Amit Yoran, NetWitness

Security and risk management services provider Ridge Global has appointed Amit Yoran, CEO of NetWitness Corporation, to its board of advisers.

“Amit Yoran brings exceptional skills, insights and experience to the areas of cybersecurity, risk management and national security,” said Tom Ridge, president and CEO of Ridge Global. “As cyber threats continue to deepen, sharpen and multiply throughout the world, Amit’s capabilities will help us further address our clients’ growing cybersecurity needs.”

In addition to serving as CEO at NetWitness, Yoran is a commissioner of the CSIS Commission on Cyber Security advising the 44th Presidency. Prior to NetWitness, he served as director of the national cybersecurity division at the Department of Homeland Security, and as CEO and adviser to In-Q-Tel. Formerly, Yoran held the position of vice president of Worldwide Managed Security Services at the Symantec Corporation.

Yoran was the co-founder of Riptech, and served as its CEO until the company was acquired by Symantec in 2002. He also served as an officer in the U.S. Air Force in the Department of Defense’s Computer Emergency Response Team.

“Secretary Ridge and his team at Ridge Global bring the highest level of expertise to the competitive and critical issues facing companies and countries throughout the world,” Yoran said. “I look forward to making my contributions to an already outstanding enterprise.”

Lt. Gen. Harry Raduege

The Center for Strategic and International Studies (CSIS) has released a new report on the human capital issues currently facing the cybersecurity effort in the United States. The report, titled “A Human Capital Crisis in Cybersecurity,” claims the United States is currently facing a crisis in that not enough skilled cyber professionals are available to serve the needs of the nation.

“The problem is both of quantity and quality especially when it comes to highly skilled “red teaming” professionals,” the report states. “We not only have a shortage of the highly technically skilled people required to operate and support systems already deployed, but also an even more desperate shortage of people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts.”

The report, developed by the CSIS Commission on Cybersecurity for the 44th Presidency, chaired by Lt. General Harry Raduege, Scott Charney, Representative James R. Langevin and Representative Michael T. McCaul and directed by Jim Lewis, offers several recommendations to rectify the problem. These include providing funding for an encouraging the development of cyber programs in schools, provide clear career paths for cyber professionals, develop and adopt rigorous certification processes and use training, hiring and acquisition to raise technical skills.

The Commission also claims the current professional certification programs available are inadequate because “Individuals and employers are spending scarce resources on credentials that do not demonstrably improve their ability to address security-related risks,” the report says. “Credentials, as currently available, are focused on demonstrating expertise in documenting compliance with policy and statutes rather than expertise in actually reducing risk through identification, prevention and intervention.”

View the full report here

Last July, denial of service attacks hit U.S. and South Korean government networks, making several websites briefly unavailable. At the time, many cyber experts blamed North Korea for the attacks.

However, it now appears North Korea was not involved in the attacks. Government authorities are still no closer to determining who the culprits were, according to media reports. Cyber experts claim no solid evidence exists linking any foreign government to the attacks.

The attacks did not cause any significant damage or appear to result in any loss of information, leaving some experts to question its importance.

“It’s about as frightening as someone driving around the block blowing their horn a lot,” said James Lewis, a senior fellow at the Center for Strategic and International Studies. “A lot of people could have done it, and it doesn’t leave a lot of clues to their identity.”

Despite the lack of evidence, North Korea does possess a significant cyber attack capability.

“There are a number of national intelligence agencies who are creating cyber capabilities. It’s a natural area of exploration,” Gen. Wesley Clark said. “I wouldn’t underestimate North Korea’s potential in this space.”

According to officials, the government is better prepared for such attacks.

Approximately 40,000 websites in China were hacked in 2009 alone, according to official statistics. Back in January, Baidu, a Chinese search engine, was hit in a cyber attack that shut the site down for around 4 hours.

“The Chinese have become more concerned with securing their own networks,” says Jim Lewis of the Center for Strategic and International Studies. “They know they are vulnerable and worry about their own hacker community.”

On June 8, the Information Office of the State Council in China published a white paper titled “The Internet in China.” The paper outlines the Internet situation in China and China’s Internet policies and views.

“This white paper is a step forward in international understanding, outreach and diplomacy,” Lt. Gen. Harry Raduege, chairman of the Deloitte Center for Cyber Innovation and director of Deloitte Services LP, says. “It immediately follows the Worldwide Cybersecurity Summit in Dallas last month sponsored by the EastWest Institute in which the Chinese were active, open participants.”

China currently has the largest number of Internet users in the world, according to the paper.

Jim Lewis

“To build, utilize and administer the Internet well is an issue that concerns national economic prosperity and development, state security and social harmony, state sovereignty and dignity and the basic interests of the people,” the paper states.

A central tenant of administering the Internet in China is control. Internet content in China is filtered, with the state regulating what can be accessed although, there are ways to circumvent the censor’s efforts. In the Chinese penal code, there are seven overarching pieces of law that govern Internet use and security.

As use of the Internet expands, so does the chance of cyber attacks.

“Internet security problems are pressing nowadays, and this has become a problem of common concern in all countries,” according to the paper. “China also faces severe Internet security threats.”

Providing protection for China’s Internet infrastructure is a key goal, the paper states, and is necessary for the common good and security of the state.

“The Chinese government believes that the Internet is an important infrastructure facility for the nation,” the report says.

Much of the report, however, contains caveats at crucial junctures. The report recognizes the Internet within a nation’s borders is within the country’s realm of sovereignty and cannot be infringed upon by other nations. Additionally, while the paper calls for protecting information flow and Internet freedoms, it provides that it must be “in accordance with the law.”

The Chinese do have significant worries regarding cyberspace, however. Computer crimes in China, as in much of the globe, have increased across the board. Around 18 million Chinese computers are infected by Conficker each month, according to the paper.

Gen. Harry Raduege

“The Chinese face severe Internet security threats but also believe that Internet security is a prerequisite for sound development and effective utilization of the Internet,” Raduege says.

To promote and facilitate international dialogue and cooperation, the paper proposes any differences be set aside and nations seek common ground to promote security.

“[The Chinese] share some challenges with us – a lack of interagency coordination, supply chain worries and a porous infrastructure,” Lewis says. “But they also have some advantages if they can figure out what to do.”

In an effort to promote international cooperation, the paper cites several initiatives that could encourage dialogue and exchange. One is to conduct exchanges with other nations and participate in international conferences.

“China maintains that all countries should … actively conduct exchanges and cooperation in the Internet security industry [and] jointly shoulder the responsibility of maintaining global Internet security,” according to the paper. “[Nations should] promote the healthy and orderly development of the industry and share the opportunities and achievements brought about by this development.”

China would like to see the United Nations take a central role in leading the international administration of the Internet. The resources available on the Internet are connected to the security and development of the Internet security industry, the paper says.

Additionally, China sees the benefits of forming exchanges and channels of cooperation.

“All countries should conduct multiform, multichannel and multilevel exchanges and cooperation in this regard on the basis of equality and mutual benefit,” the paper says. “Experts and scholars of various countries should be encouraged to conduct academic exchanges and share their research findings.”

Law enforcement agencies should also increase coordination efforts to combat cyber crime, the paper states.

“At the Dallas Summit, the Chinese expressed concerns that Internet security opinions of different countries should be respected, yet common ground should be sought through strengthened international exchanges and cooperation,” Raduege says.

The Chinese Embassy in Washington, D.C. could not be reached for comment.

The Commission on Cybersecurity for the 44th Presidency, created by the Center for Strategic and International Studies (CSIS) is finalizing its draft report on how to build a qualified cyber workforce. The report recommends that federal employees and contractors receive ongoing training and certification to maintain their skills.

“We’re recommending that this be a continuous learning and demonstration of skill,” said Karen Evans, a member of the commission and former administrator for e-government and information technology at OMB.

Evans, who spoke at the Digital Government Institute’s Cybersecurity Conference and Expo last week, said the administration should establish the necessary skills for cyber professionals and then encourage employees to build their cyber capabilities through advanced training. Network developers and software developers, as well as cyber professionals, should receive training, Evans said.

The report also suggests that the administration should set up a certification body to develop standards that would test cyber skills and require contractors along with federal employees to be certified.

“This is not just about creating a standard for those on the federal payroll, but using the certification to ensure those selling to government are held to that same standard,” said Frank Reeder,  former director of the White House Office of Administration and member of the commission.

Gen. Alexander

The Internet provides great opportunities and “tremendous vulnerabilities,” according to Gen. Keith Alexander, who spoke last week at an event in Washington, D.C.

“Our data must be protected,” Alexander, who was recently confirmed as the head of U.S. Cyber Command, said at an event hosted by the Center for Security and International Studies.

During his address, Alexander touched on the need for CYBERCOM to partner with federal departments and agencies.

“Cybersecurity is among the most important current and future challenges the DoD and our nation faces,” he said. “It is a privilege and honor to be a part of our cyber team.”

Alexander went on to discuss the need to establish clear rules of engagement in cyberspace, in order to prepare the United States to be able to respond in the event of a cyber attack.

“What we have to establish are clear rules of engagement that outline what we can stop,” he said. “What the Department [of Defense] is looking at is what are the standard rules of engagement that we have and do those comport with the laws and responsibilities that we have?”

For Alexander, this means approaching the issue from two perspectives: how the country operates during peace and during war.

“I think we need to look at it in two different venues,” he said. “What we’re doing in peace time and what we need to do in war time to support those units that are in combat.”

When asked about Russia’s recent proposal to establish a cyber limitation treaty, Alexander said that it was certainly a good starting point.

“I do think that we have to establish the rules,” he said. “I think that what Russia put forward is perhaps a starting point for debate, not at my level but at levels above me.”

Developing a common global consensus will be a key provision to future cybersecurity, Alexander said.

“If nation-states agree what we are going to do to deter malicious actors in cyberspace, that will go a long way,” he said.

Alexander also discussed the need for oversight to ensure that what CYBERCOM was doing is within the legal guidelines of the United States.

“I think the key in this is oversight,” he said. “The way we’ve set up the oversight is by having a set of oversight mechanisms by all branches of the government.”

The real issue with demonstrating oversight is that the military does not want to reveal its cyber capabilities or vulnerabilities to foreign aggressors, Alexander said.

“The hard part is we can’t go out and tell people exactly what we did or we give up capability that may be extremely useful in protecting our country and our allies,” he said. “That’s what I see as the two things we balance. I do spend a lot of my time with the Court and with Congress to explain what we are doing.”

Oversight is “growing and getting better,” Alexander said. “We spend a lot of time on that.”

“I think that’s the most important step and we’re doing it,” he said.

In a redacted memo obtained by CBC News, the Canadian Security Intelligence Service says that the telecommunications, financial and energy systems in Canada are growing increasingly vulnerable to cyber attack.

“Compromises of computer and combinations networks of the Government of Canada, Canadian universities, private companies and individual customer networks have increased substantially,” the memo states.

The memo also says that cybersecurity is one of the fastest growing issues.

“In addition to being virtually unattributable, these remotely operated attacks offer a productive, secure and low-risk means to conduct espionage,” the memo says.

Canada still does not possess a coherent plan for how to deal with a cyber attack.

The Navy plans to grant five four-year scholarships to the top contestants who are also eligible to participate in the Navy ROTC program. Students will be trained as InfoWarfare officers or Cyber Warfare Engineers upon graduation.

“We recognized early on that there’s a need in the evolving and changing nature of warfare,” said Chief of Naval Personnel Vice Adm. Mark Ferguson. “Many of us at our age are digital immigrants, and we need digital natives.”

At present, there are 44,000 positions relating to cybersecurity with the Navy. Many experts bemoan the dearth of skilled cyber professionals in the U.S.

“We as a nation can’t use our superiority and weapons if we don’t control the computers because the computers fire the weapons,” said Alan Paller, director of cyber-research at SANS Institute. “Because we are more computerized than other countries, we are more vulnerable than others.”

Jim Lewis

Late last month, Dr. Jim Lewis of the Center for Strategic and International Studies spoke at a local event hosted by the Potomac Officers Club. During his talk, Dr. Lewis discussed the greatest threats facing the U.S., namely cyber espionage. Below is a video from the event. You can also read an article about the event here

Jim Lewis of CSIS

Dr. Jim Lewis sees the issue of economic cyber espionage as the greatest threat the United States currently faces in cyberspace. “The real problem is economic espionage,” Lewis said today at an event hosted by the Potomac Officers Club.

Lewis is one of the premier experts in cybersecurity. He led the CSIS Commission on Securing Cyberspace for the 44^th Presidency and has given testimony before Congress.

“His involvement goes so much farther than that,” said Lt. Gen. Harry Raduege. “He has been the executive director of more than 50 of our nation’s top cyber experts.”

Lewis discussed the concerns and challenges currently facing the U.S. in the field of cybersecurity. “We face real opponents in cyberspace. One of the things that constantly draws attention to this topic is other people doing bad things to the United States,” he said. “We’ve woken up as a nation to the fact that we depend on these technologies…but they are exceptionally vulnerable.”

While many other nations and non-state actors rely on the Internet, “They are not as vulnerable as we are,” Lewis said.

The major cyber players currently probing U.S. networks are the Chinese and Russians. According to Lewis, both are actively fostering and facilitating cyber criminals and serve as cyber crime havens.

The advantage for the states using cyber criminals is that it provides a level of deniability. “You get implausible deniability and a new tool for the exercise of state power,” Lewis said.

Despite all the hype surrounding the issue of cyber terrorism and cyber warfare, Lewis is relatively unconcerned. “I don’t worry about cyber terrorism,” he said. “If they had the capability, did you think they would wait to use it?”

“Right now they benefit so much from access to the Internet,” Lewis said. “The threat we face is not cyber war either.”

The greatest threat instead is from cyber crime and cyber espionage.

“The degree of theft of intellectual property is amazing,” Lewis said. “This is a pervasive problem throughout the U.S.”

While it remains unclear to Lewis why the Russians continue to steal U.S. intellectual property, cyber espionage has become a core portion of Chinese economic development.

“For the Chinese this is an important part of their economic growth,” Lewis said.

In order to effectively combat the growing levels of cyber crime and cyber espionage, the problem needs to be approached from an international angle.

“We’ve approached this as a domestic problem…but if the primary problem is economic espionage…we need to think about international engagement,” Lewis said. “We are going to have to talk to the Chinese and the Russians.”