• ONR awards GrammaTech $9 million for cyber-hardening security research

    Ithaca-based GrammaTech has been awarded a $9 million, three-year contract from the Office of Naval Research (ONR), a division of the United States Department of the Navy, to perform research and development into cutting-edge techniques for protecting software from cyber-attacks. The goal is for end users to be able to transform their critical applications to shrink the attack surface, improve performance, lower memory consumption, and reduce complexity—all without breaking the application or disrupting operations.

  • “Cardiac password” project uses the wave of the heart motion for authentication

    One of the unique features for the upcoming iPhone X is facial recognition security, where users can simply unlock their phones by holding it up to their face and allowing the phone’s security measures to identify the correct user. However, it seems just as soon as new means of authentication are developed and put into use, hackers find a way around them, from hacking passwords to faking fingerprints to fool biometric security systems. But there may be one authentication method that cannot be hacked: Cardiac password.

  • Stanford Cyber Initiative addresses cybersecurity, governance, and the future of work

    Daily headlines emphasize the down side of technology: cyberattacks, election hacking and the threat of fake news. In response, government organizations are scrambling to understand how policy should shape technology’s role in governance, security and jobs. The Stanford Cyber Initiative is bringing together scholars from all over campus to confront the challenges technology presents.

  • Bolstering web security without compromising performance

    Chances are, you are reading this article on a web browser that uses HTTPS, the protocol over which data is sent between a web browser and the website users are connected to. In fact, nearly half of all web traffic passes through HTTPS. Despite the “S” for security in “HTTPS,” this protocol is far from perfectly secure.

  • S&T awards $8.6 million for enhancing security of mobile apps for the government

    DHS S&T has awarded funding to five R&D projects that will enhance the secure use of mobile applications for the federal government. These Mobile Application Security (MAS) R&D projects focus on continuous validation and threat protection for mobile apps and integrating security throughout the mobile app lifecycle.

  • U.S. government’s cybersecurity readiness lagging compared to almost every other industry

    SecurityScorecard the other day released its annual U.S. State and Federal Government Cybersecurity Report. The study paints a grim picture of the overall cyber health of the U.S. government entities. In the midst of investigations into a potential 2016 election hacking, regular major malware events, and an overall increase in the number of sophisticated cyberattacks, the report highlights that the government sector is lagging compared to almost every other industry. The state of U.S. government cyber health places mission-critical services and infrastructure at risk.

  • MSU cybersecurity scholarship program receives $3.11 million grant

    Mississippi State University will receive $3.11 million through a National Science Foundation grant to continue the university’s role in the CyberCorps Scholarship for Service program, which prepares qualified cybersecurity professionals for entry into the government workforce. As part of the grant, which will support the program for four years, East Mississippi Community College students planning to attend MSU are eligible to receive scholarships and support.

  • New app detects cyberattacks quickly

    If you are awaiting exciting news from your friend, what is the better way to read your email? Has it comes in, or after a batch collects? Well, if you read it as it comes in, you will surely get the news faster. Researchers have developed a software app that can do the same for computer networks. Monitoring the activity within a network in real-time can allow cybersecurity analysts to detect cyberattacks quickly, before thieves steal data or crash your system.

  • George Mason’s new Center of Excellence for Criminal Investigations and Network Analysis

    DHS S&T has selected George Mason University in Fairfax, Virginia to lead a consortium of U.S. academic institutions and other partners for a new Center of Excellence (COE) in Criminal Investigations and Network Analysis (CINA). The Center’s research will focus on criminal network analysis, dynamic patterns of criminal activity, forensics, and criminal investigative processes.

  • Cybercrime fighting tool moves from government to private sector

    Some Department of Energy facilities experience thousands of attempted cyberattacks every day. But the FLOWER software app, developed and patented by DOE’s Pacific Northwest National Laboratory, has been used by other tools and cyber analysts to detect, deter, and mitigate coordinated attacks.

  • NSA funds cybersecurity project to bolster security of cloud-based computing

    A University of Arkansas at Little Rock researcher has received funding from the U.S. National Security Agency (NSA) to improve cybersecurity skills for students and the general population. The cybersecurity lab project, “Networking and Network Security in the Cloud (NetSiC),” will address issues related to cloud-based computing environments and help students practice networking and cyber defense skills.

  • Combatting cyber threats

    New initiatives from the Cybersecurity Policy & Research Institute at the University of California, Irvine will help combat one of our greatest security challenges: vulnerabilities and attacks in cyberspace. These efforts include research on cyberattack attribution and supply chain security, the development of law enforcement training, the launch of a cyber-victims defense clinic, and a curriculum development effort for high school students.

  • New director for CMU’s Software Engineering Institute's CERT Division

    Carnegie Mellon University’s Software Engineering Institute the other day announced the appointment of Roberta G. (Bobbie) Stempfley as director of the SEI’s CERT Division. A federally funded research and development center, SEI helps government and industry organizations develop and operate software systems that are secure and reliable. The CERT Coordination Center was founded at the SEI in 1988 as the world’s first computer security incident response team.

  • Training cybersecurity professionals to protect critical infrastructure

    Idaho National Laboratory and the Department of Homeland Security (DHS) announce the successful completion of the 100th iteration of the Industrial Control Systems Cybersecurity (301) training course; a course tailored to defending systems used across the critical infrastructure sectors. Since April 2007, over 4,000 cybersecurity professionals have participated in the advanced course.

  • Bug-bounty program to strengthen DHS cyber defenses

    Congress is considering a bill would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – in order to strengthen cyber defenses at DHS by utilizing “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and data systems.