Contrary to the predictions of many security experts, who argue that cloud exploits, mobile device attacks and all-out cyber war will be among the most likely data breach threats governments and enterprises will face in 2013, researchers for the Verizon Data Breach Investigations Report (DBIR) have reached a far different conclusion.

The most likely threats in 2013 will involve authentication attacks and failures, continued espionage and “hacktivism” attacks, Web application exploits and social engineering. Keep reading →

Ever consider the massive amount of intelligence that the United States collects and uses in the defense of the country and our allies? It is surely massive given the scope of our collection effort.

Many people do not realize that the U.S. intelligence community is comprised of 16 separate agencies, not including the Office of the Director of National Intelligence which is responsible for leading intelligence integration. These agencies are tasked with foreign and domestic intelligence collection, analysis support of military planning, and in some cases performing acts of espionage:

  1. Central Intelligence Agency (CIA)
  2. Air Force Intelligence, Surveillance and Reconnaissance Agency (AFISRA)
  3. Army Intelligence and Security Command (INSCOM)
  4. Defense Intelligence Agency (DIA)
  5. Marine Corps Intelligence Activity (MCIA)
  6. National Geospatial-Intelligence Agency (NGA)
  7. National Reconnaissance Office (NRO)
  8. National Security Agency (NSA)
  9. Office of Naval Intelligence (ONI)
  10. Office of Intelligence and Counterintelligence (OICI)
  11. Office of Intelligence and Analysis (I&A)
  12. Coast Guard Intelligence (CGI)
  13. Federal Bureau of Investigation (FBI)
  14. Office of National Security Intelligence (DEA/ONSI)
  15. Bureau of Intelligence and Research (INR)
  16. Dept of Treasury’s Office of Terrorism and Financial Intelligence (TFI)

Source: Wikipedia

Now we have to add U.S. Cyber Command to that list.

In addition, we have to add all the private sector organizations that have established their own security intelligence and cyber intelligence gathering and analysis capabilities as well as those in industry protecting against cybersecurity threats as well.

Oh – we should not forget the state and local law enforcement intelligence units that exist around the country.

Now let’s add the black-ops (clandestine) intelligence community members.

Add them all up and that paints a reasonable picture of the intelligence coverage we have in place. It sounds like allot, but given the number of kinetic and non-kinetic threat we face, it’s not!

One has to wonder how much more effective our intelligence efforts could be if regulations requiring separation did not exist and a collaborative/sharing environment along with the systems required for collaborative support were in place.

While those regulations were probably put in place for good reason when they were enacted, times have changed. Maybe it is time to revisit the restrictions.

Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.

A relatively new report on the extent to which foreign spies are stealing U.S. economic secrets is gaining attention not only for what it concludes but also for the fact that it actually names names.

The report comes by way of the Office of the National Counter Intelligence Executive and is titled Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009 – 2011. Keep reading →