Navy boosts funding for air operations and flight hours in new budget request

On the same subject

• 

  October 2, 2018 | International, C4ISR

  Happy new (fiscal) year! Feds want more electronic warfare and cybersecurity tools

  By: Justin Lynch As the new federal fiscal year begins, cybersecurity analysts and industry leaders predict that electronic warfare and managed services will top the U.S. government's priority list to improve cybersecurity during the next fiscal cycle. Lockheed Martin, one of the five major cybersecurity contractors for the federal government, told Fifth Domain that they are focusing on signals intelligence and electronic warfare in the new year, which began Oct. 1. Cybersecurity and electronic warfare “can disrupt, deny, degrade, deceive and destroy adversaries' electronic systems,” Deon Viergutz, vice president of Lockheed Martin's cyber division told Fifth Domain in an email. “The ability to dominate the electromagnetic spectrum allows militaries to not only establish control, but also keep soldiers out of harm's way by providing offensive and defensive techniques from remote locations.” Russia's use of electronic warfare during its 2015 invasion of Ukraine exposed how the Department of Defense needs to boost its own digital combat tools, Brad Curran, an analyst at Front & Sullivan previously told Fifth Domain. The White House's new cybersecurity strategy states that the federal government will boost efforts to lawfully gather evidence of criminal activity and disrupt criminal networks through new legislation. It could translate into a greater need for tools that can manage large amounts of data, such as artificial intelligence. But along with the expected increase in electronic warfare, analysts and firms are predicting a rise in managed and cloud based services. Raytheon, another of the five major cybersecurity U.S. government contractors, said they expected the federal government to need more managed security operations. “Concepts like security operations center-as-a-service, and others are gaining momentum due to the desire for scalability. Federal agencies will continue to look to contracted service providers for expertise and support,” John DeSimone, a vice president for cybersecurity and special missions at Raytheon told Fifth Domain in an email. Curran said he expects the federal government to save money by using more cloud-based services, such as Amazon Web Services and Microsoft's Azure. The Trump administration has seen an increased in shared services, said Suzanne Spaulding, a former undersecretary at the Department of Homeland Security who now works at the Center for Strategic and International Studies. “Which services they will ultimately centralize is hard to see,” Spaulding said. She added the decision-space is “is tricky because at the end of the day, cabinet secretaries also need to be accountable for their own cybersecurity.” Distributed cloud-based communications is a key priority of the Department of Homeland Security, according to the agency's 2017 industry guide. The department also said they were looking to invest in metrics for cybersecurity effectiveness and data capture of networked devices. https://www.fifthdomain.com/industry/2018/10/01/happy-new-fiscal-year-feds-want-more-electronic-warfare-and-cybersecurity-tools

• 

  March 22, 2021 | International, C4ISR

  Pentagon, Intel partner to make more US microchips for military

  Amid worries about potential tampering with chips from overseas, the project seeks to convert more microchips into higher-performing designs with more security features.

• 

  September 3, 2019 | International, Security

  What’s changing in the cyber domain? We ask industry experts

  By: Andrew Eversden “What are you talking about now in cybersecurity that you weren't talking about six months ago?” Fifth Domain posed this question to cybersecurity experts at Black Hat, a cybersecurity conference in Las Vegas, Nevada, that ran from Aug. 3-8. With the cyber domain rapidly evolving, we wanted to know how conversations within the cyber community are changing. Some pointed to a new focus on utility systems and web-connected devices that sit on critical infrastructure. “It's only a matter of time until there's another major disruption in an electric utility somewhere in the world, probably not in the U.S., but elsewhere,” Sergio Caltagirone, threat intelligence director at Dragos, said at the conference Aug. 5. “But oil and gas has the higher likelihood of a major destructive and loss-of-life event. And I think most people did not realize how close to that we actually were.” Caltagirone was referring to the TRISIS event, malware that struck industrial control systems at a Saudi Arabian petrochemical plant and could've caused physical harm. He said that in the aftermath of that attack, threat researchers diving into the details realized just how bad it could've been. “We started finding a lot of stuff which hadn't been found before,” Caltagirone said. “Which made us realize very quickly how close that space is to a major event.” Dave Weinstein, chief security officer at Claroty, pointed to an “explosion” of devices connected to the internet of things.. “It's really a product of this general consensus among industrial organizations that the benefits exceed the costs in terms of embracing this type of digital transformation," Weinstein said Aug. 8, adding that organizations must be “mindful” of these devices and have a plan to mitigate their potential vulnerabilities. Brian Costello, a senior vice president at Flashpoint, told Fifth Domain on Aug. 8 that he is more often than before focusing on targeted cyberattacks from bad actors. That's a shift away from “campaign-based” attacks that tracked. There's “more planning out, more scoping out of targets and taking long-term planning to go after [a] particular target with a specific asset in mind,” Costello said. Along that same vein, Julian Zottl, a senior cyber architect at Raytheon, said he's noticing more inclusion of all-source intelligence in threat analysis. “We're looking at ... all the sources and trying to figure out indicators,” Zottl said Aug. 7. “[We're] even trying to do predictive analytics now, where it's like, ‘Oh, we see this threat might be coming.' I think that's something that we're starting to talk about more and more.” Several cybersecurity professionals interviewed by Fifth Domain said the U.S. government is moving away from the classic cyber kill chain and over to the MITRE ATT&CK framework, which dives deeper into potential threats to information security. “They used to think the hackers would just come in to steal secrets, conduct espionage and then leave,” said Tom Kellermann, chief cybersecurity officer at Carbon Black and a former commissioner on the Commission on Cyber Security for then-President Barack Obama. “In fact, they're maintaining persistence in these systems. They're manipulating the integrity of data and then they're using federal government agencies themselves and personnel's devices themselves to target anyone who implicitly trusts that person, that agency, that department.” he told Fifth Domain on Aug. 6. Chris Kennedy, chief information security officer at AttackIQ and a former official with the Treasury Department and the Marine Corps, said these new frameworks in use along with federal continuous monitoring programs allow for more attacker emulation, essentially simulating the attack agencies could face. “Agencies are starting to realize the value of attacker emulation as a way to measure and benchmark the effectiveness of their security controls,” Kennedy said on Aug. 7. And with government agencies in different stages of cloud migration, agencies will need to learn how that fits into their cybersecurity posture. Marten Mickos, CEO of white hat hacking company HackerOne, said this a new discussion. He also said the conversation surrounding the use of ethical hackers in government environments has evolved: The word “hacker” is becoming more accepted. “I do think it signals a shift in mindset," Michos said. There's a realization that "those people who portray themselves as hackers are actually those who will rescue us, not those who will destroy us.” Despite all the changing technology and evolving threats, one aspect of cybersecurity remains set in stone, said M. K. Palmore, a field chief security officer for the Americas at Palo Alto Networks and a recently retired FBI cyber agent. “It's about adhering to cybersecurity fundamentals,” Palmore said. “That message hasn't changed regardless of my position or where I'm located.” https://www.fifthdomain.com/show-reporters/black-hat/2019/08/30/whats-changing-in-the-cyber-domain-we-ask-industry-experts