Pentagon Unprepared to Repel Cyber Attacks

In the event of a catastrophic cyber-attack on civilian infrastructure, the US military’s Cyber Command is one of the first and major lines of defence. However, the Pentagon won’t be able to test its ability to respond to such an event at least until 2019.

Mid-June, Cyber Command completed its Cyber Guard exercise. The drill gathered 800 representatives from various US agencies – including FBI, Justice Department, Homeland Security, and more – to practice repelling a major cyber-attack on US infrastructure. On the whole, the exercise was a success, except for one minor snag: it didn’t even come close to emulating a full scale attack against the US.

“We don’t have the scale or the complexity to truly represent a realistic and relevant threat, the ones that we’re truly trying to train to,” Brig Gen Charles L. Moore Jr, the Joint Chiefs of Staff’s deputy director for global operations, said in a hearing at the House of Representatives.

At the hearing, Cyber Command’s deputy commander, Lt Gen James K. “Kevin” McLaughlin, was asked if his forces were prepared to respond to the full range of potential attacks.

“I would not be able to say I’m confident we would be able to respond to all of those,” McLaughlin responded. “Control systems are different than platforms like airplanes and tanks, which are different from networks.”

Cyber Command is working to rectify this and is building a Persistent Training Environment – a sort of improved cyber firing range. It will hold a significantly wider selection of systems, networks, devices, and commercials industry participants. There, operators will train against a large range of attacks around the clock. This, Cyber Command chiefs assure, will give them the ability to be prepared for all (or most) possibilities. But the range won’t be ready until 2019, and until then, the US is appreciably vulnerable to cyber-attacks.

I-HLS

 

« Companies Should Tackle Cybercrime & 'take the fight to the criminals'
Cities Face Multiple Security Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Securely

Securely

Securely Ltd. is an IT consulting and services firm specializing in PKI solutions and products.

United Nations Office on Drugs & Crime (UNODC)

United Nations Office on Drugs & Crime (UNODC)

UNODC promotes long-term and sustainable capacity building in the fight against cybercrime through supporting national structures and action.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

apiiro

apiiro

apiiro invented the industry-first Code Risk Platform™ that uses developers and code behavior analysis to accelerate delivery and automatically remediate product risk.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.