• Rapidly evolving cybersecurity field too diverse for overly broad professionalization

    The U.S. cybersecurity work force is too broad and diverse to be treated as a single occupation or profession, and decisions about whether and how to professionalize the field will vary according to role and context, says a new report. Defined as the social process by which an occupation evolves into a profession, such as law or medicine, professionalization might involve prolonged training and formal education, knowledge and performance testing, or other activities that establish quality standards for the workforce.

  • The side of Homeland Security you won't see on TV

    The way the Department of Homeland Security is often portrayed in popular culture — surveillance and secret agents — leaves out a crucial aspect of its role. It also works on technology to detect attacks as they are happening, and helps federal and local governments prepare for all kinds of disasters, from hurricanes to accidental chemical spills to anthrax attacks. Argonne Laboratory engineers contribute to this effort, helping local and state governments form emergency plans, run drills for a pandemic flu outbreak in the city of Chicago, and analyzed ways to enhance security at plants and factories across the country.

  • October is National Cybersecurity Awareness Month

    This October marks the tenth National Cyber Security Awareness Month (NCSAM), an effort to educate millions of people each year about the importance of online safety and security. During the month, leaders from the public and private sectors will come together to advance its universal theme that protecting the Internet is “Our Shared Responsibility.”

  • Beer-Sheva Cyber Security Park inaugurated by Prime Minister Benjamin Netanyahu

    The development of the Negev took a step forward earlier this month with the inauguration of Beer-Sheva’s Advanced Technologies Park (ATP) in which Ben-Gurion University of the Negev (BGU) is the academic research partner. Israel prime minister Benjamin Netanyahu presided over the ribbon-cutting ceremony on 3 September.

  • Cyberweapons likely to be an integral part of any U.S.-Syria clash

    A U.S.-led military attack on Syria may have been averted, at least for a while, by the Russian proposal to negotiate the transfer of Syria’s chemical weapons stocks to international control, but had the United States gone ahead with a strike, there is little doubt that cyberattacks would have been used by both sides. If the United States decides to attack Syria in the future, we should expect cyberweapons to be used.

  • Security vs. privacy

    Those who ask you to choose security or privacy and those who vote on security or privacy are making false choices. That’s like asking air or water? You need both to live. Maslow placed safety (of which security is a subset) as second only to food, water, sex, and sleep. As humans we crave safety. As individuals and societies, before we answer the question “security or privacy,” we first have to ask “security from whom or what?” and “privacy from whom and for whom?”

  • Norwich University receives $10 million for cybersecurity research

    Norwich University in Vermont has secured another round of funding for cybersecurity research. $9.9 million in federal funds will go toward a project aiming to ensure that private and public sector groups can better plan for cyberattacks. The university’s Applied Research Institute (NUARI) will direct the money for its Distributed Environment for Critical Infrastructure Decision-making Exercises (DECIDE) program.

  • U.S. “black budget” reveals unwieldy bureaucracy, misplaced priorities: expert

    Classified budget figures and successes and failures by American intelligence agencies, exposed for the first time this week by the Washington Post, show a massive bureaucracy with misplaced priorities, according to a cybersecurity and privacy expert. “The major failure identified in all of the post-9/11 assessments was a ‘failure to connect the dots,’” the expert said. “Nevertheless, the vast majority of the black budget is being spent on data acquisition — collecting more dots — rather than analysis.”

  • U.S. power plants, utilities face growing cyber vulnerability

    American power plants and utility companies face a growing cyber vulnerability. No U.S power plant has so far suffered a significant cyberattack, even if small-scale attacks are nearly constant, but experts say preventative actions must be taken to ensure safety. Utilities provide services which, if disrupted for long periods of time, may result in economic chaos and may even lead to social unrest.

  • NSA revelations hobble pursuit of a comprehensive cyberdefense initiative

    NSA director General Keith Alexander has proposed a digital version of Ronald Reagan’s space-based Star Wars missile defense program, which Reagan unveiled in 1983. In Alexander’s vision, when a cyberattack is launched at the United States, the defense system would intercept and thwart the attack before it caused any damage. Intercepting a cyberattack would require the NSA to tap, track, and scan all cyber traffic entering the United States. The technology needed to intercept cyberattacks, however, is strikingly similar to the technology the NSA uses for the types of surveillance Snowden exposed. Post-Snowden, it is doubtful that the administration would pursue a comprehensive cyberdefense initiative, or that lawmakers would accept it.

  • Heuristic approach: Incorporating built-in defenses against viruses into software

    Antivirus software running on your computer has one big weak point — if a new virus is released before the antivirus provider knows about it or before the next scheduled antivirus software update, your system can be infected. Such zero-day infections are common. A key recent development in antivirus software, however, is to incorporate built-in defenses against viruses and other computer malware for which they have no prior knowledge.

  • Cybersecurity jobs average over $100,000 a year

    According to Semper Secure, a public-private partnership with representatives from the government and industry executives, workers in the cybersecurity industry earn an average salary of $116,000 a year.Someone with less than a year of experience, no certifications, and just an associate’s degree could pull in a salary of $91,000.

  • Next NIST workshop on critical infrastructure cybersecurity framework: Dallas, 11 September 2013

    Registration is now open for the fourth in a series of workshops to bring together representatives from government, industry, and academia to establish a voluntary Cybersecurity Framework which will help reduce risks to critical infrastructure. The workshop will be held 11-13 September 2013, at the University of Texas at Dallas, and will be the final public session before the preliminary framework is formally released later this year.

  • Researchers successfully spoof an $80 million yacht at sea

    Researchers were able successfully to spoof an $80 million private yacht using the world’s first openly acknowledged GPS spoofing device. Spoofing is a technique that creates false civil GPS signals to gain control of a vessel’s GPS receivers. The purpose of the experiment was to measure the difficulty of carrying out a spoofing attack at sea and to determine how easily sensors in the ship’s command room could identify the threat.

  • iOS security weaknesses uncovered

    Researchers have discovered two security weaknesses that permit installation of malware onto Apple mobile devices using seemingly innocuous applications and peripherals, uncovering significant security threats to the iOS platform.