Cyber Defense Weekly August 10, 2010
| What CXO's fail to grasp about cyber security |
|
 IT security is often a nagging thorn in the side of enterprises and those that lead them. It is viewed as a technical issue that should just be fixed. In last week's lecture track on security that I delivered for Internet Evolution's 60 Days of Executive Education I started off with three things that CXOs consistently fail to grasp about enterprise security.
Good security operations is not the same as good security. Why security investments never end. Audit and compliance get in the way of good security. Readthe rest of my thoughts on this topic at ThreatChaos.com |
|
| Israel sees electronic warfare as an alternative to investing in F-35s | |
| There are a few interesting items in a recent issue of Aviation Week and Space Technology. Apparently Israel is rethinking their original plan to purchase 100 of the advanced Joint Strike Fighter. With a focus on modern warfare and fighting non-state adversaries Israel is faced with the rapid development of technology, in particular unmanned aerial vehicles (UAV), electronic jamming and attack, and cell phone tracking and targeting.
Active electronically scanned arrays (AESA) are the latest tool in electronic warfare. Israel is investigating the use of ASEA first as an alternative to advanced stealth technology in expensive to fighter jets. By equipping their current fleet of F-16s and F-15s with AESA and putting the dollars saved into new UAVs they can also start to invest in the cyber attack potential of ASEA. The cyber attack capability was supposedly demonstrated by the US Suter Program, described as firing "data beams packed with exploitive algorithms into antennae arrays" that would grant the attacker administrator access. The Wikipedia entry on Suter has this to say: Three generations of Suter have been developed. Suter 1 allows its operators to monitor what enemy radar operators can see. Suter 2 lets them take control of the enemy's networks and direct their sensors. Suter 3, tested in summer 2006, enables the invasion of links to time-critical targets such as battlefield ballistic missile launchers or mobile surface-to-air missile launchers.
In addition Israel is investing in cellular telephone intelligence technology, which had also garnered interest from the CIA according to a law suit pending between Netezza and Intelligent Integration Systems Inc., or IISI, both based in Massachusetts. |
|
| India ramping up cyber capabilities | |
| In response to recent attacks attributed to China, India is apparently going to engage in their own cyber espionage. According to The Economic Times, the National Technical Research Organisation (NTRO) along with Defence Intelligence Agency (DIA) will be responsible for creating cyber-offensive capabilities. This is in reaction to the seminal research provided by The Citizen Lab at the University of Toronto which reported in April that "hackers based in China had conducted extensive spying operations in India, pilfering confidential documents from the defence ministry." |
|
| Tektronics Communications acquires Arbor Networks | |
| The thriving netflow analysis and DDoS defense company Arbor Networks is being acquired by Tektronics Communications. You may be familiar with Tek's lab equipment and network QOS products. They have a large overlap with Arbor's customer base in the carrier space. According to a conversation I had with Colin Doherty, CEO of Arbor Networks and Rich McBee, Senior Vice President and General Manager at Tektronix Communications, the value is in introducing Arbor's technology to the wireless carrier space that Tek is strong in.
I have long held that "security sells" and that non-security vendors in the networking and computing space would make security acquisitions in order to 1. expand into a growth market, and 2. reap the benefit to their brands by being associated with good security technology. You can see evidence in this by the recent acquisition of Narus by Boeing, TippingPoint/3com by HP, and Dell's partnership with Juniper/Secureworks. According to McBee and Doherty, Arbor will stay a stand-alone business unit, preserving its brand and engineering teams. This is a positive event for Arbor, enhances Tek's brand and reach, and will help further the battle against cyber attacks. Learn more about Tek and the Arbor acquisition at this week's Cyber Defense webcast on BrightTALK.
|
|
| Other industry news | |
| Northrop Grumman partners with the University of Cincinnati to offer Masters Degree in Cyber Security. The press release hinges on Northrop Grumman's Xetron business unit based in Cincinnati and reflects the growing demand for engineers with a cyber security background.
Air Force lays foundation for strong cyber defense. An update on the 24th Air Force at Lackland. Slow but positive progress. |
|
| Upcoming events |
|
| Hear more of my thoughts on cyber defense and recent developments on this Tuesday's Cyber Defense Webcast, 2 PM Eastern on our BrightTALK channel. | |
