In This Issue
- What’s Next for Tech
- Cyber Contracts Flow
- Cloud Is Winning Big
- Report from the CEO
- Surveillance Threat
- 49% Cyber Victims
- OMB Breach Guidance
- Congress Protections
- Lawmakers’ Agenda
- Grid Imminent Danger
- DHS & Cybersecurity
- NIST New Framework
- Data Next Hot Button
- FCC Impassioned Plea
- Moore’s Law No Prob
- Einstein@Home Score
- Coming DCIA Events
President Donald Trump says he’s ready to delve into the mysteries of space and make key appointments at NASA and other agencies dealing with science and technology policy.
America’s space agency is currently in the custody of NASA’s highest-ranking civil servant, Robert Lightfoot.
This week, Lightfoot sent NASA employees a message praising the work of outgoing administrator Charlie Bolden and his deputy, Dava Newman.
He said atmospheric scientist Erik Noble, who was a data strategist for the Trump campaign, would serve as White House senior adviser at NASA, and transition team member Greg Autry would be White House liaison.
Among the oft-mentioned prospects for administrator are US Congressman Jim Bridenstine, (R-OK), who’s a big proponent of space commercialization; and former NASA Administrator Mike Griffin, who worked on the Constellation back-to-the-moon program during the George W. Bush administration.
Trump and his aides are widely expected to give a boost to lunar missions as well as studies of Europa, an ice-covered moon of Jupiter… Read More
Vendors of cybersecurity offerings are finding that the US government is serious about improving the protection of federal IT assets.
A steady stream of data protection contracts has been flowing to providers, including some notable high-value transactions during the last half of 2016.
One example is a Department of Homeland Security contract, with a potential value of $395 million, for various cybersecurity protection services designed to prevent, detect, contain and eradicate cyber-threats.
While DHS went through the process of selecting a vendor last year, a final award is pending due to a legal challenge.
Still, the magnitude of the DHS project indicates the significant level of potential federal investments in cybersecurity.
Federal contracting is never easy, of course, and the providers who have received cybersecurity contracts have had to meet all the requirements of doing business with the government.
While those requirements remain in force, federal agencies, especially the General Services Administration, are trying to improve processing… Read More
One way to track the growth of cloud computing is to follow the investments in the infrastructure and equipment that make it run. That’s why IDC’s Worldwide Quarterly Cloud IT Infrastructure Tracker is so revealing.
According to the IDC report, total spending on IT infrastructure products—including server, enterprise storage and Ethernet switches—for use in cloud environments will grow a healthy 18 percent this year to top $44 billion.
Meanwhile, IDC said, investment in old-school non-cloud architecture equipment will actually decline by more than 3 percent in 2017.
The trends are clear: The cloud—public, private and hybrid—is growing even as traditional on-premise IT infrastructure is dwindling. IDC put it plainly: The “continued strong movement toward utilization of off-premises IT resources around the world” is driving double-digit growth in spending on cloud infrastructure.
To be fair, non-cloud spending will still comprise more than half (57 percent) of total infrastructure spending in 2017, and a slightly bigger majority (almost 58 percent) of infrastructure spending will go to on-premise data centers using private cloud and traditional IT architectures… Read More
The DCIA alerts member companies and other industry participants that maritime operations will become a new target for cybersecurity regulation in 2017.
This will be a departure from the preferred voluntary approaches that on a vessel-specific basis have been the practice to date.
Ships, ports, and terminals increasingly rely on internet-based technologies for communication, navigation, logistics, safety monitoring, security, and operations.
The well-intentioned imposition of cybersecurity measures would seek to prevent potential disruptions to maritime operations caused by hacking, malware, or other cyber-related risks.
But as with many other rapidly advancing internet-based operations, heavy-handed regulatory intervention would have a chilling effect on ongoing innovation; and the best approach is to allow companies to continue to deploy individualized approaches for protecting the integrity of their cyber-based maritime systems.
Our concern is based on recent activities by national and international regulatory bodies.
Early in 2016, the US House of Representatives sent a failed bill to the Senate that would require the United States Coast Guard (USCG) to enforce cybersecurity standards at US ports and in maritime operations.
HR 3878, the Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act, would task the Department of Homeland Security (DHS) with developing a maritime cybersecurity risk assessment model and guidelines for incident reporting, tracking the US National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity.
In July, the United Nations (UN) International Maritime Organization (IMO) published Interim Guidelines on Maritime Cyber Risk Management, also requiring consistency with the NIST Framework, which the DCIA supports as a valuable set of guidelines for voluntary consideration.
In August, the USCG released its Cyber Risks in the Marine Transportation System, promoting a risk-based approach to cybersecurity in the marine environment that was neutral with respect to increased government intervention.
We urge industry participants to closely monitor and, where appropriate, participate in the process to retain and advance voluntary maritime cybersecurity standards. Share wisely, and take care.
As the Russian hacking scandal of the US election continues to gain traction in Washington, more questions are being raised about the future of cybersecurity and how businesses and citizens can ensure their information stays out of malicious hands.
According to a new survey, the most likely cybersecurity threat to happen in the near future is massive surveillance conducted by a domestic or foreign government.
Fifty ethical hackers were surveyed by MonsterCloud, a managed IT service provider, to determine what they believe to be the most imminent, severe threats to cybersecurity in the coming year.
According to the findings, a mass surveillance threat is more likely to occur than a widespread ransomware attack on private citizens.
However, the latter was still a high concern for ethical hackers. Ransomware is also a concern held by other experts for 2017, particularly within cloud infrastructure.
“A complete overhaul of our nation’s info-security policies will help,” said ethical hacker and CEO of Red Cell Infosec Dominique Davis… Read More
Nearly half of businesses report that they were the subject of a cyber-ransom campaign in 2016, according to Radware’s Global Application and Network Security Report 2016-2017.
Data loss topped the list of IT professionals’ cyber-attack concerns, the report found, with 27% of tech leaders reporting this as their greatest worry.
It was followed by service outage (19%), reputation loss (16%), and customer or partner loss (9%).
Malware or bot attacks hit half of all organizations surveyed in the last year.
One reason for the pervasive attacks? The Internet of Things (IoT).
Some 55% of respondents reported that IoT ecosystems had complicated their cybersecurity detection measures, as they create more vulnerabilities.
A new White House memorandum seeks to clarify how federal agencies should be preparing for and responding to a breach.
The Office of Management and Budget memo released Tuesday is replacing three outdated memos, one from 2007 and two from 2006.
It doesn’t address specific policy on information security or technical methods to control or detect incidents, but it does offer “a framework for assessing and mitigating the risk of harm to individuals potentially affected by a breach,” and guidance on whether and how to notify people and offer support services.
The policy comes after the House Oversight and Government Reform Committee reported in September that the historic data breach at the Office of Personnel Management was the result of failed leadership and consistent cybersecurity ignorance.
That report called for the OMB to develop certification requirements that include requirements for reporting breaches to a federal cybersecurity center and notifying people whose personally identifiable information might have been compromised.
The memo released this week offers guidance for reporting breaches and notification, and also outlines some requirements for contracts… Read More
In the wake of charges that Russian hackers tried to destabilize the US election, Congress will step up efforts to protect itself from cybersecurity attacks, including better training for lawmakers and staffers, said the head of the committee that oversees operations in the House.
“One of the biggest threats that we have here would be the security, in particular the cybersecurity threats, that we face,” said Congressman Gregg Harper (R-MS), the new Chairman of the House Administration Committee.
“Every office, every committee, every part of Capitol Hill is subject to attack by foreign governments, by individuals, people in this county who mean us harm.”
The Director of National Intelligence released a report Friday alleging that the Russian government hacked Hillary Clinton’s campaign and other political party groups to try to influence the presidential election and help President-elect Donald Trump win.
Officials had warned earlier last year that millions of emails to House offices contained malware or viruses.
The House Administration Committee has jurisdiction over a range of agencies… Read More
A task force of bipartisan lawmakers on Thursday released a report recommending a detailed cybersecurity agenda for the incoming Trump administration, even as the issue dominates talk on Capitol Hill.
The panel, co-chaired by House Homeland Security Chairman Michael McCaul (R-TX) and Senator Sheldon Whitehouse (D-RI), released the 34-page report in a press conference in which they outlined the top priorities for preventing foreign hacks of sensitive data.
“A silent war is waged against us in cyberspace – if we don’t shape it, it will be shaped against us,” McCaul said.
“Every person in this room is a target and the phones in your pocket are the battle space – and the enemy is winning.”
The Center for Strategic & International Studies (CSIS) sponsored the CSIS Cyber Policy Task Force, which produced the report.
A similar report was presented to then President-elect Barack Obama in 2009, and compiled by a commission also served by McCaul… Read More
The US Energy Department says the electricity system “faces imminent danger” from cyber-attacks, which are growing more frequent and sophisticated, but grid operators say they are already on top of the problem.
In the department’s landmark Quadrennial Energy Review, it warned that a widespread power outage caused by a cyber-attack could undermine “critical defense infrastructure” as well as much of the economy and place at risk the health and safety of millions of citizens.
The report comes amid increased concern over cybersecurity risks as U.S. intelligence agencies say Russian hacking was aimed at influencing the 2016 presidential election.
“Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency,” it said in the 494-page report.
“The current cybersecurity landscape is characterized by rapidly evolving threats and vulnerabilities, juxtaposed against the slower-moving deployment of defense measures.”
The department detailed 76 recommendations to boost energy, including increasing the collection of data about online breaches from utilities… Read More
The Chairman of the US House Committee on Homeland Security said Wednesday his top priority in 2017 will be to push for creation of a cybersecurity agency within the Department of Homeland Security (DHS).
“DHS needs focus and resources, and they are doing a decent job, but could be doing a lot better with the help of Congress,” said Congressman Michael McCaul (R-TX) in comments to reporters at the National Press Club.
“It’s not a Republican or Democratic issue.”
McCaul said one vital role for the DHS in the future would be to provide cyber-assistance on national elections that are under the management of the states.
DHS Secretary Jeh Johnson on Friday called for dsignating the nation’s election mechanisms as a “critical infrastructure,” given the vital role elections play in the country,
Johnson emphasized that the designation does not mean there would be a federal takeover or intrusion into elections.
Well before Johnson’s statement was issued, election officials in several states had reached out to federal authorities… Read More
On January 10, 2017, as the Obama administration draws to a close, the National Institute of Standards and Technology (“NIST”) released a long-awaited draft version 1.1 of its ground-breaking Framework for Improving Critical Infrastructure Cybersecurity.
This draft revision builds upon the initial “version 1.0” of the cybersecurity framework, which NIST released in February, 2014, pursuant to an Executive Order issued by President Obama in February 2013 as part of his cybersecurity agenda.
The initial framework was the result of a collaborative process involving industry, government and academia, supervised by NIST.
The framework is a significant part of the federal government’s cybersecurity policy for improving the protection of critical parts of the government and industry from cyber attacks
According to NIST’s statement accompanying the release of draft version 1.1, “the updated framework aims to further develop NIST’s voluntary guidance to organizations on reducing cybersecurity risks… Read More
Wealth and influence in the technology business have always been about gaining the upper hand in software or the machines that software ran on.
Now data – gathered in those immense pools of information that are at the heart of everything from artificial intelligence to online shopping recommendations – is increasingly a focus of technology competition.
And academics and some policy makers, especially in Europe, are considering whether big internet companies like Google and Facebook might use their data resources as a barrier to new entrants and innovation.
In recent years, Google, Facebook, Apple, Amazon and Microsoft have all been targets of tax evasion, privacy or antitrust investigations.
But in the coming years, who controls what data could be the next worldwide regulatory focus as governments strain to understand and sometimes rein in American tech giants.
FCC Chairman Tom Wheeler used his final policy speech to make an impassioned plea for retaining the FCC’s Open Internet rules and reclassification of ISPs as common carriers,” saying “”No company using the Internet is safe absent the kind of common carrier requirements America has historically expected of its networks.”
That came at what was billed at his final public address — at the Aspen Institute in Washington, where Wheeler will be a senior fellow after he leaves the commission January 20th.
Wheeler pulled out all the stops, saying that without Open Internet order protections, ISPs could demand tribute for access, control the cloud, dim the light of the Internet of Things, and otherwise limit choice and competition.
He cited zero rating of owned content as one threat to competition — the FCC’s Wireless Bureau released a report this week citing AT&T’s DirecTV Now as an example of that.
“We have already seen how AT&T and Verizon have favored their own video services by zero-rating their product while forcing consumers to pay data charges for competitors.”
“Just take that behavior and look how it would affect other 21st century services… Read More
If there has been one constant throughout the decades of change that has produced the data environment we have today, it’s that basic technologies continue to strive for greater performance.
Nowhere is this more evident than on chip-level architectures.
Even as the physical limitations of Moore’s Law come into play, designers are busy creating new interconnects, interfaces and software constructs to keep the bits flowing, and even coming up with new structural technologies that could very well restart the field of digital signal processing on a whole new trajectory.
Intel, of course, is at the forefront of these efforts, says NewsFactor Network’s Jef Cozza, having just released the latest in the Core i7 line, including new desktop versions of the Kaby Lake family that should help boost performance, security and graphics capabilities for enterprise desktops and laptops.
Aside from removing the need for a dedicated GPU for video conferencing and other rich media applications, the new devices double the battery life to 10 hours over existing Skylake machines, and provide a 65 percent data productivity improvement for notebooks running 4k workloads… Read More
An analysis that would have taken more than a thousand years on a single computer has found within one year more than a dozen new rapidly rotating neutron stars in data from the Fermi gamma-ray space telescope.
With computing power donated by volunteers from all over the world an international team led by researchers at the Max Planck Institute for Gravitational Physics in Hannover, Germany, searched for tell-tale periodicities in 118 Fermi sources of unknown nature.
In 13 they discovered a rotating neutron star at the heart of the source.
While these all are – astronomically speaking – young with ages between tens and hundreds of thousands of years, two are spinning surprisingly slow – slower than any other known gamma-ray pulsar.
Another discovery experienced a “glitch”, a sudden change of unknown origin in its otherwise regular rotation.
“We discovered so many new pulsars for three main reasons: the huge computing power provided by Einstein@Home; our invention of novel and more efficient search methods; and the use of newly-improved Fermi-LAT data… Read More
Industry of Things World USA — February 20th-21st in San Diego, CA. Global leaders will gather to focus on monetization of the Internet of Things (IoT) in an industrial setting.
fintech:CODE — March 16th-17th in London, UK. A new international knowledge exchange platform bringing together all DevOps, IT, and IoT stakeholders who play an active role in the finance and tech scene. Key topics include software development, technical challenges for DevOps, DevOps security, cloud technologies and SaaS.
retail:CODE — March 16th-17th in London, UK. 20 real-life case studies, state-of-the-art keynotes, and interactive World Café sessions, 35+ influential speakers will share their knowledge at the intersection of the retail and technology sectors.
Delivery of Things World — April 24th and 25th in Berlin, Germany. Over 400 IT executives will discuss what DevOps really means for business. This event brings together all stakeholders to share their experience and expertise.
Security of Things World — June 12th and 13th in Berlin, Germany. A world class event focused on the next information security revolution. Security concerns that preoccupy enterprise customers today and pragmatic solutions to threats.
Autonomous Systems World – June 14th and 15th in Berlin, Germany. An international knowledge exchange among top experts in the field, providing a unique glimpse into the fascinating world of autonomous robots, intelligent machines, and smart technologies.