By GCN Staff

Boston commits $3.5 million to next-generation firewall

Boston commits $3.5 million to next-generation firewall

Boston has never had a large-scale data breach or cyberattack, but the city is not waiting around for it to happen.

In an effort to defend against future attacks, the city is committing $3.5 million to develop a next-generation firewall system. The firewall will be ready by the end of the year, according to the Boston Herald, but the plan is to continue to bolster security efforts through 2020.

In addition to the firewall, the city is also preparing for contingencies that could threaten systems and utilities – like the loss of power that led to parts of the Boston Fire Department network going offline. Backup generators prevented the power loss from becoming serious.

“There’s a lot of ongoing work that we have around identifying any place within our technology infrastructure where we think we have got a vulnerability or a system that we don’t think has the right kind of redundancy,” Jascha Franklin-Hodge, Boston’s CIO, told the Herald.

Posted on Jul 28, 2015 at 6:53 AM0 comments

An MCU could be mounted in this kind of vehicle

FirstNet foresees in-vehicle units for remote comm

One of the challenges for FirstNet, the nationwide LTE public safety broadband network, will be providing coverage for responders in remote locations or otherwise out of range of terrestrial coverage.

Current alternatives include using balloons or drones to construct an aerial communications architecture and portable cellular networks that connect responders to FirstNet.

One of the latest concepts for coverage extension, however, is the Mobile Communications Unit (MCU), a satellite-based communications system that could be installed in responder vehicles to give responders wireless capabilities when they are outside of terrestrial network coverage.

According to a blog post by the FirstNet Office of the Chief Technology Officer, the MCU could automatically act like a remote base station to other users, coordinating communications if the size of the incident expands or if additional first responders are needed.

The MCU could automatically switch from the terrestrial network modem to a satellite modem and  use in-vehicle routers and rugged antennas that could withstand extreme environmental conditions. New satellite technologies can improve some of the performance, physical installation, and cost of including a satellite option, FirstNet said.  

While MCU is still a concept, FirstNet is researching deployable platforms and working to ensure that the MCU is prioritized as appropriate to support commercial availability of this critical platform.

Posted on Jul 27, 2015 at 11:14 AM0 comments

Cyber tech transfers from lab to industry

Cyber tech transfers from lab to industry

The Network Mapping System (NeMS), developed by Lawrence Livermore National Laboratory, has been licensed for commercialization.  The software-based tool that tells users what is connected to their network so that they know what needs to be protected has been licensed to Cambridge Global Advisors, an Arlington, Va.-based strategic advisory services firm.

NeMS is the third technology to successfully emerge from the Department of Homeland Security's Transition to Practice program and enter the commercial market.  The program is run by DHS' Science and Technology Directorate.

“TTP’s goal is to find technologies with the potential to strengthen our nation’s cybersecurity posture and assist those technologies in making the difficult journey from the research lab to the commercial marketplace,” said TTP Program Manager Mike Pozmantier.

Now in its third year, TTP has 24 that are ready for transition to the marketplace. Of those 24, three technologies—Quantum Secured Communication, Hyperion and now NeMS – have successfully transitioned into the marketplace through commercial licenses.

Posted on Jul 20, 2015 at 10:21 AM0 comments

Pennsylvania moves licensee list sales online

Pennsylvania moves to automate licensee list sales

Pennsylvania’s Bureau of Professional and Occupational Affairs (BPOA), which licenses nearly 1 million professionals, will now offer online list sales of its licensees.

Last year, list sales generated close to $250,000 in revenue for the state, but the process of getting these lists to buyers was difficult. Lists had to be ordered by email and paid for in advance by check. Then the BPOA staff had to contact each purchaser to get preferred search criteria for a database query before emailing out the final list.

The new system allows list buyers to purchase a licensee list by filling out an online form. Once the payment process is complete, a receipt and a comma-delimited list are sent to buyer via email.

The state expects the online service to increase government transparency while saving taxpayer dollars.

"By allowing the public to order, pay for and generate lists online, staff costs will be kept to a minimum," said Acting Secretary of the Commonwealth Pedro A. Cortés. "This is all part of our goal of leveraging technology to provide better customer service and, in the process, realize cost savings. The goal is to be more efficient and user-friendly."

As part of the same wave of technology upgrades, Letters of Good Standing for any licensee can also be requested online.

Posted on Jul 20, 2015 at 2:22 PM0 comments

NIST drafts security building blocks

NIST drafts security building blocks

NIST has proposed two new building blocks to improve email security and to provide security services based on personal identity verification (PIV) credentials through mobile devices.

The building blocks cover cybersecurity implementations that apply to multiple industry sectors and will be incorporated into many of the National Cybersecurity Center of Excellence’s sector-specific use cases. Final versions of the building blocks result in NIST Cybersecurity Practice Guides (Special Publication series 1800), which describe the practical steps needed to implement a cybersecurity reference design.

The draft building block "Domain Name System-Based Security for Electronic Mail" proposes using the DNS-based Authentication of Named Entities (DANE) protocol to help prevent unauthorized parties from reading or modifying an organization's email or using it as a vector for malware.

The draft building block "Derived Personal Identity Verification (PIV) Credentials" proposes a way for mobile devices to use two-factor authentication without specialized card readers, which read the identity credentials embedded in on-card computer chips to ensure authorized access to computer systems or facilities. With derived credentials, mobile device users could get the same level of security with their mobile devices that desktop users get with card-reader access.

The comment period for each is open until Aug. 14, 2015.

Posted on Jul 07, 2015 at 1:00 PM0 comments