Apr
27

Lean, mean cyber secure machines

From: GCN

By Stephanie Kanowitz

***

William Vanderlinde, chief scientist at the Intelligence Advanced Research Projects Agency, said IARPA has three programs aimed at boosting cybersecurity. The Scientific Advances to Continuous Insider Threat Evaluation program is run by a mathematical psychologist whose team is looking at behaviors associated with dishonesty to find active indicators of insider threats.

Another program is the Cyber-attack Automated Unconventional Sensor Environment, which looks for indicators of an imminent cyberattack. “On the dark web, there are various hacker tools available, things like zero days and botnets, so as with most things, the price of those depends on supply and demand,” Vanderlinde said. A spike in the price may mean someone is getting ready to attack.

Read the full post

Leave comment

Apr
25

Book Launch: Insider Threats

From: Center for Strategic and International Studies

Insider Threats: A Worst Practice Guide to Preventing Leaks, Attacks, Theft, and Sabotage

Wednesday, May 10, 2017 10:00 am – 12:00 pm
CSIS Headquarters

CSIS Proliferation Prevention Program cordially invites you to a book launch event for Matthew Bunn and Scott Sagan’s newly released Insider Threats: A Worst Practice Guide to Preventing Leaks, Attacks, Theft, and Sabotage (Cornell University Press)

Moderated by
Sharon Squassoni
Director and Senior Fellow, Proliferation Prevention Program, CSIS

With
Matthew Bunn
Professor of Practice; Co-Principal Investigator, Project on Managing the Atom, Belfer Center for Science in International Affairs, Harvard Kennedy School

Read the full post

Leave comment

Apr
19

Federal Contractors Beware – DHS Proposes Robust Cybersecurity Procurement Regulation to Safeguard Controlled Unclassified Information (CUI)

From: JDSupra

Brian Cruz, C. Joël Van Over | Pillsbury Winthrop Shaw Pittman LLP

***

Additional requirements under the proposed rule include:

***

  • Continuous System Monitoring. Although all ATOs will require continuous system monitoring, the proposed rule expressly requires such monitoring as well as the storing of all continuous monitoring data for a period of at least one year from the date such data was created. The Government may also elect to conduct continuous monitoring with its tools and facilities.

Read Complete Article

Leave comment

Apr
17

DHS cyber tool finds huge amount of ‘shadow IT’ in U.S. agencies

From: CyberScoop

Shaun Waterman

New cybersecurity tools being deployed across the U.S. government found huge numbers of uncatalogued and unmanaged computer devices connected to federal networks — a phenomenon known as “shadow IT” — that necessitated urgent modifications to many hundreds of millions of dollars’ worth of contracts.

***

“There was something of a ‘oh shit’ moment,” said a person familiar with the discovery, made during the recent rollout of phase one of Continuous Diagnostics and Monitoring tools. CDM is a DHS-funded, government-wide acquisition program that buys and installs cybersecurity tools on U.S. departmental and agency networks.

Read Complete Article

Leave comment

Apr
13

The Bad Guys Also Engage in Continuous Monitoring

From: DarkReading

Researchers who track nation-state groups say open-source hacking tools increasingly are becoming part of the APT attack arsenal.

Kelly Jackson Higgins

***

Meyers says not only are these groups using open-source hacking tools for obfuscation, but they’re also using them to fill gaps in their own toolsheds or as a phase-one attack tool. “Some actors are using this as Phase One” for recon, and then executing their own custom tools for the next phases of the attack, he says. “Their [custom] implants are for collecting and pulling data and long-term continuous monitoring,” of the target, he says.

Read the full post

Leave comment

Apr
11

Technology alone may not curb insider threats

From: C4ISRNet

By: Mark Pomerleau

***

He said there are three categories that are key to understanding and identifying the insider threat: narcissism; Machiavellianism (the ability or a want to manipulate others); and a callous, cold personality.

The key to success for curbing insider threats will be to marry these three categories by understanding the individual’s mindset and have robust monitoring on the individual’s systems and data, Evanina said.

Read Complete Article

Leave comment

Apr
07

DHS’s diagnostics open door to collaboration inside agencies, says Commerce official

From: CyberScoop

Shaun Waterman

A funny thing happened when the CIO Council at the Department of Commerce sat down to figure out how to deploy the new tools coming from the Department of Homeland Security’s Continuous Diagnostics and Monitoring, or CDM, program.

Rod Turk, the department’s CISO and acting CIO, said people on the council — which brings together the CIOs from all the various agencies and bureaus that make up Commerce — started asking questions.

Read Complete Article

Leave comment

Apr
03

GSA offers new way to buy CDM cyber tools

From: Federal Times

By: Carten Cordell

The General Services Administration is looking to change up how it provides access to the Department of Homeland Security’s cybersecurity program.

GSA officials said the agency is looking to create Special Item Number exclusively for the Continuous Diagnostics and Mitigation program, tentatively scheduled to roll out this summer.

Read Complete Article

Leave comment