The term “cyber threat hunting” has taken on several meanings over the last few years. When asked the question “What does cyber threat hunting mean to you?” the answer you receive can vary widely depending on the perspective and/or managerial or operational role within a cyber team. With so many sources of cyber threat intelligence, both commercial and opensource, including advances in automation, specifically AI/ML and...

Achieving zero-trust security is a goal set by the U.S. government. The Executive Order on Improving the Nation’s Cybersecurity requires government agencies to achieve specific zero trust security goals by the end of the 2024 fiscal year. Although Kubernetes was initially designed with basic security capabilities, broad and rapid adoption and an increasingly sophisticated threat landscape have made Kubernetes more vulnerable to attacks....

Securing the software supply chain is mission critical to the federal government, particularly after the 2020 SolarWinds breach and the increasing frequency of attacks. Given Cybersecurity Executive Order 14028, the ongoing risk of software supply chain attacks, and the criticality of software to daily operations, balancing security with innovation is essential to accelerating government missions. Agencies must ensure software is free of vulne...

A cadre of cyber professionals tasked with maintaining national and global security operate—and sometimes suffer—silently behind their computer monitors. Suicide has become the second leading cause of death in the United States among people aged 10-34, and among the first responder population, who are under high levels of stress and operate in danger of risking life and limb, an estimated 30% suffer from depression, post-traumatic...

U.S. Special Operations Command’s (USSOCOM's) enterprise network supports more than 80,000 users and operators spanning 24 time zones across the world, making it the fourth largest network in the DoD. The IT teams that manage the network are tasked with a singular mission—connecting operators to the data, communications, devices and applications needed to achieve mission success. Any enterprise network is susceptible to internal an...

The cybersecurity landscape for the U.S. government is continuously evolving. The U.S. government is embracing DevSecOps and paving the way for digital transformation. Free and readily available open source components allow federal agencies to save time and money and in many cases improve quality empowering innovation velocity. In today’s world, understanding what’s in your open source software supply chain is critical to national...

In 2021, President Joe Biden issued an executive order that mandated agencies to start planning for the migration to a Zero Trust Architecture (ZTA). Since then, hundreds of tech companies have jumped on the zero trust bandwagon. Unfortunately, the market is now crowded with no shortage of overzealous misinformation and hyperbole. It is clear to us that the current zero trust conversation is not resonating with most organizations. For governme...

Considered by many a natural region that stretches from the African east coast to the U.S. west coast, the Indo-Pacific area has undergone a strategic shift that requires reliable connectivity between the Indian and Pacific oceans. Today’s reality is that the historic and contemporary nations in South Asia, specifically India, play a major role in shaping present and future discourses. Keying off this shift, AFCEA International and AFCEA...

Now in its ninth year, the Summit, powered by AFCEA International and the Intelligence and National Security Alliance (INSA), brings senior Intelligence Community leaders together to advance collaborative solutions to critical intelligence and national security challenges. The nation's premier intelligence and national security conference returns to the Gaylord National Resort on September 15-16. #IntelSummit22 offers powerful plenaries focuse...

Government contractors are increasingly a prime target for cyber-attacks, ranging from phishing and social engineering to malware and ransomware. Cloud computing, remote working and traffic encryption expand the attack surface while making threats harder to detect. How do we improve our network security in the face of these challenges? Network detection and response solutions can help detect potential breaches and prevent attackers from disrup...