BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Growing Government Interest in Cyber R&D

Posted March 26, 2014    BeyondTrust Software

Both US and International governments have been shifting their focus to the research and development of technology to protect critical cyber assets. At the recent AFCEA Homeland Security Conference, cyber security was one of the main topics covered by keynote speakers and exhibitors. We’ve compiled some of the latest endeavors taking place on behalf of governments and large companies in their R&D pursuit of cyber security excellence.

Domestic R&D From Washington D.C.

The Pentagon’s Quadrennial Defense Review

The QDR has stressed the need to protect science, technology, research and development, specifically cyber capabilities. The three focus areas are protecting the homeland, building security globally, and project power and win decisively. The Cyber Mission Force implementing these agendas will focus on “new and expanded cyber capabilities and forces to enhance our ability to conduct cyberspace operations and support military operations.” The force will be fully operational by 2016. The investments include high performance engine technology, state-of-the-art tools and infrastructure, protecting engineering and technological know-how for next generation ground combat vehicle design, and protecting the missile industrial base. “Nearly any future conflict will occur on a much faster pace and on a more technically challenging battlefield.” – Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff

US Budget Request Focuses on a High Tech Future

US Military focused less on prolonged ground wars and more on fighting on a high-tech, contested battlefield. The Pentagon is protecting R&D money in its fiscal 2015 budget submission, and it will push for greater risk-taking and big bets. The Navy Department had a 9 percent increase of their RDT&E budget request, representing an increase of $1.3 billion.

FY 2015 President’s Budget Request Summary For NASA

The FY 2015 budget makes efficient use of NASA’s assets and also includes reinvigorated efforts to protect these assets, particularly from cyber threats.

Subcommittee on Oversight and Subcommittee on Research and Technology Joint Hearing

The Oversight Subcommittee and the Research and Technology Subcommittee held a joint hearing to examine the current state of technology and standards to protect Americans from international cybercriminals. Witnesses discussed the evolution of cyber-attacks against U.S. computer networks and infrastructure from rogue hackers to sophisticated international crime syndicates and foreign nations such as Russia and China. “The cyber threat will pose the greatest threat to our country.” – FBI Director Robert Mueller

International R&D

From Belgium

Swift Chief Executive Calls for a Standardized Global Framework

Swift chief executive Gottfried Leibbrandt has called on EU policymakers work towards the creation of a standardized global framework for international cyber-security. The interbank network, which connects over 10,000 institutions globally, was founded on security and confidentiality principles.“Every day we wake up and go to sleep thinking about, and protecting against that threat. It is hard work and never done. When we don’t sleep, it is because of cyber risks.” European politicians are shifting their focus on drafting the EU’s future cyber-security strategy. Leibbrandt prescribes a minimum of internationally agreed personnel vetting standards, supplier certification standards, readiness level standards and penetration testing standards and best practice definitions. He would also like the EU to do more to foster a vibrant ecosystem of participants and guides in cyber-security, backed by a R&D framework and advanced skill sets.

From Singapore

Israel Aerospace Industries Opens a Cyber R&D Center

Israel Aerospace Industries is launching a new research and development center in Singapore which will focus on finding new technologies to provide early warnings of looming cyber-attacks. The center is the first that an Israeli defense corporation has opened in the Far East, with 80 to 90 percent of its workforce from the local area, including scientists, engineers and professional computer analysts. “This center will deal with cyber challenges, focusing on providing warnings ahead of impending attacks,” – Esti Peshin, head of the Cyber Programs section at IAI’s subsidiary Elta. The center will emphasize three areas: active defenses, such as catching cyber attackers in real time, monitoring them, and redirecting their attacks; finding the geographical location of virtual attackers; and anomaly detection, or recognizing deviations from routine behavior that could indicate impending attacks.

From the United Kingdom

Cyber Emergency Response Team Launch

At the end of March, the UK government will launch the UK Computer Emergency Response Team, a £650 milion cybersecurity strategy. It will guard against criminal attacks on critical government systems and their associated operational functions. Just last year the UK’s energy infrastructure was at risk of being shut down by hackers. Notable CERT personnel include Director Chris Gibson (formerly of the Forum of Incident Response and Security Teams), Director of Operations Neil Cassidy (former cyber defense lead at Qinetiq), and Deputy Director Andrew Whittaker (a former Foreign Office crisis management expert). CERT-UK will provide a central point to coordinate responses to secure the country’s cyber space & is launching amidst increased awareness surrounding attacks on critical infrastructure.

Request a free trial of the BeyondInsight IT Risk Management Platform for U.S. federal agencies.

For more information, please contact: 
BeyondTrust Federal Solutions Group 
Tel: 301.337.8112
federalsales@beyondtrust.com

Tags:
, , , , , , ,

Leave a Reply

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,