National Security

“The United States has built the most powerful military the world has ever seen, but we are not invincible. Information technology is a both an essential enabler of American power, but it is also our Achilles heel. And that’s why this project is so important,” said Virginia Congressman Jim Moran, referring to a new cybersecurity research center opened by L-3 and Virginia Tech in Arlington, Va., Oct. 5.

“Cyberspace is the soft underbelly of American power,” said Moran, who called the need for more effective solutions for cyberspace an “urgent national priority.” Keep reading →


In the wake of Flame, there have been many interesting headlines bubbling up over the past several weeks regarding policy development of cyber “offensive” measures and the future of overall worldwide cyberwar policy. Perspectives vary greatly as to the future of cyber offensive measures, with one author going so far as to say that the world will be a better place when war strategies shift from the physical to the cyber realm.

One thing is clear – discussions of ‘striking back’ at an entity that has just hacked a government system or retaliating when a breach is identified signals a significant change in the traditional US Government mindset and combat philosophy in general. Will the change from a primarily defensive strategy in securing government systems to an “offense” mentality improve our national security posture? Likely so. Are we prepared to engage? It appears we are even willing to make a first strike. Keep reading →


Since the end of the Cold War more than 20 years ago, senior civilian and military leaders, our allies and the business community have criticized the nation’s export control system as being unnecessarily cumbersome and counterproductive. Instead of benefiting American interests, they said, it has done a poor job protecting sensitive technology while blocking U.S. manufacturers from legitimately selling less vital products to buyers overseas.

Brian Nilsson, a Commerce Department employee on detail to the White House, accomplished what many had tried and failed to do in the past-he brought together stakeholders with entrenched interests to design and begin implementing a new system that will more effectively protect our national security and help American businesses compete in the global marketplace. Keep reading →

The level of threat from cyber attacks has been the subject of controversy for years. However, just recently, multiple officials who are in the know have publically stated that the threat posed by cyber attacks is very real and went on to state that such an attack could potentially be not that far away.

In my most recent blogs, I made the distinction that cyber attacks are much more serious than cyber threats. If someone puts a piece of code on your system that exfiltrates data or information, disrupts, destroys or otherwise harms your computer, device, network, applications or data–that would be considered an attack. Keep reading →

As discussed in last week’s blog I continue to come across what I believe are two very dangerous attitudes about cyber aggression.

The first issue one, discussed last week, is about the importance of distinguishing between a cyber intrusion and a cyber attack. This week, I want to address the comment I hear too often that “we know for a fact” who are behind the cyber attacks.


I called a CISO (chief information security officer) of a critical infrastructure and a subject matter expert that worked with three-letter agencies on cyber event investigations. I barely finished relating the statement when he replied “That’s bulls**t and went on to talk about cyber break-in investigations that went on for “years” without identifying who was behind the attack. Keep reading →


In February 2011, a college student from Saudi Arabia was arrested in Texas for plotting to bomb U.S. targets after trucking company officials alerted authorities about a suspicious chemical they were hired to carry. A few weeks earlier, a Greyhound bus driver in Virginia persuaded a hijacker to let the passengers offload. They notified the police, who were able to defuse the situation and arrest the individual.

These separate incidents had one common thread-the transportation employees had been trained through a federal terrorism and security awareness program known as “First Observer.”
The nationwide program, led by William (Bill) Arrington of the Transportation Security Administration (TSA), recruits and trains volunteers from the trucking, school bus and motor coach industries, law enforcement as well as sports stadium personnel, parking lot attendants and other highway transportation professionals to observe, assess and report suspicious activities that might pose a serious public threat. Keep reading →