July 31, 2018 — Mission assurance is the primary responsibility of all within the Department of Defense (DoD) and ultimately is Commander’s business. It is imperative in today’s rapidly changing information environment that Commanders understand how each of their primary missions is dependent on the operational platform for information for mission success. Having a comprehensive operational understanding of the cybersecurity readiness and capabilities of their information networks; including their ability to identify vulnerabilities and protect against threats, is as essential as understanding physical terrain in a kinetic operation. This involves a complete, end-to-end analysis of the information environment with an understanding of its technology, processes, and people. With that perspective, operational commanders can make informed choices on risk to their missions and implement means to continue operations in the face of an adversary determined to disrupt them. MORE
|
July 31, 2018 — Cyber defense is on an unsustainable trajectory. Thanks to freely distributed and automated attack tools, cheap labor in countries from which attacks are launched, and stolen computing resources assembled into botnets, the cost of cyber-attack is estimated to be one-tenth to one-one hundredth the total cost of cyber defense.
MORE
|
July 31, 2018 — In this article, we discuss the threat component of the risk to information systems. We review traditional cyber threat models, then present a technical characterization of the cyber threat along ten dimensions. We cross-reference an industry analysis of the Stuxnet threat to illustrate our thinking and conclude with an outline of the threat model application to the development of Cyber Red Books™. MORE
|
July 31, 2018 — Cyberspace threats are real and growing. Worldwide cybersecurity trends and implications support these assertions: 97% of organizations analyzed in 63 countries have experienced a cyber breach; 98% of applications tested across 15 countries were vulnerable; in 2014, threat groups were present on a victim’s network a median of 205 days before detection; $7.7M was the mean annualized cost of cyber crime across 252 global, benchmarked organizations in 2015; and 60% of enterprises globally spend more time and money on reactive measures versus proactive risk management.[1][2][3][4][5] “Every conflict in the world has a cyber dimension,” testified ADM Michael Rogers, Commander of U.S. Cyber Command and Director of the National Security Agency, before the House Armed Services Committee in March 2015.[6] These facts, and the increasing acknowledgement regarding the importance of cyberspace on operations, place organizational leaders under immense pressure to make sound cybersecurity investment choices. Cybersecurity has truly become a political, military, economic, social, information, infrastructure, physical environment, and time concern for senior leaders. MORE
|
July 31, 2018 — This paper presents a disciplined approach to cyber risk assessment in distributed information systems. It emphasizes cyber vulnerability assessment in the architecture, specification and implementation—the knowledge of us—as a vital first step in estimating the consequence of information compromise in critical national security systems. A systematic methodology that combines information flow analysis and Byzantine failure analysis allows assessing the effects of information integrity compromises and the development of a Blue Book to guide cooperative Blue Team testing. The analysis of system vulnerability extends to cyber threats—the knowledge of them—leading to the development of a Red Book to inform adversarial Red Team testing. The paper concludes with a notional case study that illustrates this approach. MORE
|
July 31, 2018 — This paper focuses on how the dynamic speed of change and the compression of time in cybersecurity move individuals and organizations out of their comfort zones. This often results in forcing faulty decision-making generated by an enhanced dependence on untested assumptions. The counterbalance to this behavior begins by recognizing a key truism: within every decision lies an assumption. Equipping your cyber team with the mechanisms and tools to identify and properly challenge these assumptions drives better decision-making and new opportunities to successfully defend, attack, and adapt in the cyber battleground. MORE
|
July 31, 2018 — The current path to national cybersecurity hides a fatal design flaw. Resident within the current national approach is the assumption that we can continue business as usual with limited sharing between the public and the private sector, the creation of information sharing and analysis centers, the National Cybersecurity and Communications Integration Center, and a range of ad hoc local, state and federal organizations each addressing a slice of a complex and highly interconnected environment. The result is a lack of integrated coordination, continued hacks, and a public increasingly weary of all things cyber. We are approaching the current challenge as if we are living in August of 2001, ignorant and oblivious to the tragedies just over the horizon. All the while the private sector treats each incident in isolation, highly focused on their slice of a broader digital ecosystem. MORE
|
July 31, 2018 — In the early 1990s, a then-nascent al-Qaeda took steps to redefine both the nature of conflict and the nature of ideological foundations for waging war. The United States military deployment to the Middle East following the Iraqi invasion of Kuwait drove Osama bin Laden to deviate from both defined Islamic theology and fiqh (Islamic jurisprudence) and take a more ‘guerilla’ approach to combating what he saw as US aggression. Bin Laden deviated from both religion and traditional conventions of war to declare US Troops, supporting contractors, Arab troops, and even fellow Muslims and non-combatant villagers as enemies of al-Qaeda—should they prove to be obstacles to al-Qaeda’s goals of regional control and hegemony. MORE
|
July 31, 2018 — The key systems and networks that are colloquially referred to as cyberspace constitute a set of critical assets that enable communication, promote economic growth and prosperity, advance the cause of freedom globally, and help ensure US national security and that of our allies. At the same time, cyberspace has become a digital battleground where nation-states and their proxies, organized criminal groups, terrorists, hacktivists, and others seek to gain an advantage over one another, whether through surveillance and espionage, criminal activity, recruitment, planning, and incitement to attacks, and the repression of free speech and expression. MORE
|
July 31, 2018 — The challenges of ever growing and ever changing Big Data are broad and far-reaching, particularly in the cyber-defense domain. The task of analyzing and making sense of this data is difficult, and only getting worse. We propose that by democratizing data science and making it accessible to everyone, we can expand the breadth and depth of analytics available to a point where we can potentially meet the challenges of Big Data. MORE
|