Archive for the ‘NSA’ Category

Insecurity: Northern youths protest in FCT, demand sack of NSA | The ICIR – ICIR

NORTHERN youths under the aegis of Arewa Youth Assembly, on Wednesday staged a protest over the rising level of insecurity in Nigerias Federal Capital Territory (FCT) and demanded the replacement of the National Security Adviser (NSA) Babagana Monguno.

Publicity Secretary Aliyu Muhammed, while addressing journalists during the protest at the National Assembly, said terrorists and other criminals had become more daring under Mongunos watch.

Muhammed also said the security situation in the country showed that the NSA was not effectively discharging his duties and called for his resignation or sack.

The criminal elements became emboldened under his watch as the NSA; they equally ambushed and killed some officers of the Brigade of Guards to Mr President and also issued notice to kidnap Buhari and Governor Nasir El-Rufai of Kaduna State. This is unfortunate and unimaginable in the history of nationhood.

The NSA is either not advising the President, or his ideas are infective; hence, the seeming triumph of ragtag elements over our Armed Forces. We, therefore, call for his immediate resignation or be sacked by Buhari, Muhammed said.

He noted that indiscriminate killings across the country had worsened food scarcity and the countrys poverty rate.

We want the security of this nation to unconditionally be improved from its present state to a satisfactory one, and all Nigerians in captivity should be fought for and set free, unconditionally, he said.

- Advertisement -

The group, however, called off the protest but threatened to converge again in all 19 Northern states if their demands were not met in two days.

The ICIR reported that residents of the FCT are living in apprehension over the spread of insecurity into the countrys capital.

Following a series of attacks by terrorists and bandits within the FCT, security concerns have heightened, and residents have expressed dissatisfaction with the Federal Governments response to the security concerns.

Ijeoma Opara is a journalist with The ICIR. Reach her via vopara@icirnigeria.org

See the original post here:
Insecurity: Northern youths protest in FCT, demand sack of NSA | The ICIR - ICIR

NSA to reveal identities of big men behind oil theft in Nigeria Presidency – Daily Post Nigeria

Garba Shehu, the Senior Special Assistant to President Muhammadu Buhari on Media and Publicity, has disclosed that the office of the National Security Adviser (NSA) would soon reveal the identities of highly placed Nigerians behind oil theft in Nigeria.

Appearing on a Trust TV programme, Shehu revealed that security operatives recently raided locations where illegal oil bunkering thrives as part of the plan to control economic sabotage in Nigeria, adding that oil theft is being tackled.

Shehu also disclosed that it is embarrassing for the country not to meet up with the quota given to it by the Organisation of Petroleum Exporting Countries (OPEC).

According to him, Oil theft is being tackled. The big problem we have in this country is that we ought to see more commitment from communities in assisting law enforcement agents. In some cases, where some actors in law enforcement are complicit, it becomes bad.

We used to fight the OPEC for more quotas; now, theyve given us and we arent able to meet up. Thiss embarrassing. Security agencies are fully involved in stopping this act. Im hopeful that in the next few days, the office of the National Security Adviser (NSA) will be presenting to the country big men who are promoters of this kind of business as theyre being caught and illegal refineries are being bombed out.

The Nigerian National Petroleum Company Limited is also installing a monitoring capacity to detect or advise immediately when sabotage of oil pipelines happens.

Meanwhile, just last week, the Economic and Financial Crimes Commission (EFCC) arrested 120 Nigerians over alleged illegal oil theft.

The EFCC carried out a joint operation with personnel of the 6 Division Garrison, Nigerian Army in Port Harcourt, Rivers State.

See the original post here:
NSA to reveal identities of big men behind oil theft in Nigeria Presidency - Daily Post Nigeria

Former US Cyber Command and NSA chief makes the case for a cyber competition strategy | The Strategist – The Strategist

Cyber threats to national security and prosperity are today better understood, better prioritised and far better resourced than in decades past. Cyber as a domain, as a threat and as a key opportunity is now a firmly established and essential element of military strategy and capability.

Yet today, state, non-state and individual cyber actors have greater capability, capacity and willingness to use cyber tools aggressively for malicious purposes, and their tolerance for risk has grown.

In the view of former US National Security Agency and US Cyber Command boss Mike Rogers, despite the positives, the overall picture of the cyber domain is one of increased threat and complexity.

Most countries, even if they leverage all the power and capability of their military and defence cyber sectors, cant effectively respond to this complex threat environment alone. Many nations, Western and non-Western, democratic and non-democratic alike, now understand that their national capabilities and their private sectors are engaged in a competition that is fundamentally unfair.

For decades, countries with market-based economies, such as the United States, have sought to create national frameworks that enable their research and development ecosystems and free-market private sectors to pursue global competitive advantage, largely by keeping government out of their way.

The assumption that market-based economies by their nature could continue to enable the private sector to out-compete and out-innovate their rivals has been disproven. Rogers notes that the approach of an enabled and unencumbered free market served the US well for a time after the end of the Cold War; it led to the invention and dominance by the US and other Western nations of key capability areas like stealth technology, the internet and wireless connectivity.

But between the fourth and fifth generation of these technologies, the playing field has definitively tilted in favour of actors that exploit highly controlled, centralised and coordinated strategies leveraging all the resources and capability in their private and public sectors, including intelligence and espionage capabilities.

Chinanow openly described as a peer competitor and strategic rival to most Western countrieshas assessed that cyber and a range of critical and emerging technologies are game-changers with both domestic and international implications. Cyber is considered by China (and the US and others) as being among a range of technologies that can offer decisive strategic advantages for future prosperity and security.

The Chinese state has poured, and continues to pour, billions of dollars into building its cyber capabilities. Its strategy includes blatant theft of advanced Western intellectual property and excessive requirements for technology transfer from the West as a precondition for access to the lucrative Chinese market, and to the billions of dollars of Chinese state investment.

No company, R&D outfit, or sector of companies operating under free-market principles and on the assumption of a level playing field can compete with Chinas strategy. Competing under these circumstances requires a team approach bringing together government and the private sector, and working with partners and allies across national boundaries.

In no way should a team strategy between like-minded players emulate what China has done. Competing effectively doesnt necessitate cyber-enabled IP theft, the employment of state espionage capabilities to unfairly benefit Chinese state-owned and private companies, or forced technology transfer. But it does require policy settings that protect innovation and cutting-edge technology developed and commercialised in the US and other centres of technological excellence and dynamism (including and especially in the Indo-Pacific).

It also requires export-control and inward-investment regimes that differentiate between international actors with which technological cooperation is a strategic imperative and those that present significant strategic risks.

It certainly involves a clear articulation that competitionfair competition with clear rules for acceptable and unacceptable behaviouris the strategy. And it involves action to create a policy environment that enables competition in a way that protects and extends existing rules and norms and that safeguards IP and key sources of innovation.

It also requires forums and mechanisms that bring together the perspectives, incentives and imperatives that drive the activities of governments, the technology sector and civil society. These communities dont yet talk to one another effectively, dont harness their collective power for shared benefit, and dont align on common interests in a way that produces superior outcomes for them all.

The need to get to that is urgent. The Sydney Dialogue, an ASPI initiative, brings government, private-sector and civil-society leaders together at the highest levels and provides a platform for enhanced cooperation between international actors. It offers a constructive space for the urgent conversation needed to enable stronger, fairer, more integrated competitive strategies between countries that share a commitment to the rule of law and a vision for the use of existing and future technologies in the global good.

Rogers discussed the need for better, more integrated strategies to compete with China in key technology areas. He delved into the implications of the use of cyber capabilities in the Russian invasion of and ongoing war against Ukraine, and described it as a watershed moment. The growing reality of, and increasing calls for, decoupling of cyber and other technologies from China, Russia and other actors is also explored.

Importantly, Rogers talked about the enormous potential of the technology priorities and objectives of the AUKUS partnership. Australia, the UK and the US have a real opportunity to demonstrate and enhance their ability to achieve effective integration between government, industry and civil society, and to work across national borders through a joined up, multi-sectoral technology strategy for national security.

To meet the objectives of partnerships like AUKUS, theres a need to move beyond cooperation to integration, including between parts of our systems that have operated independently for good reasons in the past. We must preserve the best and most productive characteristics of our free and open systems. But government, the private sector and civil society must also be brought into closer alignment for the benefit of all. It is past time to move beyond understanding the problem and start organising more effectively for the geostrategic technology competition that we know were now in.

The policy challenges posed by critical, emerging, cyber and space technology require a new approach. That starts with answering a key question Rogers asks: What is our vision of the key technologies, the most critical sectors that are really going to drive economic advantage and [that] if placed at risk would cause us harm, [and] what are the policies we need to create advantage for ourselves?

A new cybersecurity strategy based on what is required to become and remain competitive, secure and resilient should focus on this central question.

Continue reading here:
Former US Cyber Command and NSA chief makes the case for a cyber competition strategy | The Strategist - The Strategist

Inaugural India-Central Asia NSA meeting to be held in December – WION

As a key outcome of the first India-Central Asia summit that took place in January this year, the inaugural National Security Advisors meet will take place in December this year in India.

The meeting takes place even as India and Central Asia celebrate 30 years of establishment of ties and focus on increasingengagement. Central Asia consists of fivecountries - Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistanand Uzbekistan with whom India has cultural and civilization ties.

The India Central Asia summit had taken place earlier withthe participation of PM Modi andall leaders of the five countriesandthe key outcomes of the meet included holding summit level meet every twoyears. Leaders also agreed on regular meetings of foreign ministers, trade ministers, culture ministers andsecretaries of the Security Council or NSAs as part of close cooperation.

India will also host the Shanghai Cooperation Organization (SCO) NSAmeeting in March of next year(2023). India will be taking over the chair of the group in September this year after the summit in Uzbekistan's Samarkand.

On Friday, India's deputy national security adviser Vikram Misri took part in 17th Secretaries of Security Councils meeting in the Uzbek capital Tashkent. During the meeting, the key focus of India was on Afghanistan as officials highlightedhow India has helped the Afghan people as itreiterated its call for the formation of an inclusive government, preserving the rights of women, children and minorities andcombating terrorism and drug trafficking.

While the Taliban's takeover of Afghanistan in August last year shocked the region and the world, the focus since then has been on aid to the Afghan people by New Delhi. India has sent 40,000 MT of wheat, 30 tons of medicines, 500,000 doses of COVID-19vaccine and 500 units of winter clothing so far. In the aftermath of the devastating earthquake in Patika province, Indian Air force planes delivered 28 tons of emergency relief assistance.

However, worries remain over Afghan territory being used by terrorists whichwas emphasised by India's deputy NSA who highlighted the threat posed by various terror groups including those designated by UNSC such as ISIS, Al-Qaeda, Lashkar -e-Taiba, Jaish -e-Mohammed among others. He pointed tothe recent attack on Karte Parwan Gurudwara in Kabul whileexpressing concerns over the increase in the number of terror attacks by ISIS affiliate Islamic State-Khorasan Province (ISKP).

This yearIndia is the Chair of the Council of Regional Anti-Terrorist Structure ( RATS) of the SCO andhas strongly taken up the issue of countering terror finance. It has chaired 24 meetings of various groups of the SCO RATS structure with five meetings held in India.

India will also be holding the SCO RATS council meeting on October 14th this year in Delhi.

During his Uzbekistan visit, Deputy NSA Misri held bilateral meetings with Uzbek NSA Viktor Makhmudov, Mongolian NSA J. Enkhbayar andcalled on the Acting Foreign Minister of Uzbekistan Vladimir Norov Imanovich.

WATCH WION LIVE HERE

You can now write for wionews.com and be a part of the community. Share your stories and opinions with us here.

See the article here:
Inaugural India-Central Asia NSA meeting to be held in December - WION

What Are the NSA K8s Guidelines and Why Should You Care? – Container Journal

The NSA released its Kubernetes Hardening Guidelines almost a year ago and made updates to it this March. The purpose of the document is to provide an overview of what Kubernetes users need to do to ensure security. As described within, the report is designed to help organizations handle Kubernetes-associated risks and enjoy the benefits of using this technology.

The guidelines are extensive; a 66 page document. There are some main categories that are covered throughout including pod security, network separation and hardening, authentication and authorization, audit logging, threat detection, upgrading and application security.

Within each section, the NSA outlines advice. For example, it explains that to ensure pod security, you should use containers built to run applications as non-root users. It says, By default, many container services run as the privileged root user, and applications execute inside the container as root despite not requiring privileged execution. Preventing root execution by using non-root containers or a rootless container engine limits the impact of a container compromise.

Another example is around locking down access. It says, [Role-based access control] RBAC, enabled by default, is one method to control access to cluster resources based on the roles of individuals within an organization. RBAC can be used to restrict access for user accounts and service accounts.

The list is extensive, which can feel overwhelming and might leave you wondering whether the NSAs advice is truly important or if its just overkill.

The CNCF says in its 2021 annual report that the usage of Kubernetes is continuing to grow and reached its highest level ever, with 96% of organizations using or evaluating the technology. However, security continues to be top of mind for organizations. In a Red Hat report, 94% of respondents stated they have experienced a security incident in their Kubernetes and container environments during the last 12 months.

Companies want to use and are adopting Kubernetes, but security must be a top priority. By producing this guide, the NSA is essentially endorsing the technology. It sees the value of using Kubernetes but wants it done securely. This is huge for the cloud-native landscape and for Kubernetes adoption. The guidelines provide not only U.S. federal organizations a path to secure usage of Kubernetes, but any company that wants to use the technology, too.

So, the next logical question is how to tick the boxes on the guide? With approximately 20 different requirements around the five categories, it can seem like a big undertaking.

The first step to complying with the guide is to understand your Kubernetes environment. For example, how many clusters do you have? Do you have any containers running as root? Do you have role-based access control in place? And are you doing all of this consistently? Many of the issues around Kubernetes involve a lack of visibility into the environment and ability to understand if policies are being implemented habitually.

Unfortunately for many organizations running environments with three or more clusters, it is too hard to answer this question. The genius of a Kubernetes environment is its ephemeral nature; the downside is things are constantly changing.

DevOps teams wanting to implement NSA hardening guidelines should spend time auditing their environment for misconfigurations. Many organizations fall into the trap of doing this manually but should look to tools that automatically scan clusters and infrastructure-as-code for misconfiguration and vulnerabilities.

Once a Kubernetes environment is understood, how do you achieve compliance? First, DevOps teams should look for tools that help them enable developers to use Kubernetes safely. This is where Kubernetes guardrails come into play. Guardrails enable DevOps teams to turn policy from a piece of paper into a safety net. Instead of moving to production with a manual review, guardrails can be put in place to guide the entire development life cycle. Developers can ensure container security configuration is set, for example, before it ever gets to production. It helps to free up DevOps time and enables developers to ship applications faster.

Next, by combining automated scans with guardrails, teams can document their journey to compliance. It becomes a much easier process as unknowns in Kubernetes become knowns.

Understanding the importance of the NSA hardening guidelines and knowing how to implement them are two different things. In my next article, Ill dig into some specific examples around the five main categories of the report.

Related

Here is the original post:
What Are the NSA K8s Guidelines and Why Should You Care? - Container Journal