by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2013
SPONSORED REPORT: SNAPSHOT New threats demand new solutions Federal R&D efforts aim to keep pace with evolving cyberattacks EVOLVE OR DIE. That s the imperative guiding the development of cybersecurity technologies and strategies across govern- ment and industry. The ongoing evolution of the federal IT enterprise, extended in all directions by advances in networking and mobile technology, must be matched to similar advances in information and network security. But above all, the nature of the current cybersecurity threats requires a new way of thinking. The old approach to cybersecurity, which was based on defending the perimeter, cannot hold up against the wide array of cyber threats that agencies now face. "Threats to systems supporting critical infrastructure and federal operations are evolving and growing," ac- cording to a February 2013 report by the Government Accountability Of ce. "The increasing risks are demon- strated by the dramatic increase in reports of security incidents, the ease of obtaining and using hacking tools, and steady advances in the sophistication and effective- ness of attack technology." The growing threat is re ected in the fact that the num- ber of cybersecurity incidents reported by federal agen- cies increased 782 percent from 2006 to 2012. But a number of agencies are working to address these threats. The Air Force Research Laboratory, for example, recently issued a broad agency announcement (BAA) for cybersecurity research. The lab, based in Rome, N.Y., is seeking ways to ensure that critical systems remain operational in the face of cyber threats. One area of interest is the possibility of system self-regeneration in the event of a successful cyberattack. "What are needed are systems that are able to dynami- cally recover with immunity in mission time without hu- man intervention in response to unforeseen error and/or previously unknown cyberattacks," the BAA states. The Department of Homeland Security is looking at a broad range of possible solutions as part of its own BAA, through which it awarded 34 contracts in October 2012. As part of this program, DHS is funding research into how cybersecurity can be strengthened at the hardware level --- what DHS of cials call hardware-enabled trust. Although software solutions are rapidly evolving, "to- day s hardware still provides limited support for security, and capabilities that do exist are often not fully utilized by software," the BAA states. "The hardware of the future also must exhibit greater resilience to function effectively under attack." Still, although a lot of good research is going on across government, GAO is concerned about the lack of coordi- nation. What is needed, the auditors say, is a cybersecu- rity research and development agenda that goes beyond the goals or needs of individual agencies. To date, "no integrated, overarching strategy has been developed that synthesizes these documents to provide a comprehensive description of the current strategy, includ- ing priority actions, responsibilities for performing them, and time frames for their completion," auditors wrote in the February report. GET THE FULL REPORT ONLINE AT: GCN.com/2013InfrastructureSecurity Get More Online... Infrastructure Security Report Articles: Budget scrutiny ups ante for cybersecurity planning Agencies urged to strengthen risk management efforts Continuous monitoring: Don t take it lightly Workforce training seen as key to cyber success INFRASTRUCTURE SECURITY ...the nature of the current cybersecurity threats requires a new way of thinking.