Public Group
active 7 hours, 6 minutes ago
Enable Department of Defense (DoD), civilian government, and industry organizations to acquire, develop, operate, and sustain software systems that are innovative, affordable, enduring, trustworthy and employ Software Engineering (SE) as solutions to unravel real-world problems. Software Intensive Systems Engineering (SE) includes the entire field of software and systems engineering and related technologies; specifically as related to information, documentation, databases, model and architecture repositories, analysis, training, testing, data synthesis, hardware, software, standards, economic consideration of selection of techniques and processes, and interoperability in support of the acquisition and RDT&E communities
-
The Open Web Application Security Project (OWASP) Amass project was originally created when the project lead was showing organizations what they look like on the Internet. During this process, he noticed that the tools available were returning incomplete results relative to what could be discovered manually. With the identification of this gap in capabilities for… -
This report details key concerns discussed during the JFAC/DAU/CSIAC Software Assurance (SwA) Cyber Experiment (CYBEX) on 7 Aug 2018. In addition to evaluating newly developed software SwA guides for program managers and developers, the exchange included addressing/bringing back foundational software/system engineering concepts to address root of fundamental Software Assurance (SwA) issues as well as adopting common language in the areas of functionality and risk in order to identify issues early. Balances/trade-offs of those issues could normalize PM and system developer practices to ensure a resilient capability. The report also has several concerns of getting ahead of technology problems both in development, and the technology itself, especially as Agile concepts rapidly become critical for DoD to achieve technological dominance over its adversaries.
-
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as consumer privacy rights, forensic border search of computers, search consent, biometrics, expectations of privacy from…
-
The Science of Security and Privacy (SoS) Initiative, sponsored by the National Security Agency Research Directorate, fosters a self-sustaining, open, and public security science research community to discover key cyber principles necessary to support improved explanations, predictions and confirmation or validation of predicted outcomes. The discipline of Science of Security and Privacy draws on the… -
On January 29, 2019, the Director of National Intelligence Daniel R. Coates released the Worldwide Threat Assessment of the US Intelligence Community. The unclassified report covers both global and regional threats to US national security from the perspective of the US intelligence community.
-
As software development methodologies have evolved the shortfalls and the inefficiencies of traditional software development methodologies have become increasingly apparent. The realization for the need to pursue better methodologies, tools, and architectural approaches has been a major motivation behind the recent DevOps movement. A side effect of the DevOps movement is the explosion of game… -
Innovation Based Ecosystems
Volume 6 Issue 3
New buzz words like 'innovation ecosystems' often symbolize a departure from a legacy system to a more modern system and an underlying shift focus from operations management to service delivery with better user experience, reduce operational cost, minimize disruption, and enable personnel to do more with less. This issue of the Journal of Cyber Security…Posted: 11/01/2018 11:59:22Journal -
The Defense M&S Catalog was established by Defense Modeling & Simulation Coordination Office to support the visibility component of the DoD data strategy and to provide an avenue for M&S organizations to make resources available for reuse. The Catalog is a collection point for enterprise discovery and actively seeks contribution of resources from M&S organizations.… -
President Trump Unveils America’s First Cybersecurity Strategy in 15 Years. The National Cyber Strategy identifies decisive priority actions to protect the American people. This strategy makes clear that the Federal Government will never stop defending our interests, and that we will bring every element of American power to bear to protect our people in the digital domain.
-
In this episode of the CSIAC Podcast, SMEs discuss a DDos attack on GitHub, a data breach suffered by the U.S. Marine Forces Reserve, an iPhone hack, and an Army Research Lab contract for "Internet of Battlefield Things". -
Abstract Machine learning is revolutionizing many industries and forever changing how we interact with computer systems and each other. The revolution is occurring in cyber security, where machine learning is already being applied to assist human analysts and security experts ingest and make sense of increasingly large amounts of data so that they can identify…
-
Cyber-As-Zoo: Multidisciplinary Cyber Struggle
Volume 6 Issue 2
This quarter’s CSIAC Journal contains five articles that offer some perspectives to address the often-heard phrase “Cyber Is Hard”, usually associated with gnashing of teeth and exasperated sighs.Posted: 08/09/2018 18:10:03Journal -
Machine learning is revolutionizing many industries and forever changing how we interact with computer systems and each other. The revolution is particularly relevant to cyber security, where machine learning is used to help human analysts make sense of increasingly large amounts of data to identify threats and mitigate vulnerabilities. While this symbiotic relationship is improving… -
Knowledge Management (KM) is a discipline that is as much art as it is science. Like the conversations that take place in stodgy art galleries over the definition of censorship, opinions on the definition of knowledge management are many and varied. As art aficionados write articles advocating vehemently for one perspective or the other, so…
-
Developing a knowledge management framework for any organization presents a number of challenges and questions. Where do I start? What is the ultimate goal? Is this effort top-down, bottom-up, or middle-out? How many systems do we have and how many do the same thing? When faced with such a task, knowledge managers could be quickly… -
Cybersecurity solutions for critical energy infrastructure are imperative and they must be carefully engineered to develop reliable systems. Cybersecurity for the modernized power grid is bringing together two different communities: Information technology (IT) and Operational technology (OT). The IT and OT environments differ in important ways but each has benefits that can be gained from… -
In the past five years alone, the amount of mobile data has grown eighteen fold (Cisco Mobile VNI, 2017). Security concerns are at the forefront due to the reliance on mobile devices for both business and personal use, along with the ever-increasing data usage. There are two concepts of mobile security; physical and data. Physical… -
CSIAC SME and member of the American Bar Association's Information Security Committee, Richard "Rick" Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as cloud data storage, the scope of 3rd-party doctrine, encryption, warrants for electronic searches, and artificial…
-
Insider Threat and the Malicious Insider Threat
Volume 6 Issue 1
Analyze. Deter. Discover. Prevent. Respond. This issue of the CSIAC Journal presents five articles which represent different perspectives on Insider Threat and approaches to understand and remediate that threat. In this journal we are proud to identify and include work by two organizations with a long history of research and good counsel regarding Insider Threat…Posted: 05/09/2018 14:39:24Journal -
In the past five years alone, the amount of mobile data has grown eighteen fold (Cisco Mobile VNI, 2017). Security concerns are at the forefront due to the reliance on mobile devices for both business and personal use, along with the ever-increasing data usage. There are two concepts of mobile security; physical and data. Physical… - Load More
