International Conference on Cyber Security (ICCS 2010), August 2—5, 2010, New York City
The second annual International Conference on Cyber Security will be held in New York City, August 2 - 5, 2010. Last year more than 500 people from 40 countries around the world met at the Interna-tional Conference on Cyber Security 2009 to discuss the worlds greatest emerging cyber threats. This August 2010, the Federal Bureau of Investigation and Fordham University will partner again to host the second annual International Conference on Cyber Security (ICCS 2010) in New York City, the information center of the world.
ICCS 2010 will be another event that will bring together global leaders in emerging cyber threat analysis, operations and enforcement. With the number of cyber threats escalating worldwide, the need for comprehensive security analysis, assessment, and actions have reached a critical juncture. ICCS 2010 is a first-hand opportunity to discover and share critical intelligence on issues shaping the future of cyber security.
ICCS 2010 will consist of three full days, fifty unique lectures from distinguished, plenary, and parallel speakers in the disciplines of Emerging Technologies, Operations and Enforcement, and Real Life Experiences. Also included are panel discussions, sponsors’ presentations, exhibitions and exceptional networking opportunities.
In response to heightened demand from cyber security leaders from around the world, ICCS 2010 is featuring two additional events: the Law Enforcement Workshop (LEW) and the Cyber Security Tutorial (CST). Please visit the official ICCS 2010 website for more information.
Cyber Security Training Conference, Atlanta, GA, May 17-20th, 2010
The 31st Cyber Security Training Conference will be held in Atlanta, GA, May 17-20th 2010, at the Marriott Marquis. As the Federal Information Security Management Act of 2002 enters its seventh year, it is clear that agencies and departments are not yet secure.
In a recent study “U.S. Federal Cybersecurity Market Forecast 2010-2015” Market Research Media forecasts that the U.S. Federal Cybersecurity market will grow steadily – at about 6.2% CAGR over the next six years. Massive growth in data processing power and new cyber threats have spurred the deployment of DPI technologies in the U.S. Government agencies. These are conclusions of another Market Research Media report “Deep Packet Inspection (DPI): U.S. Government Market Forecast 2010-2015″.
The conference agenda includes the following topics:
- Hacking Exposed
- Automated C&A and FISMA Reporting – A Practical Example
- High Assurance Smart Grid
- Risk Based Cyber Security and Reduced Oversight
- Drop-in Incident Response Challenge
- Understanding Email and Web Security
- Cloud Computing and Cyber Security
- Cracking Down SCADA Security
- Risk Management - A risk based approach to CyberSecurity
- Fundamentals of Implementing Cyber Security in Industrial Control Systems
- Counterintelligence, Cyber Security and IT Communicating
- Cyber Security Enterprise Architecture – Enabling Business Through Better Design
- Industrial Control Systems-Accreditation Boundary Development
- Using Process Metrics to Improve the Management of Operational Cyber Security Risks
DARPA advanced to the second phase of its National Cyber Range (NCR) Program
The Defense Advanced Research Projects Agency (DARPA) has advanced to the second phase of its National Cyber Range (NCR) program, a systematic approach to assessing the readiness of the nation’s cyber security systems and networks. The goal of the NCR program is to revolutionize the state of the art of the Nation’s cyber testing technology, and develop a computer systems test bed on which cyber scenarios can be evaluated simultaneously to provide a comprehensive, qualitative and quantitative assessment of the security of information and automated control systems that are under development. The National Cyber Range is DARPA’s contribution to the interagency “Comprehensive National Cybersecurity Initiative” that aims to safeguard Federal Government information systems from cyber threats and attacks.
DARPA awarded two contracts to continue the program, which aims to help researchers evaluate the strength and resiliency of the security programs they are developing.
In Phase I of the NCR program, DARPA oversaw the creation of initial conceptual designs, concepts of operation, and detailed engineering and system demonstration plans.
In Phase II, the Agency and its contractors will build and evaluate prototype ranges and their corresponding technology.
The following prime contractors were awarded contracts for Phase II:
- Johns Hopkins University - Applied Physics Laboratory, Laurel, Maryland - $24,777,235
- Lockheed Martin – Simulations, Training, and Support, Orlando, Florida - $30,803,319
Cyber Security Solutions Provider Acquired by SAIC
CloudShield Technologies, Inc., a provider of cyber security solutions, has been acquired by Science Applications International Corporation (SAIC). CloudShield Technologies provides infrastructure security solutions to governmental agencies. The company’s deep packet inspection (DPI) platform and applications enable customers to inspect, analyze and control all network traffic, helping lower costs, secure infrastructure and generate new revenue streams. The acquisition will increase SAIC’s market share and capabilities in U.S. federal government cyber security market. The DPI platform for high speed networks is the crown jewel in the CloudShield’s marketing mix.
A recent report of Market Research Media Deep Packet Inspection (DPI): U.S. Government Market 2010-2015 forecasts explosive growth of the DPI governmental sector, at a CAGR of 36% from 2010 to around US$ 1.8 Billion by 2015.
Cyber Security Bill passed the House by a vote or 422 to 5
Cyber Security Bill, laying foundations for building up the United States’ cyber security infrastructure, passed the House by a vote of overwhelming majority of 422 to 5, on the wave of recent Chinese hacking attacks. Below is the full text of the Bill.
Cybersecurity Enhancement Act of 2009 Continue Reading >>
Cyber Security Experts Brace for Rise in Tension Over US Arms Sale to Taiwan
Cyber security experts are warning about increased risk of China-originated cyber attacks in a view of announcement of a US arms sale to Taiwan and invitation of the Dalai Lama to the White House. US-China cyber confrontation is nothing new but Chinese hacking attacks and Obama’s new hardball policy shift with China will likely add fuel to the fire.
At the 10th National People’s Congress in 2003, the Chinese army announced the creation of “information warfare units.” General Dai Qingmin said internet attacks would run in advance of any military operation to cripple enemies. Clearly cyber intelligence is a critical component of China’s military arsenal. Cyber espionage officially arrived on Capitol Hill when two Republican congressmen, Rep. Frank Wolf of Virginia and Rep. Christopher Smith of New Jersey, went public with the news that in 2006 and 2007 their office computer networks had been breached by Chinese hackers. And also when Commerce Secretary Carlos Gutierrez, who was in China on a trip with a U.S. trade delegation last December, had his laptop slurped by Chinese cyber operatives. Not much happened after those two events. It was seen as just two of the many covert acts that take place in networks that connect the billions of computers and related devices globally. Perhaps the recent discovery of a vast Chinese cyber espionage network (code named GhostNet) that penetrated 103 countries, infected nearly 1,300 computers, and continued to infect at least a dozen new computers every week, will provide the wake-up call. In March of 2009, the security operations center (SOC) identified 128 acts of cyber aggression against their clients every minute that were tracked back to IP addresses in China. These acts should serve as a warning that clearly indicates just how far along China’s cyber intelligence collection capabilities are.
America tops the global chart of military spending, with China and Russia ranking second and third. China’s strategists believe the United States is dependent on information technology and that this dependency constitutes an exploitable weakness. There are reasons to believe that China and Russia’s militaries are collaborating and cyber warfare is one area that not only lends itself to remote collaboration, but there is soft and medium intelligence that this has and is occurring. Last year Col. Gary McAlum, chief of staff of the command’s Joint Task Force for Global Network Operations at U.S, Strategic Command, quoted approvingly from a new report Technolytics had produced saying, “China aims to achieve global electronic dominance by 2050.” This conclusion was drawn prior to the massive decline in the U.S. economy. As the U.S. funding for research and development has slowed substantially, China’s has increased.
“Current and potential U.S. adversaries seek to employ cyber warfare, as a means to confront U.S. military superiority in conventional conflict”, said William J. Lynn III, Deputy Defense Secretary. Additionally, Lynn said, the cyber-warfare threat is a major national security issue that has captured his attention.“If we don’t maintain our capabilities to defend our networks in the face of an attack,” he said, “the consequences for our military – and indeed, for our whole national security – could be dire.”
Lynn cited a 1998 cyber attack launched by two California teenagers and an overseas accomplice that targeted U.S. military computer networks. “The attacks were coordinated and aimed at crucial military [computer] systems,” Lynn said. “The threat was so serious that the president was briefed.”
Investigators, he said, traced the origins of the attack and the instigators were apprehended and tried on charges of computer assault.
Yet, that 1998 computer attack “was child’s play,” Lynn said, noting the frequency and sophistication of attacks have increased exponentially during the past decade.
“Cyber [warfare] is an especially asymmetric technology; the low cost of computing devices means that our adversaries don’t have to build an expensive weapons system like a fifth-generation fighter to pose a disproportional threat,” Lynn explained.
Consequently, he said, many militaries are building offensive cyber capabilities.
The Defense Department today operates 15,000 computer networks across 4,000 military installations in 88 countries, Lynn said, noting the department spends billions of dollars each year to administer, monitor and defend those networks.
Because of the seriousness of the cyber threat, he said, the Defense Department has over the past 10 years built layered and robust cyber defenses.
And, in June 2009, Defense Secretary Robert M. Gates directed the establishment of U.S. Cyber Command, a military sub-command focused on cyber security, Lynn noted. Cyber Command is in the process of being stood up and is to be based at Fort Meade, Md.
“Cyber Command will bring together more than a half a dozen intelligence and military organizations in support of three overlapping categories of cyber operations,” he said.
The command, he said, will protect defense computer networks, coordinate all defense computer operations and provide full-spectrum support for all military and counterterrorism missions, and stand by to support civil authorities and industry partners on an as-needed basis.
Next few years will be most likely years of steeply increasing federal cyber defense budgets.
Cyber Genome Program
The objective of the Cyber Genome Program is to produce revolutionary cyber defense and investigatory technologies for the collection, identification, characterization, and presentation of properties and relationships from collected digital artifacts of software, data, and/or users to support DoD law enforcement, counter intelligence, and cyber defense teams.
| U.S. Federal Cybersecurity Market Forecast 2010-2015 |
| Worldwide Defense High Performance Computing (HPC) Market Forecast 2010-2015 |
| U.S. Federal Cloud Computing Market Forecast 2010 – 2015 |
Digital artifacts may be collected from live systems (traditional computers, personal digital assistants, and/or distributed information systems such as ‘cloud computers’), from wired or wireless networks, or collected storage media. The format may include electronic documents or software (to include malicious software - malware). The Cyber Genome Program will encompass several program phases and technical areas of interest. Each of the technical areas will develop the cyber equivalent of fingerprints or DNA to facilitate developing the digital equivalent of genotype, as well as observed and inferred phenotype in order to determine the identity, lineage, and provenance of digital artifacts and users.
DARPA will host a Proposers’ Day Workshop in support of DARPA-BAA-10-36, CYBER GENOME PROGRAM on January 29, 2010 at the Ballston Hilton, 950 North Stafford Street, Arlington, VA 22203 from 8:00 a.m. to 6:00 p.m. EST. The purpose of this conference is to provide information on the CYBER GENOME PROGRAM; promote additional discussion on this topic; address questions from potential proposers; and provide a forum for potential proposers to present their capabilities for teaming opportunities. A second Proposers’ Day Workshop will be held on February 8, 2010, Arlington, Virginia area.
DARPA ADVANCES CYBER SECURITY TESTING INITIATIVE
Goal of National Cyber Range is Fast, Reliable, Cost-Effective Testing of Internet Security Systems
The Defense Advanced Research Projects Agency (DARPA)has advanced to the second phase of its National Cyber Range (NCR) program, a revolutionary approach to assessing the readiness of the nation’s cyber security systems and networks. The Agency awarded two contracts to continue the program, which aims to help researchers evaluate the strength and resiliency of the security programs they are developing.
In Phase I of the NCR program, DARPA oversaw the creation of initial conceptual designs, concepts of operation, and detailed engineering and system demonstration plans.
In Phase II, the Agency and its contractors will build and evaluate prototype ranges and their corresponding technology.
The following prime contractors were awarded contracts for Phase II:
- Johns Hopkins University - Applied Physics Laboratory, Laurel, Maryland - $24,777,235
- Lockheed Martin – Simulations, Training, and Support, Orlando, Florida - $30,803,319
The National Cyber Range is DARPA’s contribution to the interagency “Comprehensive National Cybersecurity Initiative” that aims to safeguard Federal Government information systems from cyber threats and attacks. The goal of the NCR program is to revolutionize the state of the art of the Nation’s cyber testing technology, and develop a computer systems test bed on which cyber scenarios can be evaluated simultaneously to provide a comprehensive, qualitative and quantitative assessment of the security of information and automated control systems that are under development.
“The National Cyber Range will revolutionize the Nation’s ability to evaluate the security of our research programs.The NCR program is developing revolutionary capabilities for cyber experimentation including a fully automated, secure range to validate leap-ahead cyber research technologies and systems, as well as provide vision for iterative and new computer security research directions for the community,” said DARPA Program Manager, Michael van Putte, Ph.D.
13th Annual New York State Cyber Security Conference, June 16 - 17, 2010, Albany, NY
13th Annual New York State Cyber Security Conference will be held at June 16 - 17, 2010, Empire State Plaza, Convention Center, Albany, NY.
The Annual NYS Cyber Security Conference is organized jointly by the University at Albany, State University of New York (SUNY) and the NYS Office of Cyber Security & Critical Infrastructure Coordination. The event is funded entirely through registration fees and the support of the sponsors and exhibitors; no state funds are used. This conference provides crucial training that enables the workforce to stay attuned to cyber security threats and effectively meet the challenges we are facing.
This two-day event features experts representing government, academia and industry from across the country and around the world. The Conference offers a variety of both technical and non-technical sessions, and is open to individuals in the public and private sectors. The program includes hands-on training for cyber security professionals as well as those in information technology, academia, law enforcement, the legal community and others who want to better understand the latest cyber security challenges we face and how to best address them.
Black Hat DC 2010, Information Security Event, February 2 – 3, 2010, Arlington, Virginia
Black Hat DC 2010 will host over 500 digital security experts, bringing together public and private sector security professionals and underground hackers from around the world to dissect the latest security trends. Black Hat DC is taking place February 2 – February 3 at the Hyatt Regency Crystal City in Arlington, Virginia.
Gregory Schaffer, U.S. Department of Homeland Security, will keynote at Black Hat DC 2010. U.S. Department of Homeland Security (DHS) Secretary Janet Napolitano appointed Greg Schaffer as Assistant Secretary for Cybersecurity and Communications (CS&C) last year. Mr. Schaffer works within the National Protection Program Directorate (NPPD) to lead the coordinated efforts of CS&C and its components, including the National Cyber Security Division, the Office of Emergency Communications, and the National Communications System. Schaffer engages the public and private sectors as well as international partners to prepare for, prevent, and respond to incidents impacting the nation’s strategic cyber and communications infrastructure.
