U.S. official is first to helm new NATO IT and cyber agency

Intelligence community management veteran and former Defense Department Deputy Comptroller Kevin Scheid has taken up his new post as general manager of the NATO Communications and Information Agency, NCIA, where he will oversee a multibillion-dollar IT and cybersecurity modernization program for the 29-nation military alliance. NCIA, which operates and defends NATO IT and telecommunications networks, announced the news at the weekend. “I plan to take the first 90 days, like most new heads of large organizations, and do some deep-dives in some key areas, to make sure I understand the status and state of the agency,” Scheid told the NCIA in-house journal. “First, I’ll hold deep dives in the areas of finance … personnel management and the contract issues and how that is progressing, in acquisition, as well as the management of the organization. Do we have the right management structure for the Agency?” Beginning in the fall, Scheid will lead NCIA in a two-year, $3.4 billion IT modernization […]

The post U.S. official is first to helm new NATO IT and cyber agency appeared first on Cyberscoop.

Continue reading U.S. official is first to helm new NATO IT and cyber agency

June 28, 2017 – Hack Naked News #131

DoD networks have been compromised, the Shadow Brokers continue their exploits, a Pennsylvania healthcare system gets hit with Petya, and more. Jason Wood of Paladin Security joins us to discuss nations’ offensive technical strengths and defensive weaknesses on this episode of Hack Naked News! Doug’s Stories: http://thehackernews.com/2017/06/shadowbrokers-nsa-hacker.html — Shadowbrokers continue their exploits by planning to dox […]

The post June 28, 2017 – Hack Naked News #131 appeared first on Security Weekly.

Continue reading June 28, 2017 – Hack Naked News #131

Why a global cybersecurity Geneva convention is not going to happen

Microsoft President and Chief Legal Officer Brad Smith has been pounding the pavement all year asking for a “global cyber Geneva Convention” in the face of threats facing his employer’s software and the greater internet at large. It’s a pipe dream and I’ll tell you why. Any global effort works best when there are clear answers. For instance, there is a clean line between “nuclear war” and “not nuclear war.” The cyber domain is different. While there is some consensus within Microsoft that’s driven by business concerns and hyped as social concerns, there isn’t the same consensus within or between global governments. We don’t even know the trade-offs that would be implied by the things Microsoft is asking for: a barrier on the trade of “cyberweapons” resulted in massive outcry when it was codified in the Wassenaar Arms Control Arrangement last year, some of which came from the very same […]

The post Why a global cybersecurity Geneva convention is not going to happen appeared first on Cyberscoop.

Continue reading Why a global cybersecurity Geneva convention is not going to happen

Why You Should Be Skeptical of the US Military’s ‘Successful’ Missile Defense Test

The missile it intercepted was probably moving slower than one fired at the US from North Korea would be. Continue reading Why You Should Be Skeptical of the US Military’s ‘Successful’ Missile Defense Test

Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place

There’s an oversight bill in the works that would compel the Defense Department to notify Congress when the military is engaged in sensitive cyber operations. The bipartisan legislation, as it’s currently written, would require congressional notification when the Defense Department takes action in cyberspace under U.S. Code Title 10, which supervises operations led by Army, Navy, Air Force, Marine Corps, and Coast Guard, as well as the Reserves. Title 10 is unrelated to the U.S. government’s intelligence gathering mission set, which is led by federal organizations like the National Security Agency. Sponsored by top House Armed Service Committee Reps. Elise Stefanik, D-N.Y., Mac Thornberry, R-Texas, Jim Langevin, D-R.I., and Adam Smith, D-Wash., the bill does not provide Congress with any additional authorization authority, but rather codifies an informal disclosure process that exists between the Defense Department and relevant congressional committees. There is no mention of a public disclosure element in […]

The post Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place appeared first on Cyberscoop.

Continue reading Proposed bill would make DOD tell Congress when ‘special cyber operations’ are taking place

U.S. launches ‘Hack the Air Force’ bug bounty program

The U.S. Air Force launched a new bug bounty program dubbed “Hack the Air Force” on Wednesday, continuing a trend within the U.S. military that began last year with Hack the Pentagon and Hack the Army. Before the Pentagon’s bug bounty programs launched, it was illegal to search for vulnerabilities on Defense Department networks. The trend has extended overseas, as well, with the U.K. government’s announcement of its own bug bounty program last month. The Air Force program is directed by HackerOne, the bug bounty platform behind Hack the Pentagon that just raised a $40 million investment in February, and Luta Security, the security consulting firm driving the U.K. program. HackerOne and Luta Security are partnering to deliver up to 20 bug bounty challenges over three years to the Defense Department. “This outside approach — drawing on the talent and expertise of our citizens and partner-nation citizens — in identifying our security vulnerabilities will […]

The post U.S. launches ‘Hack the Air Force’ bug bounty program appeared first on Cyberscoop.

Continue reading U.S. launches ‘Hack the Air Force’ bug bounty program