Everything you need to know about Army’s cyber strategy

Stephanie Melonicybersecurity, DOD, ArmyBy Stephanie Meloni, consultant

With more than $8 billion requested in cyber-specific funding across the Department of Defense for FY19, cyber is top of mind for DOD leadership. It’s no secret the Army has struggled with protecting and strengthening its networks, and there are numerous modernization programs in the works that fall outside of higher-profile items like WIN-T for the tactical network.

One overarching program that will be vital to the Army’s cyber operations will Defensive Cyber Operations (DCO). This is a relatively new office that was stood up in early 2017 at the Army’s Program Executive Office for Enterprise Information Systems (PEO EIS).

Read more of this post

Government’s answer to cybersecurity is the most simple and most complicated

Lloyd McCoy Jr.cybersecurity, information sharingBy Lloyd McCoy, DOD manager

The key to tackling cybersecurity threats in government is a simple lesson most of us learned in preschool: how to share.

Information sharing among federal departments could be the answer to combating cyberattacks. But the big question is whether the Department of Defense and other agencies can share enough.

Read more of this post

How tech companies can step up after latest ransomware attack

Lloyd McCoy Jr.By Lloyd McCoy Jr., DOD manager

Most of us are still reeling from the turmoil brought on by the WannaCry malware last weekend. While most of you reading were not directly affected, the global scale of the ransomware attack cannot be ignored. Even though our federal, state and local governments were spared the brunt of the attacks, they are, by no means, immune to the dangers posed by ransomware.

Some sectors of government are more vulnerable than others and so the IT industry, particularly those companies specializing in anti-ransomware solutions, should be aware of these distinctions.

Read more of this post

When deception is a good thing

Silhouette of a hacker with binary codes on background

nick-mirabile-resized2By Nick Mirabile, director of cybersecurity

In 2013, a pro-Assad group known as the Syrian Electronic Army hacked into the Associated Press’ Twitter account and broadcast a fake report about explosions at the White House. It caused the Dow Jones industrial average to drop nearly 150 points, erasing $136 billion in market value.

This is cyber deception in action. Cyber attackers have long embraced deception with tactics such as social engineering help-desk employees to install Trojans or obtain users’ credentials. If deception can be used to attack, can it also be used in cyber defense?

Read more of this post

3 Areas States and Localities Need Help With the Election

Rachel Eckertelectronicvoting_092216By Rachel Eckert, SLED Consultant

The presidential election is Nov. 8, giving states and localities less than 50 days to get their voting machines ready. The preparations are not quite as mundane and routine as in previous elections, however, as reports circulate that the machines are susceptible to hacking. States are taking steps to ensure that votes cast this election are accounted for and protected.

The problem has been with electronic voting machines. They can be easy to hack and if they don’t leave a paper trail as votes are cast, then there can be significant problems.

Read more of this post

Malware Threats Growing and Becoming More Complex

Mohamad Elbarasse_headshot_7-23-2013_For WordPressby Mohamad ElbarasseAnalyst

The United States Computer Emergency Readiness Team, or US-CERT, within the National Protection and Programs Directorate at DHS, recently released its inaugural edition of a series of annual reports on cybersecurity trends. The US-CERT Security Trends Report: 2012 in Retrospect identifies the most prevalent malware, the means by which it entered a network or device and what the infected device was used for in 2012. Cybersecurity vendors should take heed to what the report calls out as the “single biggest conclusion” that can be drawn from the data and analysis presented in the report, which is that the prevalence of malware is growing and it is becoming more complex.  Cybersecurity is one of the few growth areas in Federal IT and the better informed you are of the current threats to government networks and devices, the better you’ll be able to sell your solution.

Data was collected from both public and private sources, including DHS’ EINSTEIN system, and showed that about 8% of consumer grade users experienced a malware infection in 2012, with one in five of those infections caused by the user clicking and installing the malicious software. The most common way malware was introduced to a device was through vulnerabilities in programs such as Microsoft Office, Adobe Reader, and Java. The majority of these infections could have easily been avoided by practicing proper patch management. Updates for vulnerable programs are released regularly and if your software is not up-to-date, your device is still at risk.

Topping the malware prevalence charts is Sality, at 56% prevalence, with Zeus (and its 26 identified variants) following closely at 54%. Sality has been used to relay spam, proxy communications, exfiltrate data, and carry out Distributed Denial of Service (DDoS) attacks to name a few of its uses, while Zeus has been utilized to compromise financial and banking transactions all over the world.

To get an idea of how much the federal government intends to spend on beefing up their cybersecurity posture, let’s take a look at where they want to spend their cybersecurity dollars. Below is a table of the FY14 and FY13 budget numbers that are tied to specific Business Reference Model (BRM) categories across federal government agencies. As you can see, the majority of cybersecurity related BRM categories are seeing an increase in requested dollars in FY14, though, since we are currently operating under a Continuing Resolution (CR), agencies will likely receive amounts closer to that of FY13 numbers. The FY14 numbers are still informative in that they reveal the federal government’s priorities in terms of where they want to spend the most money, even if they don’t get all that they asked for. Though we probably won’t see a full budget, we will likely have an omnibus spending bill that will break some agencies out of the CR cycle that we have been experiencing.

Budgeted Cyber Spending by Business Reference Model (BRM) Category

BRM Category Sum of Total IT Spending
FY14 ($ M)
Sum of Total IT Spending
FY13 ($ M)
Threat and Vulnerability Management



Continuity of Operations



Data Integrity and Privacy Management



Continuous Monitoring



Access Control



Identification and Authentication



Incident Response



System and Network Monitoring



Data Recovery



Grand Total



%d bloggers like this: