Some cybersecurity experts have expressed their views on cyber strategies issued by the White House and the Defense Department in September, National Defense reported Thursday.

Daniel Charles, CEO and co-founder of Charles Bernard Ventures, said both strategies outline key initiatives, such as efforts to increase accountability among contractors and DoD’s move to prioritize partnerships with foreign allies to address future issues.

That “is something new that has been talked about quietly but hasn’t really ever come out in the light,” Charles, also a cybersecurity fellow at think tank New America, said of international collaboration.

Gary Shiffman, CEO of software firm Giant Oak, said budgetary changes and programmatic activities should follow the release of such strategies in order to effect change.

“At the national level, these kinds of high-level documents provide the top cover for the rest of government to follow in terms of … their future year planning and budgeting,” added Shiffman, a professor at Georgetown University.
 

Vice Adm. Nancy Norton, director of the Defense Information Systems Agency, has said the Defense Department is working on employing new technologies and implementing faster processes to change its cybersecurity culture, MeriTalk reported Thursday.

Norton, who also serves as the commander of the Joint Force Headquarters-Department of Defense Information Network, noted during a Fifth Domain-hosted event that the government’s strategies in defense and cybersecurity pushes DoD to rethink its culture, priorities and decisions to respond to increasing cyber threats from adversaries.

Norton added that changes in DoD’s use of information technology availability, protection of data integrity and engagement with both allies and adversaries, among others are needed to continue using DODIN to deter threats.

“We must operate the DODIN with a warfighting mindset, to ensure our data and our ability to move it remains resilient to adversary activities, in cyberspace and the other warfighting domains,” she said.

Lastly, the DISA official addressed the need to adopt agile development processes to drop standard and lengthy acquisition practices. 

Defense Secretary James Mattis has formed a new task force that aims to protect the Pentagon’s critical technology, classified data and controlled unclassified information from expropriation and theft.

Mattis directs Deputy Defense Secretary Patrick Shanahan to name a director and deputy chief to oversee the Protecting Critical Technology Task Force, according to an Oct. 24 memo obtained by Inside Cybersecurity.

Air Force Maj. Gen. Thomas Murphy will serve as PCTTF director until Shanahan names a permanent chief.

The director of the cross-functional task force will gather a team of personnel from the Defense Department and service branches and report to Shanahan and Gen. Paul Selva, vice chairman of the Joint Chiefs of Staff, to provide recommendations and updates on progress and requirements.

Mattis will require the task force to launch 30-day and three-month sprints to address fundamental issues.

The office of the defense undersecretary for research and engineering will serve as the task force’s executive secretary.

Bloomberg reported that Mattis’ memo was drafted a week before the U.S. government sued a Chinese state-owned firm for conspiring to steal U.S.-based chip manufacturer Micron Technology’s trade secrets.
 

The cybersecurity teams of the departments of Defense and Homeland Security have started preparing to respond to cyberattacks that may arise in the upcoming U.S. elections, FCW reported Thursday.

John Felker, director of the DHS’ National Cybersecurity and Communications Integration Center, said at the Professional Services Council’s Vision conference that DHS is employing and training 50 personnel from the U.S. Cyber Command for cyber incident response operations in a real environment.

He added that DHS will lose some of its skilled staff if CYBERCOM forces do not participate in hands-on exercises for incident response.

The effort complies with a Defense Support of Civil Authorities request that seeks to give permission to the DoD and DHS to facilitate critical infrastructure cyberattack mitigation initiatives.

Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at DHS, clarified at a Carnegie Endowment for International Peace event that the department is currently only focused in preparing for potential cyberattacks during the midterm elections.

“To be very clear, there is no intelligence or anything that would suggest we would be in that situation, but we wanted to have all of the various, different bureaucratic and legal agreements pre-negotiated, settled,” she said.

Researchers at a joint institute of the National Institute of Standards and Technology and University of Colorado in Boulder have measured multiparticle interactions among groups of atoms arrayed within an atomic clock.

JILA researchers used a three-dimensioned strontium lattice clock to control several arrays of atoms and used a new imaging technique to measure the particles’ subsequent quantum states, NIST said Wednesday.

The research team created arrays made up of as few as one atom, or as many as five atoms per lattice cell within the atomic clock. The team then triggered the particle interactions using a laser.

Jun Ye, a JILA Fellow, said that the resulting observations could yield knowledge that would make it possible to improve atomic clocks.

Information from the study could also help advance quantum information processing and enhance various kinds of sensors, according to NIST.

NIST sponsored the research effort with NASA, the Defense Advanced Research Projects Agency, Army Research Office, Air Force Office of Scientific Research, National Science Foundation.

President Trump has called on American citizens to acknowledge in November the role of critical infrastructure in boosting national and economic security.

By proclaiming November as Critical Infrastructure Security and Resilience Month, the government reaffirms its goal of strengthening critical infrastructure such as such as power grids, water and food supplies and transportation systems to protect the U.S. from artificial and natural threats, the White House said Wednesday.

Trump noted there is a need for the federal government and its partners to prioritize the protection of the election infrastructure as the next U.S. elections will be held within the month.

He added that increased collaboration between the public and private sectors will help further prevent cyber actors from virtually harming the U.S. critical infrastructure.

Trump said that addressing risks to critical infrastructure will help keep the U.S. safe.

The Commerce Department will soon issue a guidance on Internet-of-Things security issues, MeriTalk reported Wednesday.

Katerina Megas, program manager for IoT cybersecurity at the National Institute of Science and Technology, said the draft map for IoT security will probably come out in the “next couple weeks”, and efforts for its arrival might be spearheaded by, aside from the DOC and NIST, the Federal Trade Commission and the private sector.

The IoT security roadmap initiative is a follow-up of the department’s delivery early 2018 of a report on botnets calling for the coverage of IoT devices in security applications.

Megas added during a panel discussion at Symantec‘s 2018 government symposium that the guideline might contain updates regarding regulation of connected devices.

John Mills, principal director and partner at Cyber Asymetrics Associates and ex-director of cybersecurity policy, strategy and international affairs at the Defense Department, said a lack of IoT security is influenced by a deficiency in public infrastructure policies designed to operate digital certificates and handle public-key encryption.

 

Federal Chief Information Officer Suzette Kent has said her office plans to launch programs that will help address gaps in the federal information technology workforce, Federal News Network reported Wednesday.

Kent noted at the Symantec Government Symposium that the government will boost its efforts in recruiting entry-level IT employees and retraining existing personnel who are capable of undertaking tasks in cybersecurity.

She added that she will work to sustain the government’s investments in the IT workforce, with new budget negotiations scheduled to commence in December.

The Office of Personnel Management recently proposed revising rules in authorizing agency heads to immediately address any shortage in IT employees instead of waiting more than 100 days to fill an open position.

The government also established Centers of Excellence at the Departments of Agriculture and Housing and Urban Affairs in an effort to share cyber talent with the private sector.

Kent also shared that the government seeks to guide agencies in setting their expectations for IT employees, as well as increasing the mobility of IT employees to help them grow in their careers.