nextgov

The way to handle a cyber threat is not by harnessing the enormous amounts of data the United States collects on similar hacks, according to an unlikely source -- a former US intelligence cyber chief.

It’s too much information and inefficient to analyze.

"I hate the wisdom of crowds. That is BS. Does not exist," said Roger Hockenberry, former chief technology officer for the National Clandestine Service. "It creates this immense opportunity when you have tons of data to look at and research, but at the same time, we have tons of data that we need to look at and research."

The quality of data and automation has not matured to the point where feeding information to machines can stop an assault, he said. Still, some current Homeland Security Department officials stressed the need to at least automate data feeds about breaches -- something organizations that are hit by hackers are often reticent about.

"What it really comes down to is your CERT," or computer emergency response team, said Hockenberry, who also served as a CIA chief for cyber solutions. "All the companies that I see have a very nascent ability to automate response to any kind of attack. It’s still a manual process."

The Secret Service is purchasing software to watch users of social networks in real time, according to contract documents.

In a work order, the agency details information the tool will collect -- ranging from emotions of Internet users to old Twitter messages. Its capabilities will include “sentiment analysis,” "influencer identification," "access to historical Twitter data," “ability to detect sarcasm," and "heat maps" or graphics showing user trends by color intensity, agency officials said.

The automated technology will "synthesize large sets of social media data" and "identify statistical pattern analysis" among other objectives, officials said. The tool also will have the "functionality to send notifications to users,” they said. Employees within the Secret Service's Office of Government and Public Affairs will be using the new system, agency officials said.

Every day, people, machines and the world’s growing multitude of sensors create more than 2.5 exabytes of data -- that’s a 2.5 followed by 18 zeros -- a bonanza of bits and bytes that is in many ways a double-edged sword.

On one hand, private sector companies and the government are able to collect more data than ever for analysis -- ideally, that’s a great thing. Never in human history has humanity had access to the kinds of data it does now. Yet big data sets are also attractive to hackers and malicious actors who see more data as more money or intelligence to steal.

The two disciplines -- cybersecurity and big data -- are beginning to meld so that it’s difficult to talk about one without the other. Agencies across government are learning to better detect and analyze cyber threats, and one of the ways they are doing so involves big data.

For example, agencies might sift through huge piles of data as they monitor traffic in and out of a network in real time to detect potentially adversarial anomalies. It takes a lot of technological horsepower to analyze that information, but the insight it provides could be the difference between a massive leak or media frenzy and business as usual.

Concerns about data compromises are partly to blame for drawing out an effort to merge roughly 2,000 dot-gov websites, according to federal officials and internal emails. But officials say they are still committed to making government services and information easier to navigate, as the website consolidation initiative approaches its three-year anniversary.

Combining National Oceanic and Atmospheric Administration website content with content from the Coast Guard illustrates the trickiness. The Coast Guard, a Homeland Security Department agency with a dot-mil suffix, is more of a bull’s eye for hackers than NOAA, officials say. USCG employees shy away from sharing data with other agencies, one information technology employee complained on the government's Web content managers listserv in 2012. Nextgov retrieved the message, with the employee’s name redacted, through an open records request.

The Coast Guard staff "are security maniacs because hackers like to target them," wrote a NOAA web manager in the Office of Space Commercialization, which is part of the Department of Commerce.

Securing America’s future in science, technology, engineering and math fields requires more than expanding opportunities for women. Promoting interest and opportunities for minorities also should be a national imperative, particularly as more than half of children born in the United States today are of minority descent.

That was the topic of a symposium at the National Academy of Sciences that sought to find solutions for providing minorities and women with proven pathways for obtaining good jobs and a higher standard of living through STEM education. The event, hosted by the Leadership Conference on Civil and Human Rights, highlighted that now, 60 years after the landmark Supreme Court decision in Brown v. Board of Education, education in the United States remains separate and unequal for many minorities, children with disabilities and those living in high-poverty areas.

STEM is one area that has great potential to reverse that trend and help the United States maintain a competitive edge, experts noted.

The government should sponsor a national body to license cyber professionals and authorize cyber certifications, and then spin it off into an independent consortium, a military faculty member at the Pentagon's National Defense University said.

A body akin to an American Medical Association is needed to authorize individuals to practice as cyber professionals and to revoke that license when necessary, said Lt Col Sean CG Kern, an NDU information security professor. In order for that body to possess authority, it would have to be federally funded, at least initially. This model also would include sub-associations for specialty areas, such as digital forensics, that would pick which certifications currently offered by various firms should be required.

The Homeland Security Department and National Institute of Standards and Technology have carved out 31 cyber specialties. It might not be hard to imagine an American Cybersecurity Association, but upending the cyber certification industry would ruffle some feathers. International Information Systems Security Certification Consortium -- or (ISC)2 -- officials argued that overhauling the certification system would undo hard-won progress in educating the cyber workforce and exacerbate cyber staff shortages.

"Our organization has worked closely with government and anytime that they believe they need a more technical, specific credential, we sit down and build it," (ISC)2 Executive Director Hord Tipton said at the time.

Since 1982, 37,000 people, including 7,000 Americans, survived potentially disastrous incidents because of the COSPAS-SARSAT rescue network. That record earned the satellite system an induction into the Space Technology Hall of Fame.

The honor recognizes technologies originally developed for space applications that ultimately improve live on Earth, and few technologies rival COSPAS-SARSAT in life-preserving metrics.

In 2013 alone, COSPAS-SARSAT’s network of satellites that detect and locate distress signals from emergency beacons led to the rescue of 253 people from potentially deadly situations. The network involves numerous satellites, including the National Oceanic and Atmospheric Administration’s geostationary and polar-orbiting satellites. Altogether the program comprises 43 countries and organizations.

Analytics is often touted as a new weapon in the technology arsenal of bleeding-edge organizations willing to spend lots of money to combat problems. In reality, that’s not the case at all.

Certainly, there are complex big data analytics tools that will analyze massive data sets to look for the proverbial needle in a haystack, but analytics 101 also includes smarter ways to look at existing data sets.

In this arena, government is making serious strides, according to Kathryn Stack, advisor for evidence-based innovation at the Office of Management and Budget. Interestingly, the first step has nothing to do with technology and everything to do with people. Get “the right people in the room,” Stack said, and make sure they value learning.

Finally, Stack said it’s common for agencies to tackle analytics problems by acquisition. That’s a backwards approach in which the only guarantee is that your agency is going to spend money. Instead, Stack recommended agencies “think about contractors less,” and focus first on reaching out to academic researchers, nonprofits and foundations. Don’t sleep on government peers from other agencies, either.

A fundamental overhaul of how federal agencies build and buy information technology systems passed the House for the second time in 2014.

The chamber in February approved the Federal Information Technology Acquisition Reform Act, or FITARA, which among other reforms would limit each federal agency -- including the Defense Department -- to one person with the title chief information officer and give that person authority over the agency’s IT spending.

This time around, the legislation was tacked on as an amendment to the 2015 National Defense Authorization Act, which the House approved by a vote of 326-98.

A similar measure made it into the Defense bill in November 2013 but was stripped out at the last minute in the following month, when lawmakers also cut more controversial amendments -- including one addressing sexual assault in the military -- to ensure the bill would pass both the House and the Senate.

The House approved legislation that breaks out $13.4 million for Air Force cyberattack operations and $5.6 million for efforts to defend the service's networks. But those numbers likely underrepresent cyber offense and especially cyber defense spending, some military budget analysts say.

The problem with cyber funding -- governmentwide -- is that it's hard to define what cyber is, they note. "What they are splitting out here is really just a portion of what they are doing for cyber offense and defense," said Todd Harrison, director of defense budget studies at the Center for Strategic and Budgetary Assessments. "I think it's the part that's more focused on specific adversaries around the world."

The House’s version of the 2015 National Defense Authorization Act would spend a total of $67 million on Cyber Command offensive and defensive activities. The command oversees all Defense Department cyber operations. "I expect that if you did a true accounting of what DOD is spending on cyber, it would be in the billions" of dollars, Harrison said.