Ad: Manage updates with the Download App
ie8 fix

cyberdefense

U.S. testing defenses with simulated cyberattack

The U.S. government has launched a full-scale simulated cyberattack to gauge how the country might fare in the real thing.

Sponsored by the Department of Homeland Security, Cyber Storm III kicked off yesterday for a three-day series of simulated events designed to exploit holes in the nation's cybersecurity system.

Specifically, the exercise will "inject" more than 1,500 different types of threats to examine the ability of the people involved to prepare for cyberattacks, make the correct decisions to respond to them, and share sensitive information with the right parties.

Noting that the country's adversaries … Read more

Best cyber offense is a good defense, RAND report says

A new RAND Corporation report suggests the U.S. may be better off playing defense and pursuing diplomatic, economic, and prosecutorial efforts against cyberattackers, instead of making strategic cyberwarfare an investment priority.

The study comes as the U.S. military fires up its new unified Cyber Command (USCYBERCOM) program this month. The new outfit will be responsible for network-related operations, defense, and attacks and will operate under the U.S. Strategic Command.

Cyberwarfare is better at bothering an adversary than defeating it--given that permanent effects are illusive, author Martin C. Libicki wrote in the report, titled "Cyberdeterrence and Cyberwar.&… Read more

Cyberdefenses are misdirected, report says

Organizations are finding it difficult to prioritize defense strategies against cyberattacks because most of them do not have an Internet-wide view of the attacks, according to a report from SANS Institute, the security training organization.

As a result, two security risks--Web applications and phishing--carry the greatest potential for damage, even though users instead tend to concentrate on less-critical risks.

The report, published by security training organization SANS Institute, amalgamates global data from security attacks on computers from March to August.

It identifies two main defense priorities for enterprise users. The first is targeted e-mail attacks, or spear phishing, that exploit … Read more

U.K. cybersecurity office to have attack role

The U.K. government plans to form a cybersecurity agency, with functions including cyberattack capability.

The Office of Cyber Security (OCS), dedicated to protecting Britain's IT infrastructure, will be created with a model proposed--and in part practiced by--the U.S. The U.K. government said Thursday that the OCS will have charge of a cross-government program, while a multi-agency Cyber Security Operations Centre (CSOC) will coordinate the protection of critical IT systems.

The OCS will also act as a conduit for information security collaboration between government and industry experts. Robert Hannigan, the prime minister's security adviser, said the … Read more