• National Guard units help states ward off cyberattacks

    Governors across the United States are mobilizing their states’ National Guard units to combat threats from cyberattacks. The state of Washington was the first state to assign the state’s National Guard cybersecurity responsibilities. The state recognized the potential of its National Guard as a cyberforce when it realized that many of its soldiers, who are full-time employees and part-time soldiers, worked for tech employers such as Google, Boeing, Cisco, Verizon, and Microsoft.

  • Quantum encryption for wiretap-proof communication a step closer

    Polarized light, in which all the light waves oscillate on the same plane, forms the foundation for technology such as LCD displays in computers and TV sets, and advanced quantum encryption. There are two ways to create polarized light, but each has its problems: filtering normal unpolarized to block unwanted light waves (but here, half of the light emitted, and thereby an equal amount of energy, are lost), or using light which is polarized at the source (but here, polarization is either too weak or hard to control). Now there is a better way: By emitting photons from a quantum dot at the top of a micropyramid, researchers are creating a polarized light source with a high degree of linear polarization, on average 84 percent. As the quantum dots can also emit one photon at a time, this is promising technology for quantum encryption, a growing technology for wiretap-proof communication.

  • Two Israeli startups with innovative cybersecurity solutions raise combined $25 million

    Two Israeli cybersecurity startups, launched by veterans of the IDF technology units, announced that, separately, they had raised a combined $25 million from investors. Adallom’s solution accumulates users’ behavioral data in order to protect databases. It monitors how software applications like the customer relationship management program Salesforce, Google apps, and Microsoft Office 360 are used, and protects data security. Aorato’s solution watches for suspicious usage of employee credentials – for example, multiple guessing attempts. “2013 showed the world the risks of advanced threats in parallel to the implications of insiders’ access to sensitive corporate data,” Aorato’s CEO Idan Plotnik noted, referring to the Edward Snowden’s leaks of secret government information.

  • National cyber complex to open next to Ben-Gurion University of the Negev campus

    A new national cyber complex called CyberSpark will open at the Advanced Technology Park (ATP) which is located next to Ben Gurion University of the Negev. Fortune 500 companies Lockheed Martin and IBM announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders Deutsche Telekom, EMC, RSA, and many startups. The 15-building ATP is the only type of complex of its kind in the world that includes Fortune 500 companies and cyber-incubators, academic researchers, and educational facilities as well as national government and security agencies. The CyberSpark will also include a high school geared toward science and technology.

    • view counter

  • Cal Poly unveils ambitious cybersecurity educational initiative

    Cal Poly, with a grant from the Northrop Grumman Foundation, has established a Cybersecurity Center, opened a new cyber lab, and is developing a cybersecurity curriculum with an ambitious set of goals in mind: educating thousands of students in cybersecurity awareness and readiness; producing experts in cyber technologies and systems, including many professionals who will serve the military and defense industry; and graduating cyber innovators who are prepared for advanced study and applied research in emerging cyber issues.

  • House approves $447 for Cyber Command

    The House of Representatives approved a fiscal 2014 stop-gap budget last Monday (it approved to full spending bill on Wednesday), which allocates $447 million to the Defense Department’s Cyber Command. This is more than twice the $191 million budget for Cyber Command in 2013.

    • view counter

  • NERC’s critical infrastructure protection standards ambiguous, unclear: analysts

    In January 2008, to counter cybersecurity threats to critical infrastructure assets such as bulk electricity supply (BES), North American Electric Reliability Corp.’s (NERC) launched its Critical Infrastructure Protection (CIP) standards for BES cybersecurity. The NERC-CIP is marked by uncertainties and ambiguous language, raising concerns in the industry and among industry observers as companies try to enforce the standards. “Industry now screams for a defined control set with very specific requirements that don’t permit subjective and ambiguous interpretations,” comments one analyst.

  • Cybersecurity isn’t all about doom and gloom

    Much is made in the press of the devastating effects that weak cybersecurity is having on the economy in the United Kingdom and globally. The threat is compounded by a significant skills shortage. The U.K. government thinks the problem is so severe that it has identified cybersecurity as a Tier 1 national security threat and invested 860 million pounds to defend the country’s digital shores. What all this means is that there is money to be made from cybersecurity and small businesses should not fear it but embrace it. The business opportunities are boundless in cybersecurity. One area that is promising in this sense is the move towards smart cities. As the infrastructure around us, such as traffic lights and utilities becomes more regularly controlled via computers, market opportunities emerge

  • New Silicon Valley focus on cybersecurity

    The last time Silicon Valley focused on cybersecurity was in the 1990s. That focus saw the emergence of two giants: McAfee and Symantec. The two companies remain the most recognizable household names, thanks to their traditional firewall and anti-virus products. Now they find the arena which they thought was their own encroached from two sides. On one side there are tech giants like Hewlett-Packard and Cisco Systems, which see new revenue opportunity in cybersecurity. On the other side there is a rush of start-ups backed by large investments of venture capital.

  • Cyberweapons to defend electricity's perimeter

    Cyber war, cyber terror, and cyber crime target all manner of operations and, by design, cannot be detected until they have already done their damage. Nobody is immune to such attacks, and particularly target-rich environments include government bodies and critical power industries such as bulk electricity supply (BES). Hackers and cyberdefenders clash just outside of, at, or inside an organization’s electronic security perimeter (ESP). To counter such threats, a bulk electricity solution — North American Electric Reliability Corp.’s (NERC) Critical Infrastructure Protection (CIP) standards regarding BES cybersecurity — was launched in January 2008 through Federal Energy Regulatory Commission (FERC) oversight. How effective is the use of cyberweapons in protecting electricity’s perimeter?

  • EU issues new manual for defending ICS against cyberattacks

    ENISA, the EU’s cybersecurity agency, has issued a new manual for better mitigating attacks on Industrial Control Systems (ICS). ICS support vital industrial processes primarily in the area of critical information infrastructure such as the energy and chemical transportation industries, where sufficient knowledge is often lacking. As ICS are now often connected to Internet platforms, additional security preparations must be taken. ENISA says that the new guide provides the necessary key considerations for a team charged with ICS Computer Emergency Response Capabilities (ICS-CERC).

  • Cybersecurity Manhattan Project needed

    On a daily basis, cyberattacks successfully steal U.S. intellectual property and military weapons plans, disrupt banking systems operations, and gain access to personal information which is supposed to be secure. The question: What it will take to harness America’s resources to push the country into developing effective national cyberdefense capabilities? Should it take another 9/11? Experts say that the whole must be greater than the sum of its parts. Power grid cyberattack exercises, increased cyberwarrior staffing at U.S. Cybercom, and the authorization of preemptive cyberattacks by Presidential Policy Directive 20 are individually good steps. But where is the whole? The unifying call to action? The United States may not be able to have another Manhattan Project, but it should be able to develop a Manhattan Project mentality, one which is orchestrated and executed by the U.S. cybersecurity czar or perhaps the DHS.

  • DHS struggling to respond to cybersecurity threats: IG

    A recent reportby DHS inspector general (IG) has documented the agency’s struggle to respond to cybersecurity threats and its inability to disseminate information about threats because of technical, funding, and staffing challenges.

  • Making cybersecurity a political issue

    U.S. federal agencies have reported a dramatic rise in the number of cyberattacks over the past few years, with reported cyber incidents rising from 5,503 in 2006 to 48,562 in 2012. Since cyber incidents pose such a threat to national security and infrastructure, could cybersecurity become a political campaign issue? Experts say that if politicians were to focus their attention, and their constituents’ attention, on cybersecurity, the United States could be made safer from cyberattacks before a “cyber Pearl Harbor” – or a “cyber 9/11” – occurs.

  • IID raises $8 million to scale shared cyberintelligence offering

    Despite the growing danger posed by cybercrime, information vital to stemming the tide is fragmented across the Internet today. Pockets of data about threat activity are siloed within the repositories of individual enterprises, government organizations, vendor networks, and research institutions. IID’s ActiveTrust enables enterprises and government agencies to combat the rising frequency and sophistication of cyberattacks by sharing cyber incident data in real time. IID has raised $8 million in Series A funding from Bessemer Venture Partners (BVP), and said it will use the investment to accommodate growing demand for ActiveTrust.