of system vulnerabilities and human behaviors and motivations has resulted in countless instances of attacks, damage and unauthorized access, costing billions of dollars annually in recent years.

“The cutting-edge research in these proposals investigates not only technical solutions to cybersecurity but also the critically important element of people and their behavior,” said Fay Cook, assistant director for Social, Behavioral and Economic Sciences (SBE).

To address this challenge, NSF is issuing 214 awards to researchers to pursue a broad range of research areas, including access control and identity management, cryptography, intrusion detection, human interaction and usability, network topology and other areas. NSF’s SaTC investment spans activities that further foundational research, nurture a capable, next-generation cyber workforce, and accelerate the transition of research innovations to practice and useful products.

This year’s awards build upon a long history of innovations that have resulted from previous NSF funding of cybersecurity and privacy research, including encryption algorithms that form the basis for all electronic commerce; tools that detect software bugs; and methods that enable identification of the technological, economic and social vulnerabilities underlying spam email and other cybercrime.

Among the awards being announced are the following three large projects with budgets ranging from $1.4 million to $3 million each over five years:

  • Viaduct: A Framework for Automatically Synthesizing Cryptographic Protocols, Andrew Myers, Cornell University

This project will explore how to bridge the gap between the security goals of software developers and the lower-level functionality for end users offered by hardware and cryptography protocols.

  • Accountable Information Use: Privacy and Fairness in Decision-Making Systems, Anupam Datta, Carnegie Mellon University

This project is investigating how to ensure data privacy and fairness in automated systems that determine decisions and actions that affect people’s lives.

  • Investigating the Susceptibility of the Internet Topology to Country-level Connectivity Disruption and Manipulation, Amogh Dhamdhere, University of California, San Diego

This project is developing methodologies to identify potential weaknesses in the topology of the internet infrastructure, and to quantify the potential impact if attackers were to compromise these critical elements.

Other awards focus on the cybersecurity workforce, including pilot programs for new instructional materials and professional development for teachers.

Reflecting the interdisciplinary nature of cybersecurity, the SaTC program is led by NSF’s CISE Directorate, in collaboration with the directorates for Education and Human Resources (EHR), Engineering (ENG), Mathematical and Physical Sciences (MPS), and Social, Behavioral and Economic Sciences (SBE).

The program also includes a partnership with the Semiconductor Research Consortium (SRC), focused on the security of hardware systems.

The awards announced today are part of a portfolio of approximately $160 million invested in cybersecurity research and education across the agency in Fiscal Year 2017.

The post NSF #investments aim to #address growing #cybersecurity challenge appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Main #cybersecurity #management #challenge? People, but simple #tech can help

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Alissa Johnson doesn’t hesitate when asked whether people or technology is the harder-to-crack cybersecurity management challenge. It’s people, the Xerox Corp. CISO told SearchCIO at Gartner Symposium/ITxpo in Orlando, Fla., earlier this month. “You can tell technology exactly what you want it to do, and it’s […] View full post on AmIHackerProof.com | Can You Be Hacked?

WannaCry ransomware was the biggest challenge of the year, says cybersecurity centre

Source: National Cyber Security – Produced By Gregory Evans

The WannaCry ransomware attack was the biggest test of the year for the UK’s new cybersecurity body. The National Cyber Security Centre’s (NCSC) annual review marks a year since it started work, although it was officially opened in February. In those 12 months, the NCSC says 1,131 cyber incidents have…

The post WannaCry ransomware was the biggest challenge of the year, says cybersecurity centre appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacking IoT not really a challenge

Hacking IoT not really a challengeSource: National Cyber Security – Produced By Gregory Evans The Cyber Security Challenge has had its latest Face 2 Face (F2F) competition in Manchester. The event was sponsored by NCC Group and saw attendees challenged to break into a number of IoT devices. There were 24 players in all who were split across five teams. […] View full post on AmIHackerProof.com | Can You Be Hacked?

WikiLeaks ‘hacked’ as OurMine group answers ‘hack us’ challenge

Source: National Cyber Security – Produced By Gregory Evans

WikiLeaks suffered an embarrassing cyber-attack when Saudi Arabian-based hacking group OurMine took over its web address. The attack saw visitors to WikiLeaks.org redirected to a page created by OurMine which claimed that the attack was a response to a challenge from the organisation to hack them. But while it may…

The post WikiLeaks ‘hacked’ as OurMine group answers ‘hack us’ challenge appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Random number generation poses hacker challenge

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans The best way to protect sensitive systems from hackers is to use a cryptographic key. For this lock to work it needs to use numbers chosen at random without any structure. This is difficult but a new system is at hand. To communicate in secret a […] View full post on AmIHackerProof.com | Can You Be Hacked?

IT security faces huge challenge, says hacker ‘Mafiaboy’

Source: National Cyber Security – Produced By Gregory Evans Michael Calce’s parents knew there was “something rather unique” about him when he was five years old, he says. Handed a computer with unlimited internet access as a child, the Montreal-raised Calce is the infamous as “Mafiaboy”, who in February … The post IT security faces […]

The post IT security faces huge challenge, says hacker ‘Mafiaboy’ appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Connected car technology vulnerabilities tested in Cyber Security Challenge

Source: National Cyber Security – Produced By Gregory Evans

Connected car technology vulnerabilities tested in Cyber Security Challenge

Amateur hackers have tested how to penetrate a car rental company’s IT system through a third-party Internet-connected device installed in one of its vehicles. The scenario, enacted as part of the Cyber Security Challenge 2017, saw six groups of aspiring …

The post Connected car technology vulnerabilities tested in Cyber Security Challenge appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures