Mediaboss Marketing

SAN FRANCISCO Former U.S. Cyber Command and National Security Agency chief Paul Nakasone has been named the inaugural head of a new, national security-focused hub at Vanderbilt University.

The school on Wednesday announced Nakasone as the founding director and leader of its Institute for National Defense and Global Security, which is expected to formally launch at the Nashville-based campus in the fall.

The appointment follows Nakasones retirement earlier this year after a six-year stint as the chief of the U.S. militarys top digital warfighting organization and the worlds largest intelligence agency.

One of the things that really attracted me to Vanderbilt was the fact that it has a very strong belief in an interdisciplinary approach, Nakasone told Recorded Future News during a sit-down interview on the sidelines of the RSA Conference in San Francisco.

He noted the multi-faceted challenges posed by the COVID-19 pandemic, securing U.S. elections and Russias invasion of Ukraine during his tenure leading both entities.

The only way that we were able to have success against all of those threats was the fact that we had a broad partnership with a number of different players academia and industry and our interagency allies, he said.

You take a look at the most challenging problems that our nation faces today, and you move at the speed of conflict.

Vanderbilt Chancellor Daniel Diermeier said the idea for the appointment originated from Nakasones appearances at the universitys annual Summit on Modern Conflict and Emerging Threats and the schools existing focus on education, research and accelerating innovation in national security.

We had conversations about it initially, about whether this particular approach made sense, he said. We love working with him. So, we started talking about it Then gelled into an idea for how these things can reinforce each other.

In his new role, Nakasone will shape what the institute will be, including its structure and long-term goals. He said he would detail his visions for what the next year or two will look like when the center launches.

You should anticipate that there's going to be some type of surge on an activity, much in the same way we took a look at ransomware, he said. We said, Hey, we're gonna surge on that or election security.

The retired four-star also said there would be an emphasis on immediate action and advice and recruitment for individuals to serve as fellows at the new hub.

We think were going to drive outcomes, he said.

Diermeier vowed Vanderbilt would be able to move at the speed Nakasone aims to achieve, noting the institute went from an idea to reality in just around six months.

We love to move fast, Diermeier said. We love to be able to really have an impact and then execute.

Nakasone shrugged off the suggestion that he would have less influence on national security issues now that he is out of uniform.

I have had some experience working in very, very difficult circumstances and being able to get tough problems across the finish line, he said. But most importantly, I think I know people pretty well and I think that's going to be to our advantage.

While the institute marks Naksones first foray outside of government, he didnt rule out the possibility of doing more in the private sector as his two most recent predecessors have done.

I think there'll be other things that I will certainly do. But right now, my focus is obviously on building this premier institute, he said.

Read More:Live updates from the 2024 RSA Conference

Recorded Future

Intelligence Cloud.

No previous article

No new articles

Martin Matishak

is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.

Read the original here:
Former NSA head Paul Nakasone to helm national security institute at Vanderbilt - The Record from Recorded Future News

FORT MEADE, MARYLAND The U.S. government has yet to learn the full extent of a massive Chinese espionage campaign that targeted American critical infrastructure, according to a senior National Security Agency official.

Federal agencies are not done with efforts to uncover or eradicate the threats created by the Chinese hacking group known as Volt Typhoon, said Rob Joyce, the outgoing director of the NSAs Cybersecurity Directorate, during a roundtable with reporters on Friday.

Investigators are still finding victims and making sure to clear out intrusions tied to the sweeping operation, which Western nations first disclosed nearly a year ago, he said.

Joyce also acknowledged for the first time that the government used artificial intelligence to discover some of the breaches made during the campaign, noting that Volt Typhoon activity was difficult to initially identify because the group steals or generates legitimate credentials and doesnt bring additional malware into a system.

Conversely, Joyce said he has seen no examples of them using AI to date. Instead, the prolific, state-sponsored outfit relies on bulk vulnerability scans to sniff out and exploit known weaknesses.

Joyce declined to comment on just how much of the operation the federal government has unearthed to date.

The new insights come a few weeks after some of the countrys top cybersecurity leaders issued stark warnings about the ability of Volt Typhoon and other Chinese hackers to compromise U.S. networks should a conflict with Beijing arise.

"Unfortunately, the technology underpinning our critical infrastructure is inherently insecure because of decades of software developers not being held liable for defective technology," Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA) told the House Select Committee on China.

"That has led to incentives where features and speed to market have been prioritized against security, leaving our nation vulnerable to cyber invasion, she said during the January 31 hearing.

That same day, the Justice Department announced it had disrupted an effort by Volt Typhoon to infiltrate hundreds of insecure U.S. home routers and gain access to critical infrastructure.

The U.S. and its allies revealed the groups actions last May when analysts at Microsoft found it had targeted systems ranging from U.S. telecommunication networks and transportation hubs to the military installation on the island territory of Guam.

Since then, the Biden administration has published over six digital security adversaries warning of the Volt Typhoons tactics and techniques.

From the beginning, its been a broad campaign, said Joyce, who noted targets included airlines as well as energy and pipeline organizations.

The intent really goes back to inspiring societal panic, he said.

That would, in turn, force the U.S. to turn inward and prevent the nation from being able to mobilize and support a conflict in the South Pacific, he told reporters, adding the view of the activity changed as we expanded our knowledge about it

That said, officials believe it would be a pretty high bar for Beijing to activate the groups pre-positioning in Western networks, according to Joyce.

He told reporters he hoped Chinese officials would be thoughtful following the national anger at the discovery of Beijings high-altitude balloon campaign last year.

Chinas military sorely underestimated the countrys response to that event, an anger that would only grow if state-backed hackers struck water and transportation systems, he predicted.

Joyce, who was the NSAs initial pick to be its latest No. 2, instead will retire at the end of the month.

He will be replaced by Dave Luber, who has held various posts at U.S. Cyber Command and has served as the Cybersecurity Directorates deputy chief for almost the last four years.

Recorded Future

Intelligence Cloud.

No previous article

No new articles

Martin Matishak

is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.

The rest is here:
US is still chasing down pieces of Chinese hacking operation, NSA official says - The Record from Recorded Future News

The reality of cybersecurity for companies is that adversaries compromise systems and networks all the time, and even well-managed breach-prevention programs often have to deal with attackers inside their perimeters.

On March 5, the National Security Agency continued its best-practice recommendation to federal agencies, publishing its latest Cybersecurity Information Sheet (CIS) on the Network and Environment pillar of its zero-trust framework. The NSA document recommends that organizations segment their networks to limit unauthorized users from accessing sensitive information though segmentation. That's because strong cybersecurity measures can stop compromises from turning into full-blown breaches by limiting all users' access to areas of the network in which they have no legitimate role.

The guidance from the NSA also allows security teams to make a stronger business cases to management for security protections, but CISOs need to set expectations because implementation is a tiered and complex process.

While the document targets defense-related government organizations and industries, the wider business world can benefit from zero-trust guidance, says Steve Winterfeld, advisory CISO at Internet services giant Akamai.

"The reality is not [whether] you have unauthorized access incidents, it's if you can catch them before they become breaches," he says. "The key is 'visibility with context' that microsegmentation can provide, backed up with the ability to rapidly isolate malicious behavior."

Companies have embarked on zero-trust initiatives to make their data, systems, and networks harder to compromise and, when they are compromised, to slow attackers down. The framework is a solid set of guidelines for how to proceed, but implementing it is not easy, says Mike Mestrovich, CISO at Rubrik, a data security and zero-trust provider.

"Most networks have evolved over time and it is very difficult to go back and rearchitect them while keeping the business running," he says. "It is doable, but it can be costly both in terms of time and money."

Here are six takeaways from the NSA guidance.

The latest document from the National Security Agency dives into the fifth pillar of the seven pillars of zero trust: the network and environment. Yet the other six pillars are equally important and show "how wide-ranging and transformational a zero-trust strategy has to be to be successful," says Ashley Leonard, CEO at Syxsense, an automated endpoint and vulnerability management firm.

"Network and environment" is the fifth pillar in the National Security Agency's Seven Pillars of Zero Trust. Source: NSA

"For companies looking to get started with zero trust, I'd highly encourage them to review the NSA information sheets on the user and device pillars the first and second pillars of zero trust, respectively," he says. "If a company is just getting started, looking at this networking and environment pillar is a bit like putting the cart before the horse."

The network and environment pillar of the NSA's zero-trust plan is all about trying to stop attackers from expanding a breach after they have already compromised a system. The NSA guidelines point to the Target breach of 2013 without explicitly naming the company because the attackers entered via a vulnerability in the company's third-party HVAC system, but then were able to move through the network and infect point-of-sale devices with malware.

Companies should assume they will be compromised and find ways to limit or slow down attackers, NSA Cybersecurity Director Rob Joyce said in a statement announcing the release of the NSA document.

"Organizations need to operate with a mindset that threats exist within the boundaries of their systems," he said. "This guidance is intended to arm network owners and operators with the processes they need to vigilantly resist, detect, and respond to threats that exploit weaknesses or gaps in their enterprise architecture."

The NSA guidance is a tiered model, where companies should start with the basics: mapping data flows in their networks to understand who is accessing what. While other zero-trust approached have been documented, such as NIST's SP 800-207 Zero Trust Architecture, the NSA's pillars provide a way for organizations to think about their security controls, Akamai's Winterfeld says.

"Understanding data flow primarily provides situational awareness of where and what the potential risks are," he says. "Remember, you cant protect what you dont know about."

After tackling any other fundamental pillars, companies should look kick off their foray into the Network and Environment pillar by segmenting their networks perhaps broadly at first, but with increasing granularity. Major functional areas include business-to-business (B2B) segments, consumer-facing (B2C) segments, operational technology such as IoT, point-of-sale networks, and development networks.

After segmenting the network at a high level, companies should aim to further refine the segments, Rubrik's Mestrovich says.

"If you can define these functional areas of operation, then you can begin to segment the network so that authenticated entities in any one of these areas don't have access without going through additional authentication exercises to any other areas," he says. "In many regards, you will find that it is highly likely that users, devices, and workloads that operate in one area don't actually need any rights to operate or resources in other areas."

Zero-trust networking requires companies to have the ability to quickly react to potential attacks, making software-defined networking (SDN) a key approach to not only pursuing microsegmentation but also to lock down the network during a potential compromise.

However, SDN is not the only approach, Akamai's Winterfeld says.

"SDN is more around governance of operations but depending on your infrastructure might not be the optimal solution," he says. "That said, you do need the types of benefits that SDN provides regardless of how you architect your environment."

Finally, any zero-trust initiative is not a one-time project but an ongoing initiative. Not only do organizations need to have patience and persistence in deploying the technology, but security teams need to revisit the plan and modify it as they face and overcome challenges.

"When thinking about starting on the zero-trust journey their guidance on starting with mapping data flows then segmenting them is spot on," Winterfeld says, "but I would add that is often iterative as you will have a period of discovery that will require updating the plan."

Read the original here:
6 CISO Takeaways from the NSA's Zero-Trust Guidance - Dark Reading

March 18, 2024

St. Johns Universitys Master of Science (M.S.) degree program in Cyber and Information Security has received Program of Study validation from the National Security Agency (NSA), recognizing it among the industrys most highly regarded advanced-degree programs.

Representatives of the NSA joined a committee of academic peers in recognizing the masters program offered by The Lesley H. and William L. Collins College of Professional Studies. Program of Study validation acknowledges the St. Johns program is helping to ensure a highly skilled cybersecurity workforce that creates a strategic national advantage, according to the National Centers of Academic Excellence in Cybersecurity (NCAE-C), which is managed by the NSA and oversees its educational programs.

According to Cybercrime Magazine, more than 170 colleges or universities offered cybersecurity-related masters degrees in 2023. Not all have earned Program of Study validation. St. Johns validation extends through the 2029 academic year and promises to enhance the professional prospects of University graduates entering a high-demand career field.

For students interested in pursuing a masters degree in Cyber and Information Security, validation offers assurance that the curriculum, facilities, and synergy between faculty and students meet the high standards of the US Department of Homeland Security (DHS) and the NSA, said Erald Troja, Ph.D., Assistant Professor, Division of Computer Science, Mathematics, and Science, and Acting Program Coordinator for the Cyber Security Systems program in the Collins College of Professional Studies.

For faculty and administrators, Dr. Troja continued, it offers the opportunity to pursue well-funded research and service-related grant opportunities that are exclusively available to programs validated by DHS and NSA.

The Program of Study validation is the culmination of a process that began before the first class of St. Johns graduate students enrolled in 2020. A minimum of three years of graduates was required before the University could apply. Courses needed to align with validation requirements, including a program-wide emphasis on community leadership in the field and demonstrated engagement in developing solutions to challenges in cybersecurity education.

Once the first class of students graduated in May 2023, a team led by Joan E. DeBello, Ph.D., Associate Professor, Mathematics and Computer Science, and Chair, Division of Computer Science, Mathematics, and Science, and Luca Iandoli, Ph.D., Dean, the Collins College of Professional Studies, and Professor, Division of Computer Science, Mathematics, and Science, applied for approval.

Approval came from the NCAE-C in mid-February.

Having this designation puts St. Johns at a high standard for continually improving the curriculum and provides a competitive edge with peer institutions who may not have this validation, Dr. DeBello said.

According to Suzanna Schmeelk, Ed.D., D.P.S., Assistant Professor of Cybersecurity, and Director, M.S. in Cyber and Information Security program, validation ensures the continued growth of the 30-credit M.S. in Cyber and Information Security program.

The future of this program is developing rapidly, Dr. Schmeelk said. Validation supports future initiatives, including international research and preparing students for strong cyber skill leadership in the industry, rooted in ethical and equitable values.

Program of Study validation continues the Universitys commitment to providing its cybersecurity students with state-of-the-art classroom and experiential-learning opportunities in an industry that is rapidly expanding. According to the information technology network Spiceworks, more than 2.7 million cybersecurity job vacancies existed globally in 2022.

St. Johns students in bachelors and masters degree programs have access to the Universitys Sanford Family Cyber Security Lab, where they can employ classroom-taught techniques for intrusion detection, vulnerability identification and mitigation, malware analysis, and more. The Sanford Family lab is the main conduit of St. Johns Center of Academic Excellence in Cybersecurity Defense research.

Spiceworks recently ranked St. Johns among the top 10 of all cybersecurity colleges in the United States.

The NSA designation is a key asset in our strategy to consolidate St. Johns leadership and reputation in cybersecurity, Dean Iandoli said. NSA designation attests that our graduate curriculum is based on the industry gold standard, defined through identifying critical knowledge and competencies. Such design ensures our students will be fully prepared to be technology leaders in this developing field.

Read more here:
St. John's M.S. in Cyber and Information Security Earns Key NSA Validation - St John's University News

Fort Meade, Md.

The U.S. Senate voted to confirm President Joseph R. Biden, Jr.s nomination of U.S. Air Force Lt. Gen. Timothy D. Haugh to the rank of General and to assume the duties as the Commander, U.S. Cyber Command (CYBERCOM), Director, National Security Agency (NSA)/Chief, Central Security Service (CSS).

Lt. Gen. Haugh is scheduled to assume his new role following a change-of-command ceremony planned for early 2024.

It is the honor of a lifetime to have the opportunity to lead the incredible workforce of the Command and the Agency as they support the joint force during this decisive decade, Lt. Gen. Haugh said. My priorities people, innovation, and partnerships will serve as the foundational values to ensure we continue to execute our mission to deliver outcomes against national priorities in foreign intelligence and cybersecurity.

Lt. Gen. Haugh began his Air Force career in 1991, by earning his commission and as a distinguished graduate of the Reserve Officers Training Corps at Lehigh University, Bethlehem, Pa. He currently serves as CYBERCOMs deputy commander, where he directs, synchronizes, and coordinates cyberspace planning and operations to defend and advance national interests in collaboration with domestic and international partners.

In his nearly 32 years of service, Lt. Gen. Haugh brings a wealth of joint service knowledge and experience to the Command and the Agency from assignments including commander, Sixteenth Air Force, Air Forces Cyber and Joint Force Headquarters-Cyber, as commander, Cyber National Mission Force, as CYBERCOMs director of Intelligence, J2, and as the deputy commander of Joint Task Force-Ares.

Lt. Gen. Haugh expressed gratitude toward U.S. Army Gen. Paul M. Nakasone, Commander, CYBERCOM, Director, NSA/Chief, CSS, for his commitment to the dual-hat mission and workforce under his charge during times of unparalleled global challenges.

I believe the nation is defended and the future is secured due to his leadership over the past six years, Lt. Gen. Haugh said. His loyalty to the nation, duty to the mission, selfless service, integrity and personal courage are admirable.

Gen. Nakasone expressed that he is fortunate to pass command to a leader who upholds the highest standards of the service and demonstrates immense dedication to the mission.

Having worked alongside Lt. Gen. Haugh over the past decade, I can personally attest to his steadfast leadership, integrity first mentality, and unwavering sense of duty, Gen. Nakasone said.

Gen. Nakasone will retire after 37 years of dedicated service to the nation. As Director, NSA/Chief, CSS, Gen. Nakasone leads the nations signals intelligence (SIGINT) enterprise ensuring delivery of timely, accurate intelligence insights to warfighters, policymakers, and allies on topics of critical national security importance. As the National Manager for National Security Systems, Gen. Nakasone supports the protection of these systems, the Defense Industrial Base, and U.S. critical infrastructure from cyber threats as well the development of game-changing technologies to provide intelligence advantage.

During his tenure with the Command and the Agency, Gen. Nakasone supported the establishment of CYBERCOM, fostered strategic concepts for cyber operations, and oversaw tighter integration between CYBERCOM and NSA. Additionally, under his leadership the Command and the Agency built closer ties with federal and industry partners. For example, Gen. Nakasone established several NSA organizations, including the Cybersecurity Directorate, the China Strategy Center, and the Cybersecurity Collaboration Center, which now has 750 partners across industry and the Defense Industrial Base. Moreover, Gen. Nakasone spearheaded the development of several successful joint CYBERCOM and NSA teams such as the Russia Small Group, China Outcomes Group and the Election Security Group.

Gen. Nakasone has held command and staff positions across all levels of the U.S. Army and the joint force with assignments in the United States, the Republic of Korea, Iraq, and Afghanistan.

Serving the nation alongside the CYBERCOM and NSA/CSS workforce has been the highlight of my career, Gen. Nakasone said. I am proud to have worked every day with the very best leaders and talented workforce.

Read Gen. Paul Nakasones biography.

Read Lt. Gen. Timothy Haughs biography.

About U.S. Cyber Command:

U.S. Cyber Command directs, synchronizes, and coordinates cyberspace planning and operations to defend and advance national interests in collaboration with domestic and international partners.

Here is the original post:
Senate votes to confirm Lt. Gen. Timothy Haugh to lead CYBERCOM and NSA/CSS - United States Cyber Command