As North Korea’s nuclear and ballistic missile programs ruffle the feathers in the United States and regional players in East Asia, there is another, less visible, confrontation occurring in the depths of computer systems around the world. In the last decade, despite a notable deficiency in global internet access, North ...

Dan Coats, Director of National Intelligence, told the Aspen Security Forum today that he believes the U.S. national security community lacks the capability to prevent a “cyber-9/11”—meaning a collapse of critical infrastructure caused by malware unleashed by a state or transnational organized crime group. “Imagine a shutdown of the electric ...

Amidst a busy week in national security, The Cipher Brief’s CEO and Publisher, Suzanne Kelly, spoke with Admiral James Stavridis, former Supreme Allied Commander of NATO, author of the new book The Leader’s Bookshelf, and member of the Cipher Brief Network, to discuss the military budget, cyber security, the use ...

Whenever people think about cybersecurity, technology, and innovation, they tend to think about Silicon Valley, but The Cipher Brief asked Bob Stratton, a General Partner at MACH37™, what other regions he is seeing a lot of innovation, or perhaps even the most innovation. Bob Stratton: Interestingly, one of the founding ...

The FBI on Monday said it is investigating the hack involving the Democratic National Committee (DNC) after a cache of emails was leaked in advance of Hillary Clinton’s nomination as the Democratic Party’s nominee for President this week, an incident that has been linked by some to the Russian government.  ...

The Islamic State (also known as ISIS or ISIL) must be defeated on the ground in Iraq and Syria, before it creates not only a physical, but also a cyber caliphate, said French Minister of Defense Jean-Yves Le Drian at a Brookings Institution event on Wednesday. Le Drian – along ...

With fifty percent of U.S. imports travelling by sea, ensuring that ships have a secure place to dock poses a challenge to American law enforcement. With such a heavy economic importance placed on U.S. ports, they have become a target for those wishing to inflict harm on the United States. ...

In 2006, Congress passed the Safe Port Act to help ensure that maritime transportation infrastructure was effectively secured from the threat of terrorism. Today, 10 years since the enactment of the law, are U.S. ports safe? This is a complex issue with an equally complex answer. The established security measures ...

In the nineteenth century, American strategist Alfred Thayer Mahan helped define a new understanding of maritime security and the role of the U.S. Navy in ensuring American global influence. Mahan believed that a strong Navy and robust maritime trade were both integral to national and economic security. He also recognized ...

Do you bring your own laptop to the office, or does your phone connect to your company’s Wi-Fi network? If so, then you need to be concerned about endpoint security. The rise of bring-your-own-device (BYOD) culture in many organizations has created a multitude of new entry points for cyber-attackers, but ...

Every day we read another report lamenting the limited workforce that possesses the technical skills so badly needed in cybersecurity.  This is a significant challenge for our educational system to address.  We need computer scientists, coders, and engineers, and we need to attract young people to those professions. But there ...

Deterrence theory formed the foundation of the narratives and the strategies that shaped the Cold War, and many now seek to apply classical deterrence to the cyber sphere. In essence, deterrence theory holds that maintaining a credible retaliatory capacity can prevent opponents from attacking, since they know that if they ...

The Islamic State (ISIS) is the “preeminent global” threat and remains determined to execute direct attacks against the U.S. homeland, the top U.S. intelligence official told Senators at the annual Worldwide Threats hearings on Tuesday. Director of National Intelligence James Clapper said ISIS “leaders are determined to strike the U.S. ...

It seems that wherever opportunities for innovation and technological developments arise, cyber attacks are not far behind.  Latin American countries are certainly seeing this trend emerge in their markets.  Latin America may not be the first region that comes to mind when one thinks of technology and innovation.  Indeed, Latin ...

With the growing threat of cyber attacks in Latin America and the Caribbean (LAC), the Organization of American States (OAS) has been a crucial component in analyzing the threats’ origins and methods for defending against them.  Belisario Contreras, the Cyber Security Program Manager at the OAS, spoke with The Cipher ...

Aligned with the global trend, Latin America has experienced colossal growth in access to information, facilitated through the Internet and information communication technology (ICT). Because ICT enables efficiencies across all disciplines, gains realized through advancements in ICT have a compounding effect on many aspects of life—sometimes for good and sometimes ...

Understanding China and its future ambitions is a fundamental first step in assessing the U.S.’ options on how to best engage China as an important strategic and economic partner.  We asked former Acting Director and Deputy Director of the CIA John McLaughlin to lay out the framework for understanding the challenges of China, which provides the context for the differing perspectives ...

The U.S. rebalance policy in the Asia-Pacific has led to a deterioration of China’s security environment, with increasing tensions in the East China Sea, including the dispute between China and Japan over the Diaoyu/Senkakus Islands, and the South China Sea, where China has territorial disputes with Vietnam, Philippines, Malaysia, and ...

The rocky relationship between the U.S. and China was in full view last year, highlighted by President Xi Jinping’s visit to Washington, D.C. and the U.S. Navy challenging China’s claims in the South China Sea. Known for his frank comments on current U.S. policy towards China, Senator John McCain (R-AZ) ...

The United States rebalance to Asia has drawn mixed reviews from members of Congress. Rep. Madeleine Bordallo (D-Guam) discussed with The Cipher Brief the strengths and weaknesses of current U.S. policy towards China. Rep. Bordallo emphasized the need for a strong U.S. response to aggressive actions taken by China, while ...

Discussion and debate about international privacy-related standards have been around since the 1940s, when the recognition of privacy as a basic right was ratified by the United Nations (U.N.) Declaration of Human Rights of 1948.  Since then, the number of data privacy requirements has grown dramatically, as nations seek to ...

Last fall brought news that the victims of the OPM fingerprint breach expanded to over five million prints. It’s for this reason that the safety of biometric data should be questioned and discounted as a viable means for authentication. Multiple techniques are available for using this type of information to ...

As the number of corporate data breaches continues to mount, boards and management teams around the world are justifiably concerned about the reputational risks from mishandling a breach. In the wake of a string of high-profile breaches across a range of sectors, from entertainment and health care to retail and ...

Estonia packs a punch in the cyber domain. The country is a world leader in cyber-related innovation, and it has charted that course without compromising security. Estonia initially gained global attention as a cyber-target, seeking to overcome a series of organized attacks in 2007 widely attributed to Russian groups.  Estonia ...

The legacy of the Cold War has left many enduring images in the minds of most Americans, images that are usually associated with Russia and its nuclear arsenal.    But a key threat, from what many believe is the new Cold War, could very well be from Russian hackers. When listing ...

For years, I slept fitfully after a “friend” told me that it wasn’t the noisy mosquitos buzzing in my ears at night that were a problem.  Instead, it was the female mosquitos that made no noise at all but laid eggs in your ears at night.  That image wrecked my ...

Scott Kessler and Eric Rachner are the co-founders of Secure Senses Inc, which provides human intelligence-based cybersecurity services. In an interview with the Cipher Brief, they indicated that “hacking as a service” is on the rise in the Russian hacker community, and that the scale of the problem this represents ...

The Russian government is considered to be one of the most advanced cyber actors globally, with highly sophisticated cyber capabilities on par with the other major cyber powers. Open source information about Russian cyber programs and funding is scarce, but an ultimate goal of the government is to gain information ...

With the proliferation of many advanced security tools, enterprise and C-Suite managers have recently turned to deploying the most fashionable, powerful, and popular tools on the market, bolstering their defense capabilities and impressing shareholders. The story is typical: A CIO or CISO is lured by clever marketing gimmicks or a ...

Large businesses in the United States are putting substantial resources into protecting their information from cybersecurity threats. As a result, they are tougher targets for malicious attacks, so hackers and cyber criminals are now focusing their unwanted attention on smaller, less secure businesses. Small businesses have money and information of ...

Justin Zeefe is a co-founder and Chief Strategy Officer for the Nisos Group.  Zeefe spoke with The Cipher Brief about the evolving cyber-threat and how smaller businesses can best protect themselves. His main advice?  Make cybersecurity a priority and be proactive about protecting your assets. The Cipher Brief: It seems ...

Few businesses today would think of operating without liability, property, or workers’ compensation insurance and yet, according to a recent survey by CSO magazine, only 59 percent of organizations have some form of cybersecurity insurance. Part of the problem is that cybersecurity insurance continues to be a maturing market that ...

After the United States emerged from the Vietnam War, it witnessed the events of the 1973 Yom Kippur War—a state-level conflict fought against Israel by a coalition of Arab states led by Egypt and Syria. That war underscored how far potential enemies had advanced in terms of weapons and tactics. ...

Thomas Mahnken is the Jerome E. Levy Chair of Economic Geography and National Security at the U.S. Naval War College and served as Deputy Assistant Secretary of Defense for Policy Planning, giving him a unique perspective into changes in naval warfare. He shared this insight, along with his expectations for ...

Three dramatic developments have occurred in the employment of U.S. air power in the past 25 years: the vulnerability of air defenses faced, leading to far less attrition of U.S. aircraft than was suffered previously; the ability to strike ground targets with great precision, day or night; and the ability ...

Chris Young is the general manager of the Intel Security Group at the Intel Corporation, where he leads the company’s security practice. Young sat down with The Cipher Brief to discuss the evolving nature of the cyber threat and what businesses can do to better protect themselves. The Cipher Brief: ...

Cybersecurity has not only dominated the headlines in the wake of the U.S. Office of Personnel Management (OPM) and Sony hacks, it has become a big business opportunity as well. The demand for protection in the cyber domain is rising across the world. According to current projections, cybersecurity firms can ...

Davis Hake is the Director of Cybersecurity Strategy for Palo Alto Networks and a former official at the Department of Homeland Security.  Hake spoke with The Cipher Brief about the importance of information sharing and creating a coordinated response to the changing cyber-threat. The Cipher Brief: It seems like cyber-attacks ...

Periodically, The Cipher Brief profiles an up and coming leader in the cybersecurity and national security fields.   This week we introduce you to Angela Knox, the Senior Engineering Director at Cloudmark, a network security company.  Computer Business Review recently named Knox as one of the five top women leading the ...

To understand what domestic and strategic factors may have encouraged Iran to seek stronger cyber-capabilities, it helps to look at the several ways Iran uses such capabilities. First, Iran wants to keep its citizens under surveillance. Second, Iran wants to know the intentions and capabilities of other countries. Third, Iran ...

Iranian hacks into the social media accounts of U.S. State Department officials are the latest signal from Tehran that it is not looking to turn the page on its embattled relationship with Washington. They also reflect the diversification underway in Iranian cyberwarfare tactics, which in recent years have expanded from ...

Iran is a second tier cyber power. By the standards of other state actors, its capabilities—both offensive and defensive—are relatively modest, but they are growing steadily. Cyber operations have also become an integral component of Iranian military doctrine and strategy, which place a heavy emphasis on the principles of asymmetry ...

Through a series of attacks over the last three years, Iran has revealed a limited offensive cyber capability but a willingness to use it to meet its geopolitical goals. In testimony calling out Iran for attacks on Sands Casinos, Director of National Intelligence James Clapper put Iranian cyber capability in ...

Hollywood has a clear idea of what it would look like if someone used cyber-capabilities against us: a man in a room full of screens would be typing madly, planes would fall out of the sky, there would be explosions everywhere, and so forth. According to Director of National Intelligence, ...

David Navetta is an attorney who focuses primarily on technology, privacy, information security, and intellectual property law at Norton Rose Fulbright.  In an interview with The Cipher Brief, Navetta discussed the legal and liability issues associated with businesses attempting to utilize offensive cyber capabilities. The Cipher Brief: Recently, there have ...

Does the cyber domain call for a fundamentally different framework for achieving international order in the 21st century, requiring statesmen to critically rethink the art of statecraft?  Most likely not, for as in past eras when new technologies and global threats have arisen, statesmen are still occupied with the great ...

As President and CEO of FusionX, Matt Devost focuses on cybersecurity and risk management.  Devost told The Cipher Brief that offensive cyber operations should rest exclusively with the federal government. The Cipher Brief: It seems like there is a lot of confusion about what offensive cyber-operations would look like, with ...

The U.S.-China summit has concluded and the announced results provided little good news on the cyber front, at least for us. Beijing certainly got what it wanted: no executive order sanctions against its officials and companies for benefitting from its planetary-scale cyber espionage campaign.  The Obama Administration apparently got what ...

Twelve days after the Paris attacks, I was waiting for a flight at London's Heathrow Airport, which seemed to be running with its customary sedate orderliness despite Brussels being on "lockdown" and police raids still taking place in Paris and Belgium.  While checking online for the latest developments in the ...

The safe harbour was a convenient fiction that enabled business-as-usual processes to take place between the EU and the U.S. Many were shocked when the Court of Justice of the European Union (CJEU) ruled it invalid, but in reality, the judgment should not have come as a surprise. The reasoning ...