Tag Archive for: strategy

US Space Force Major urges Defense Department to adopt Bitcoin as an ‘offset strategy’


U.S. Space Force Major Jason Lowery has brought a novel perspective on Bitcoin to light, extending its significance far beyond finance and into national defense and cybersecurity.

In a detailed letter to the Defense of Defense’s (DoD) Innovation Board, Lowery argued that Bitcoin and similar proof-of-work (PoW) protocols hold substantial strategic importance, urging the government to delve deeper into their potential applications.

Macrochip

The major’s letter contextualized Bitcoin within the military strategy of an offset approach. The concept historically involves leveraging technological advancements to counterbalance adversaries’ strengths.

Lowery suggested that Bitcoin and its underlying technology could serve as contemporary tools in this regard, potentially redefining the landscape of cyber warfare and defense.

Lowery described Bitcoin as a pioneering “macrochip,” a concept that transforms the global electric power grid into a vast, resource-intensive computer. This innovative approach, he argued, introduces physical costs into the digital domain, offering a new method of securing a wide array of data across the internet.

According to Lowery, this strategy challenges the conventional paradigms of cybersecurity and could mark a significant shift in protecting national interests in the digital age.

Lowery also addressed the ongoing challenges in cybersecurity, highlighting the inadequacies of existing software-based solutions. He proposed that the proof-of-work protocol, as exemplified by Bitcoin, represents a significant innovation in this field.

By introducing the notion of real-world physical costs as deterrents in cyberspace, this approach could revolutionize the way digital security is enforced.

Recommendations to DoD

The letter further explored the implications of this technology for cyber warfare and defense strategies. Lowery emphasized the need for the United States to recognize and quickly adapt to Bitcoin’s potential as a strategic offset in cybersecurity.

He warned that failure to do so could impact the global balance of power, especially in an era where digital and interconnected systems are increasingly vulnerable to security breaches.

In his role as the U.S….

Source…

The New FDIC InTREx Security Procedures: The Impact on Banks’ Digital Strategy


The use of technology continues to change in banking, and with it changes in cybersecurity risks. To address these changes, the FDIC updated the Information Technology Risk Examination (InTREx) procedures.

Updates include the requirement for banks to notify the FDIC within 36 hours of any computer security incident. InTREx also evaluates whether banks notify law enforcement and customers in these cases. It also applies to third-party organizations serving banks.

These rules are bound to impact banks’ digital strategy. Here are some questions to ask bank security staff to make sure they’re in compliance with the updates.

In most cases, community banks adding digital tools will use vendors, so it’s important to understand these rules. The InTREx exam procedures can help protect banks and their customers by gaining a deeper understanding of their vendors. It’s paramount in keeping customer trust to know where their data is, what controls protect it, who has access to it, and what happens when a failure occurs.

With this updated guidance, is your bank reviewing existing vendors as part of your vendor review process, especially for critical or high-risk vendors? Make sure they’re updating contact information, getting current due diligence packets, and understanding any new technology partners they’ve engaged with since the last review, as sometimes these would be considered fourth-party vendors.

Even if your bank relies more heavily on vendors, the risk responsibility does not fall entirely on them. Banks bear the responsibility to make sure they fully understand the risks of each relationship. Contractually, there may be language to help the bank financially in case of a vendor breach.

It’s critical to understand the information each vendor has and make sure your bank gets status reports, remains in touch and conducts timely reviews. Don’t focus on responsibility from a financial perspective alone — make sure your bank accounts for reputational risk to the institution, as well.

How Should Banks Better Secure Their Data?
As chief information security officers would advise, all data should be secured consistently and at the highest level based on its defined…

Source…

Pentagon’s Unclassified Cyber Strategy is Influenced by Russia-Ukraine War, China


The newly unclassified strategy anticipates election security issues and suggests an independent cyber service.

Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang talks to members of the press in Washington, D.C., Sept. 12, 2023. Photo credit: Senior Airman Cesar Navarro / DVIDS

The Defense Department’s unclassified summary of its 2023 cyber strategy presents a broad-ranging plan informed by the lessons learned from the Russia-Ukraine war, as well as the growing tensions between the U.S. and China in cyberspace.

“There are some shifts that reflect our real-world experience for the department in the time period between 2018 and 2023 to include our experiences of observing the conflict in Russia-Ukraine that have shaped and refined our understanding of the role of cyber in warfare, the ways in which we defend the homeland, and, of course, the importance of working on strengthening the cybersecurity of our partners and allies,” Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang told reporters at a roundtable organized by George Washington University.

The Pentagon’s unclassified cyber strategy comes on the heels of the White House’s national cybersecurity strategy implementation plan providing federal agencies with actionable steps to improve the nation’s security posture. While it is unclear whether a similar implementation plan will follow the Pentagon’s new cyber strategy, Eoyang said there are “mechanisms in the Department of Defense that we use to make sure that we are moving forward with that.” 

Some lessons learned from the Russia-Ukraine war include the importance of cloud migration, the impacts of satellite communications disruption, as well as people’s ability to tell their story to the world during an armed conflict. 

“The ability of Ukrainians to move their data extraterritorially, but still maintain access to it was really important,” Eoyang said. “We saw the Russian attempts to disrupt satellite communications as something that, I think, many people are still trying to understand that aggregate effect of that on the conflict. But certainly, it is something that we are looking at very carefully.”

Securing the 2024 Presidential…

Source…

DOD’s Cyber Strategy Emphasizes Building Partner Capacity > U.S. Department of Defense > Defense Department News



In May, the Defense Department released to Congress the classified version of the 2023 Cyber Strategy. Today, the department made public an unclassified summary of that strategy which reveals a new emphasis on helping U.S. partners and allies build their own cyber capacity.

“Distinct from previous iterations of the DOD cyber strategy, this strategy commits to building the cyber capability of global allies and partners and to increase our collective resilience against cyber attack,” said Mieke Eoyang, the deputy assistant secretary of defense for cyber policy, during a briefing today at the Pentagon. “Allies and partners are a strategic advantage that no competitor can match.” 

According to the now publicly available summary of the 2023 Cyber Strategy, the department plans to prioritize efforts to increase the effectiveness of allies and partners in cyberspace. 

“In some cases, the department will work toward this goal by augmenting partner capacity, expanding partners’ access to cybersecurity infrastructure and maturing their cyber workforce though combined training events and exercises,” the summary reads. 

The summary further states the department has also committed, in some cases, to directly helping develop partner capability by enabling functions a partner needs but does not yet have. 

“The department will enhance our relationship with our most cyber-capable allies and partners at the strategic, operational and tactical levels,” the policy reads. “We will expand the total number of partners with whom we engage and integrate these efforts with the wider security cooperation enterprise.” 

More broadly, the summary reveals that the 2023 Cyber Strategy asks the department to address current and future cyber threats by pursuing four complementary lines of effort. These lines of effort include defending the nation, preparing to fight and win the nation’s wars, protecting the cyber domain with allies and partners, and building enduring advantages in cyberspace. 

“[This] strategy builds upon the direction set by the 2018 DOD Cyber Strategy and is informed by years of real-world experience of…

Source…