• Cyber and international law in the 21st century

    “Cyber space is not – and must never be – a lawless world. It is the U.K.’s view that when states and individuals engage in hostile cyber operations, they are governed by law just like activities in any other domain,” said the U.K. Attorney General Jeremy Wright, QC MP, on 23 May 2018, setting out, for the first time, the U.K.’s position on applying international law to cyberspace. “What this means is that hostile actors cannot take action by cyber means without consequence, both in peacetime and in times of conflict. States that are targeted by hostile cyber operations have the right to respond to those operations in accordance with the options lawfully available to them and that in this as in all things, all states are equal before the law.”

  • Failing to keep pace: The cyber threat and its implications for our privacy laws

    “The time has come — indeed, if it has not already passed — to think seriously about some fundamental questions with respect to our reliance on cyber technologies: How much connected technology do we really want in our daily lives? Do we want the adoption of new connected technologies to be driven purely by innovation and market forces, or should we impose some regulatory constraints?” asked NSA General Counsel Glenn Gerstell in a Wednesday presentation at Georgetown University. “Although we continue to forge ahead in the development of new connected technologies, it is clear that the legal framework underpinning those technologies has not kept pace. Despite our reliance on the internet and connected technologies, we simply haven’t confronted, as a U.S. society, what it means to have privacy in a digital age.”

  • DHS S&T awards first Phase 4 award for IOT security

    Atlanta-based Ionic Security is the first company to successfully complete prototype testing and move to the pilot deployment phase as part of DHS S&T’s Silicon Valley Innovation Program (SVIP). SVIP offers up to $800,000 in non-dilutive funding to eligible companies.

  • Cybersecurity teams which do not interact much perform best

    Scientists recently found that the best, high-performing cybersecurity teams have relatively few interactions with their team-members and team captain. While this result may seem counterintuitive, it is actually consistent with major theoretical perspectives on professional team development.

  • Tool measures individuals’ likelihood to fall for internet scams

    Researchers have developed an online questionnaire which measures a range of personality traits to identify individuals who are more likely to fall victim to internet scams and other forms of cybercrime. The psychometric tool asks participants to answer a range of questions in order to measure how likely they are to respond to persuasive techniques.

  • Developing secure mobile apps

    Mobile devices such as smartphones and tablets and the applications (apps) we load onto them have become indispensable to our daily lives—both personal and professional. However, mobile apps are susceptible to malware, ransomware, spyware, coding flaws and other attacks that could compromise personal data stored on the device. Apps also can be used to gain access to sensitive enterprise resources.

     

  • DHS S&T to demonstrate cyber technologies at RSA

    DHS S&T will exhibit and demonstrate thirteen mature cybersecurity technology solutions that are ready for pilot deployment and commercialization at the RSA 2018 cybersecurity conference, 16-19 April, in San Francisco.

  • NYC Secure launched: Cybersecurity initiative to protect New Yorkers online

    NYC Mayor de Blasio last week announced the launch of NYC Secure, a cybersecurity initiative aimed at protecting New Yorkers online. Using an evolving suite of solutions, NYC Secure will defend New Yorkers from malicious cyber activity on mobile devices, across public Wi-Fi networks, and beyond. The first NYC Secure programs will include a free City-sponsored smartphone protection app which, when installed, will issue warnings to users when suspicious activity is detected on their mobile devices.

  • 4G LTE networks vulnerability allows adversaries to send fake emergency alerts

    Researchers have identified several new vulnerabilities in 4G LTE networks, potentially allowing hackers to forge the location of a mobile device and fabricate messages. The vulnerabilities would allow adversaries to send fake emergency paging messages to a large number of devices, drain a victim device’s battery by forcing it to perform expensive cryptographic operations, disconnect a device from the core network, and more.

  • U.K.'s best cyber defenders compete for chance to take on the U.S. cyber best

    Inter-ACE, now in its third year, was established to help resolve the vast and growing cyber security skills gap, with an estimated shortfall of 1.8 million workers worldwide by 2022. More than 130 students representing eighteen of the U.K.’s top cybersecurity universities battled it out at the Inter-ACE 2018 cybersecurity challenge, hosted by the University of Cambridge. The competition, supported by GCHQ’s National Cyber Security Center, and designed to attract the next generation of cybersecurity talent.

  • Higher education joint cyber security operations center launches

    Indiana University, Northwestern University, Purdue University, Rutgers University and the University of Nebraska-Lincoln have announced the launch and activation of OmniSOC, a specialized, sector-based cyber security operations center, or SOC, that provides trusted, rapid, actionable cyber intelligence to its members. OmniSOC protects five universities, hundreds of thousands of devices and tens of thousands of students and faculty from cyber threats.

  • Senate Intel Committee: Initial election security recommendations for 2018 election cycle

    The Senate Select Committee on Intelligence will hold an open hearing today, Wednesday, 21 March 2018, on the threats to election infrastructure. The hearing will cover Russian attempted attacks on state election infrastructure in 2016, DHS and FBI efforts to improve election security, and the view from the states on their cybersecurity posture. The committee yesterday made available its initial recommendations on election security after investigating Russian attempts to target election infrastructure during the 2016 U.S. elections.

  • Multi-laboratory cyber defense competition

    In little over two weeks, over a hundred college students from across the United States will convene in one of the largest cyber defense competitions in the nation. The event, hosted and funded by the U.S. Department of Energy’s (DOE) Office of Electricity Delivery and Energy Reliability’s (OE) Infrastructure Security and Energy Restoration Division, will take place on 6-7 April 2018. This event will be simultaneously hosted at three of the Department’s national laboratories: Argonne National Laboratory, Oak Ridge National Laboratory and Pacific Northwest National Laboratory.

  • NSA, UWF partner to accelerate cybersecurity degree completion, workforce development

    The University of West Florida and the National Security Agency announced a partnership to enhance cybersecurity workforce development and create accelerated pathways toward completion of an undergraduate cybersecurity degree program. The agreement allows students who complete the Joint Cyber Analysis Course to earn undergraduate credit hours at UWF. JCAC is open to active military. The six-month JCAC course is designed to train individuals with limited computer experience and make them proficient in cyber analysis.

  • To prevent cyberattacks, create agency similar to National Transportation Safety Board: Experts

    After arguably the worst year ever for cyberattacks and data breaches, Indiana University research suggests it may be time to create an independent cybersecurity agency board comparable in approach to the National Transportation Safety Board that investigates airplane crashes and train derailments.