Cyber
The Magazine of the MCPA




Click here to be published and contribute to the professional dialogue!

Full Text Listing of All Stories


The Implications of IoT for Cyber Conflict

posted Dec 8, 2018, 9:39 AM by James Loving   [ updated Mar 9, 2019, 8:21 AM ]

By LTC BE Rhodes, Colorado Army National Guard

Article Summary


There are many implications for cyber conflict with the emergence of ubiquitous mobile devices and the pending “Internet of Things” where every toaster has an IP Address. Cyber defenders in both military and commercial spaces must now plan for exponentially expanding threats and vectors due to suspect supply chains for devices that are supposed to improve daily life. As more and more gadgets are connected to networks, true asset visibility and security controls decrease leading to unknown vulnerabilities with potential serious consequences.

Please see the attached PDF for the entire article.

How the US Can Counter Cyber-Enabled Information Warfare

posted Dec 8, 2018, 9:39 AM by James Loving   [ updated Jul 5, 2019, 2:17 AM ]

By Al Stovall, Contributing Editor

Article Summary


One of the greatest security concerns of the United States lies at the intersection of cybersecurity and information security: its vulnerability to cyber-enabled information warfare. This vulnerability is a product of US posture in the modern information ecology, which is a cyber-enabled, increasingly lawless information environment. US adversaries’ use of information warfare (IW) in this ecology naturally becomes cyber-enabled (CEIW) and thereby threatens the integrity of information in multiple dimensions. If left improperly addressed, this could result in the exploitation of information technology platforms to gain access to sensitive information en masse, which might then be used to greatly improve attempts to manipulate flows of information and influence the general public and prime decision-makers. Fully countering CEIW requires a multi-dimensional plan of approach that addresses both its technical, cyber-based threats and its subsequent psychological effects.

Please see the attached PDF for the entire article.

LOADFAST: An Outcome-Driven Digital Forensics Methodology

posted Dec 8, 2018, 9:39 AM by James Caroland   [ updated Dec 9, 2018, 5:34 PM ]

By Alexander M. Rzasa 

Article Summary

LOADFAST is an overarching digital forensics methodology created to assist practitioners, researchers, theorists, students, and juries striving for consistent, verifiable, and scientifically-sound outcomes.  By beginning with – and focusing on – the unique legal objective of any given digital forensics scenario, this methodology emphasizes an outcome-based approach when determining subsequent necessary steps.  Under LOADFAST’s reverse-planning process, the core principles governing identification, collection, and analysis of evidence can be applied in a flexible, efficient, yet consistent manner.

Please see the attached PDF for the entire article.

Artificial Intelligence Will Revolutionize the Way Intelligence is Analyzed

posted Nov 12, 2018, 1:37 PM by James Caroland   [ updated Nov 12, 2018, 1:38 PM ]

By Amanda Custer 

Article Summary

Artificial intelligence will have a major impact on the production cycle of intelligence, allowing the intelligence community to fully utilize all intelligence collected. The current innovations of this technology will facilitate gathering better intelligence across all five disciplines, open source intelligence (OSINT), signals intelligence (SIGINT), geospatial intelligence and imagery intelligence (GEOINT/IMINT), measurement and signature intelligence (MASINT), and human intelligence (HUMINT). The integration of artificial intelligence into these five disciplines will yield more efficient, detailed, and actionable intelligence. Even as artificial intelligence becomes an integrated part of the production cycle in each discipline, human analysis and direction will remain a vital and required component of the integrated process including tasking, collecting, processing, exploiting, and disseminating. Ultimately, artificial intelligence provides human analysts with tools to better handle the incredible burden of information in the digital age by making full use of all available intelligence and extracting more accurate and detailed information to arrive at actionable intelligence faster than ever before.

PLEASE SEE ATTACHED PDF FOR COMPLETE ARTICLE.


Understanding NATO's Central Role in the Future of Global Cyber Defense

posted Sep 17, 2018, 6:34 PM by James Caroland   [ updated Sep 17, 2018, 6:35 PM ]

By Samantha Brletich 

Article Summary

The Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a NATO cyber-dedicated center focused on improving NATO member and non-member cyber capabilities as countries face cyber threats from non-state and state actors. NATO created the CCDCOE to evolve to the evolving cyber threat. In response to growing cyber threats, there is a need for international law or policy that addresses how nations can appropriate address cyber threats. The CCDCOE sponsored the writing of the Tallinn Manual on the International Law Applicable to Cyber Warfare and the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations to examine how existing international law applies to cyberspace and cyber operations. Appropriate and proportional responses need to be developed, as an overreaction may lead to cyber warfare, conventional warfare, or an armed attack. The Tallinn Manual also addresses the use of force and actor involvement. It presents the idea that a use of force does not require a military or other armed forces. Countries and scholars alike turn to the Tallinn Manual 2.0 to develop a policy response to large-scale cyber-attacks such as malware or ransomware. It addresses common incidents and threats that countries face on a day-to-day basis that fall below the threshold for using force or armed conflict in the fifth domain. Individual cyber security policies will only strengthen NATO cyber defenses and the CCDCOE. National-level cyber security strategies will assist in the application of the Tallinn Manual, and strengthen and support the CCDCOE mission and NATO cyber defenses.

Please see the attached PDF for the complete article.

Image credits (in order of appearance): International Telecommunications Union (ITU), Adobe Stock, Geostrategia

Cyber Diplomacy: The Need for a U.S. Cyber Ambassador

posted Sep 14, 2018, 2:09 PM by James Caroland   [ updated Sep 14, 2018, 2:09 PM ]

By Daria Etezadi, MCPA Fellow 

Article Summary

As it currently stands, cyberwar is lawless. The U.S. may be mobilizing across government departments and technology companies to respond to emerging cyber threats, but it needs a cyber diplomat now. Diplomatic and legal frameworks are pivotal in determining rules of engagement and establishing measurable consequences for those who don’t abide by the rules. Given the fact that cyberspace is not bound by physical borders, conversations around cyber security demand international representation. If the U.S. fails to appoint a cyber ambassador to represent the country, then it will miss out on these conversations and lose the chance to shape international rules of engagement. 

Please see attached PDF for the full article.

Image credits (in order of appearance): Pexels, Adobe Stock, Adobe Stock, Twitter, Microsoft

The Importance of Defining Cyber Terrorism

posted Sep 13, 2018, 11:40 AM by James Caroland   [ updated Sep 13, 2018, 11:42 AM ]

By Paul de Souza 

Article Summary

The national security of the United States of America is progressively challenged by new terror tactics, including increasing activity through and against assets in cyberspace. While various organizations define “cyber terrorism” differently, the author maintains the importance of coming to a conclusive definition, not only for the purposes of properly understanding the concept of cyber terrorism, but to be able to counter related activities in protection of national security and/or prosecute applicable parties in accordance with the definition and accompanying laws. The concepts of traditional terrorism are combined with the complexities of cyberspace to suggest proper defining of cyber terrorism. Proposed core components of developing a definition are presented and the implications for the government, the military, and the intelligence community are explored.

Please see the attached PDF file for the complete article.

Image credits (in order of appearance in article):  Globes - Israel's Business Arena, Adobe Stock

Introduction of the Partnership Between Cyber Magazine and Cybersecurity Canon

posted Sep 2, 2018, 7:23 PM by James Caroland   [ updated Sep 2, 2018, 7:25 PM ]

By Major General (Ret) John A. Davis, VP and CSO (Federal) Palo Alto Networks 

Article Summary

I’m honored to announce a new strategic partnership between the Military Cyber Professionals Association (MCPA) Cyber magazine and the Palo Alto Networks-sponsored Cybersecurity Canon. Both of these educational media sites share complementary goals for intersecting audiences within the overall professional cybersecurity community of interest. This is a cost-neutral partnership and both resources are free to the public.

Please see the attached PDF for more details of this exciting new partnership!

The Law of "Cyber-" Prefixes

posted Aug 4, 2018, 11:28 AM by James Caroland   [ updated Aug 4, 2018, 11:30 AM ]

By LTJG Brandon Karpf, United States Navy 

Article Summary

We use “cyber-” prefixes to the detriment of our own goals. This barrier defining language artificially separates cyber-security problems from traditional analogues, to the detriment of security. Only one reasonable path remains: abandon the prefix.

PLEASE SEE ATTACHED PDF FILE FOR FULL ARTICLE.

Artificial Intelligence in the Cyber Fight

posted Aug 4, 2018, 10:59 AM by James Caroland   [ updated Aug 4, 2018, 11:03 AM ]

By Michael Lenart 

Article Summary

Artificial intelligence (AI) and machine learning are significantly changing how attackers and defenders operate in cyberspace. The increasing ability of machines to perceive, learn, decide, and act on their own – and to do so much more quickly than humans can – is forcing cyber operators to cede some ground to AI in what is an increasingly machine-speed fight. This trend is reinforced by the rise of the Internet of Things, which exponentially increases the vectors through which attacks can occur and therefore places a premium on machines' ability to process large amounts of information relatively quickly. Besides affecting everyday cybersecurity practices, the increasing use of AI will also affect how military cyber operations are conducted. Nevertheless, machines do not currently possess humans' judgment, sense of context, or general intelligence. As such, for the foreseeable future, the optimal use of AI will pair machines' processing power and speed with humans' higher level thinking skills.

PLEASE SEE ATTACHED PDF FILE FOR THE FULL ARTICLE.

Image credits (in order of appearance): cheatsheet.com, medium.com, The Convex Lens, Raytheon, thenextweb.com

1-10 of 70