Telstra announced on Friday its mobile network was "end-to-end enabled" with support for standalone 5G.
5G networks can offer non-standalone 5G, with uses of 5G radios with a 4G core, or standalone mode which replaces the 4G core with a 5G core.
The telco said it had upgraded its 5G radio network and connected it to its Ericsson 5G core, in order to handle standalone traffic.
"Getting the Telstra mobile network to be 5G standalone-ready is an important step towards unleashing greater capabilities for enterprises and consumers alike," Telstra's group executive networks and IT Nikos Katinakis said.
"The new standalone capability will be able to support new enterprise services that power a branch office running multiple applications and services. It could also help new industry vertical use cases such as manufacturing and remote-controlled operations."
Devices capable of using standalone 5G are not yet commercially available, but Telstra said it expects that to occur in late 2020, with devices currently undergoing testing. The first customers to make use of the network would be enterprises and early-adopting developers, before consumers jumped on the network, the telco added.
In July, Telstra and Ericsson made a call over the standalone network.
There will not be a second season of USA drama series Dare Me. USA Network has opted to cancel the series, from UCP and Peter Berg and Michael Lombardo’s Film 44, after one season, Deadline has confirmed. We hear UCP will be shopping the series to other outlets.
Dare Me premiered to stellar reviews. Co-produced by Netflix, the series began an international run on the streamer last month, and has a second window run on Netflix in the U.S.
Based on the novel by Megan Abbott, who serves as writer and executive producer along with Gina Fattore, Dare Me is described as an unflinching exploration of teen angst, jealousy, loyalty and the dynamics of power in a small Midwestern town.
The series dove into the cutthroat world of competitive high school cheerleading. It follows the fraught relationship between two best friends after a new coach arrives to bring their team to prominence. While the girls’ friendship is put to the test, their young lives are changed forever when a shocking crime rocks their quiet suburban world. Part coming-of-age story, part small-town drama, part murder mystery, Dare Me exposes the physical and psychological extremes that some young women are willing to endure in order to get ahead.
Dare Me stars Willa Fitzgerald as Coach Colette French, Herizen Guardiola as Addy Hanlon and Marlo Kelly as Beth Cassidy. Additional series regulars included Rob Heaps and Paul Fitzgerald.
Abbott, Berg, Lombardo, Sarah Condon and Karen Rosenfeldt executive produce.
USA’s decision to cancel Dare Me comes as the network shifts toward live and unscripted programming and focuses its future scripted on more eventized projects, such as the Evel miniseries, starring Milo Ventimiglia. USA’s current scripted lineup includes Queen of the South, The Sinner, Briarpatch, The Purge, Treadstone and Dirty John, which moved to USA from Bravo.
The Hollywood Reporter was first to report the cancellation.
FILE - This Aug. 11, 2019, file photo shows a Visa logo on a credit card in New Orleans. Visa said Thursday, April 30, 2020, that its fiscal second-quarter profits increased 3.6% from a year earlier, helped by growth in payments being processed over the company's namesake network. (AP Photo/Jenny Kane, File) (Copyright 2020 The Associated Press. All rights reserved.)
Visa said Thursday that its fiscal second-quarter profits increased 3.6% from a year earlier, helped by growth in payments being processed over the company's namesake network.
The San Francisco-based company reported net income of $3.08 billion, or $1.38 per share, in the three months ended March 31. That compares with a profit of $2.98 billion, or $1.31 per share, in the same period last year.
Excluding one-time items, including acquisition costs and the impact of equity investments, Visa earned $1.39 a share, or 5 cents more than the consensus analyst forecast, according to FactSet.
Revenue increased 7% to $5.9 billion, topping analysts' estimates for $5.7 billion.
Visa said its payments volume increased 5% during the quarter, while its cross-border bank transfers fell 2%. Processed transactions climbed 7%. The company earns a small fee for every transaction on its network.
Beginning in February, the COVID-19 pandemic initially affected transactions over Visa's network in Asia. By the latter part of March, however, as the outbreak spread globally and governments imposed social distancing and shutdowns of nonessential businesses, transaction and payments volumes sharply declined, the company said.
In a statement, CEO Alfred Kelly said the company's business model is resilient, but warned “the road ahead will likely be challenging for a number of quarters."
Like other companies, Visa declined to provide a full-year earnings outlook, citing the “significant uncertainty” in the global economy due to COVID-19.
Visa has been on an acquisition streak the last few years and that continued in its second quarter. In January, the company agreed to buy financial technology company Plaid for $5.3 billion. The move bolsters Visa's access to money transfer systems outside of credit and debit cards, enabling it to profit from connecting consumers' bank accounts to financial services apps like Venmo and PayPal.
Visa shares were little changed in after-market trading following the release of the earnings report.
Copyright 2020 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Enterprise wireless specialist RF Connect has been championing the benefits of private networks on unlicensed spectrum by building demo CBRS networks to show to potential customers. When COVID-19 struck, the company was able to pivot those resources from demonstration to deployment.
RF Connect is based in Michigan, one of the states hit hardest by COVID-19. In the company's hometown of Farmington Hills, Memorial Health System has set up triage tents and testing facilities outside a hospital. With help from volunteers at CommScope, Accu-Tech and Druid Software, RF Connect was able to quickly deploy a secure CBRS network that does not need power or cable infrastructure.
"We're profoundly grateful for the proactive offer from RF Connect and its partners to help," said Jerry Miller, Memorial's VP of information services, in a press release. "The temporary wireless network which complements our existing wireless and wired network empowers us to appropriately focus our attention and resources on providing patient care."
In addition to private LTE for CBRS-certified devices, Memorial's new network enables Wi-Fi connectivity for non-cellular and non-CBRS devices. It supports healthcare devices that normally connect to the hospital's indoor network.
"Now is the time to utilize every technology resource to help organizations that are on the front lines fighting this pandemic," said CommScope VP Upendra Pingle. CommScope provides the cloud-based software that enables CBRS by ensuring that private networks do not interfere with one another, or with incumbent users of the spectrum bands, such as the US Navy. CommScope also owns Ruckus, which makes CBRS access points.
Memorial's network uses the OnGo label that the industry is adopting for CBRS deployments. The FCC authorized full commercial deployments of OnGo service earlier this year, and this is one of the very first commercial deployments.
— Martha DeGrasse, special to Light Reading. Follow her @mardegrasse
(Reuters) - Nokia has won a share of China Unicom’s 5G core network order alongside Huawei and ZTE, Nokia’s Chief Executive Rajeev Suri told Reuters in an interview, citing information published by the telecom operator.
FILE PHOTO: A man uses his mobile phone near a banner displaying a Nokia logo during the Mobile World Congress in Barcelona, Spain, February 25, 2018. REUTERS/Yves Herman
“We are the only foreign supplier in China Unicom for 5G core,” Suri said.
Nokia provides a wide range of telecom equipment in the China market but saw its Greater China revenue drop 29% year-on-year in January-March.
China Unicom was not immediately available for comment, but had listed Nokia on its website as the number three winner, behind Huawei and ZTE, for the “2020 China Unicom 5GC Centralized Procurement Project”, covering two core network projects.
“It should be about 10% market share in 5G core and about 17% in virtualized IMS,” Suri added, referring to virtual IP Multimedia Subsystems, which deliver real-time communication services.
The core network is where the most critical controls are located and the most sensitive information is stored, while the peripheral radio network is typically larger and includes masts, antennas and other passive equipment.
Nokia has been on sidelines for larger China radio orders which often mean taking losses in the early years of a contract.
According to media reports, Nokia did not win any 5G radio contracts from Chinese telecom companies - China Mobile, China Unicom and China Telecom - in recent bidding rounds.
Nokia said it expected to remain a “meaningful player” in China through its wide telecom portfolio even though pursuing 5G radio network market share presents significant profitability challenges.
Suri said, for 5G radio equipment markets, China was a large part of the global market but not so much from a revenue standpoint.
“So people only speak about the volume share being 50, 60 percent. But when it comes to the revenue share, the value share of that market, it’s about half that,” he added. “And then the profit share in the medium term is actually negligible as part of the global market.”
Reporting by Tarmo Virki, additional reporting by Supantha Mukherjee, Josh Horwitz and Brenda Goh, writing by Anne Kauranen; Editing by Jon Boyle
Validated Infoblox solution brings benefits of its DDI Platform to dynamic NFV environments on Ciena uCPE platforms
Infoblox Inc., the leader in Secure Cloud-Native and Cloud-Managed Network and Security Services, today announced expanded market opportunities through a collaboration with Ciena, combining the benefits of the Infoblox DDI Platform to dynamic NFV environments with Ciena’s universal customer premise equipment (uCPE). In this initial release, Infoblox DNS, DHCP, and IP Address Management ("DDI") and Secure DNS capabilities are available for the Enterprise branch office edge, improving service agility with highly-available and dynamic DNS, DHCP and IP address assignment through a validated NFV software instance that runs on the Ciena 3906 and 3926 Platforms.
In a hybrid cloud architecture, enterprises continue to become more decentralized and operate across multiple platforms. While technologies such as SD-WAN can be a simple and cost-effective way to provide enterprises with reliable and optimized connectivity to cloud-based applications such as Office 365, without upgrades to their underlying DDI infrastructure, users can experience poor application performance due to inadvertent connections to geographically distant service endpoints in the cloud.
"Enterprises are moving towards SaaS and cloud-based applications, requiring branch office networks to evolve their DDI infrastructure to provide an optimal end-user experience," said Dilip Pillaipakam, vice president of service provider products at Infoblox. "Service providers are driving uCPE deployment discussions with medium and large enterprise clients focusing on SD-WAN managed services to help these highly distributed organizations evolve their network architecture to address the visibility, reliability, and management challenges of their remote locations."
The Infoblox DDI NFV solution, leveraging Ciena’s 3906 and 3926 Platforms, enables service providers to offer enterprise customers the ability to simplify management of highly distributed remote networks and to optimize the network performance of cloud-based applications. Through additional third-party virtualized network functions (VNFs), enterprises can replace traditional hardware-based appliances with SD-WAN connectivity, advanced firewall/UTM capabilities, secure DNS, and WAN optimization features, all hosted on a single, reliable, and secure Ciena host platform. Further, Ciena’s 3906 and 3926 Platforms delivers MEF 2.0-compliant and MEF 3.0-compliant Ethernet connectivity, respectively, alongside VNF hosting. Ciena’s 3906 and 3926 Platforms are compact, carrier-grade CPEs optimized for 1 gigabit and 10 gigabit Ethernet connectivity applications, respectively.
"There is significant and increasing demand for mission-critical functionality that reduces business and operational, and service providers continue to look to Infoblox to support them with their network virtualization efforts," added Pillaipakam. "Our validated NFV solution on Ciena uCPE platforms enables us to support service providers with operational simplicity, making it easier to deliver a secure and reliable connection to their subscribers, while reducing network operating expenses."
About Infoblox
Infoblox delivers the next level network experience with its Secure Cloud-Managed Network Services. As the pioneer in providing the world’s most reliable, secure and automated networks, we are relentless in our pursuit of next level network simplicity. A recognized industry leader, Infoblox has more than 50 percent market share in the DDI networking market comprised of 8,000 customers, including 350 of the Fortune 500. Learn more at https://www.infoblox.com.
Nearly two-thirds (64%) of global firms have experienced network security disruption due to the sudden recent shift to home working, with some predicting a major surge in data breaches, according to new reports out this week.
IT services firm Neustar polled hundreds of security professionals across Europe and the US to compile its latest Neustar International Security Council (NISC) findings.
It revealed that almost a quarter (23%) are experiencing major disruption to network security practices, while 61% said their VPNs have suffered connectivity issues. The figures may be linked to the fact that 29% of responding companies admitted not having a fully executable business plan for network security in the event of a major crisis.
Rodney Joffe, chairman of NISC and fellow at Neustar, argued that government lockdowns have dramatically changed network connection patterns across the globe.
“More than 90% of an organization’s employees typically connect to the network locally with a slim minority relying on remote connectivity via a VPN, but that dynamic has flipped,” he added.
“The dramatic increase in VPN use has led to frequent connectivity issues, and — especially considering the disruption to usual security practices — it also creates significant risk, as it multiplies the potential impact of a distributed denial-of-service (DDoS) attack. VPNs are an easy vector for a DDoS attack.”
DDoS attacks were named as the greatest concern of respondents (23%), followed by system compromise (22%) and ransomware (18%). Social engineering via email was named an increasing threat to organizations by most respondents (61%).
In fact, the surge in COVID-19-themed phishing attacks since the start of the pandemic will likely lead to a “dramatic increase” in data breaches, according to one vendor.
IT asset disposal firm DSA Connect argued that home workers are more likely to visit suspicious websites, and are more exposed to spear-phishing due to the large number of online or phone-based meetings filling their days.
According to the firm, the number of COVID-specific fraud reports registered with the UK’s National Economic Crime Centre in March was 277% higher than for the six weeks to March 18.
“In the wake of coronavirus and with more people working from home, fraudsters have stepped up their targeting of companies and their employees, and this dramatically increases the chances of data breaches,” predicted chairman, Henry Benham.
(Reuters) - Nokia has won a share of China Unicom's 5G core network order alongside Huawei and ZTE, Nokia's Chief Executive Rajeev Suri told Reuters in an interview, citing information published by the telecom operator.
"We are the only foreign supplier in China Unicom for 5G core," Suri said.
Nokia provides a wide range of telecom equipment in the China market but saw its Greater China revenue drop 29% year-on-year in January-March.
China Unicom was not immediately available for comment, but had listed Nokia on its website as the number three winner, behind Huawei and ZTE, for the "2020 China Unicom 5GC Centralized Procurement Project", covering two core network projects.
"It should be about 10% market share in 5G core and about 17% in virtualized IMS," Suri added, referring to virtual IP Multimedia Subsystems, which deliver real-time communication services.
The core network is where the most critical controls are located and the most sensitive information is stored, while the peripheral radio network is typically larger and includes masts, antennas and other passive equipment.
Nokia has been on sidelines for larger China radio orders which often mean taking losses in the early years of a contract.
According to media reports, Nokia did not win any 5G radio contracts from Chinese telecom companies - China Mobile, China Unicom and China Telecom - in recent bidding rounds.
Nokia said it expected to remain a "meaningful player" in China through its wide telecom portfolio even though pursuing 5G radio network market share presents significant profitability challenges.
Suri said, for 5G radio equipment markets, China was a large part of the global market but not so much from a revenue standpoint.
"So people only speak about the volume share being 50, 60 percent. But when it comes to the revenue share, the value share of that market, it's about half that," he added. "And then the profit share in the medium term is actually negligible as part of the global market."
(Reporting by Tarmo Virki, additional reporting by Supantha Mukherjee, Josh Horwitz and Brenda Goh, writing by Anne Kauranen; Editing by Jon Boyle)
While network usage is still above pre-COVID-19 levels, the increases are starting to calm down a bit, according to Comcast and Verizon. In a Wednesday report, Comcast said it was starting to see network traffic plateau in most places, including early work from home markets such as Seattle and California.
For Comcast, which has the biggest residential internet network in the U.S., there has been a 33% increase in upstream traffic since March 1 while downstream traffic is up by 13%. As more people work from home, they're connecting to their work VPNs. Comcast said VPN traffic was holding steady at 39% in Wednesday's report while VoIP and video have increased by 283% since March 1.
Programmable fabrics have been predicted to revolutionise the network space for quite some time now, however we’re now seeing several key drivers that look like making this technology a reality sooner rather than later.
Comcast also noted that downstream peak usage time for its network is now starting between 7 p.m. and 8 p.m. instead of the previous start of 9 p.m. Comcast said the upstream peak was moving from 9 p.m. to between 8 a.m. and 6 p.m. in most cities.
After reaching 50% last month, gaming downloads were up 35% generally and 80% during new release time frames. Comcast has also seen a 35% increase in streaming and web video consumption over the same time frame.
Verizon sees a drop off in some areas
In Wednesday's Verizon Network Report, the telco reported that some categories of usage were starting to decline, with a few even dropping significantly below COVID-19 peak levels. Downloads were down 5% week over week, and have fallen 55% from COVID peak levels. Gaming dropped 10% week over week, and down 45% since its peak during the coronavirus pandemic.
Like Comcast, work from home is driving new application usage growth for Verizon. Use of Verizon's collaboration tools and VPN usage have increased by 4% from last week to this week, but are up by a whopping 1194% when compared to a typical pre-COVID day.
VPN usage was up 3% week over week, which Verizon said was an indication that working from home, distance learning and virtual gatherings were still trending up in popularity.
Streaming usage increased 4% week over week and was up 37% when compared to a typical non-COVID-19 day.
As some states start to ease back on stay-at-home restrictions, Verizon said that mobile hand-offs were starting to return to pre-COVID levels in some areas, including the Carolinas, Tennessee, Georgia and Alabama. On the other hand, the areas hardest hit by coronavirus pandemic, including upstate New York, metro New York and New England, are seeing major declines in mobile hand-offs.
(Root-cause analysis is one of the features least supported by network troubleshooting tools, according to Enterprise Management Associates’ recent research Network Management Megatrends 2020, that surveyed 350 network-management professionals about these tools. This article by EMA Vice President of Research Networking Shamus McGillicuddy discusses this finding and recommends how management pros should evaluate this feature. A recording of a webinar covering the research is here.)
Troubleshooting is perhaps the most vital responsibility of a network operations team. When IT services are interrupted or degraded, engineers and admins race to diagnose and remediate the problem. Every minute counts, because transactions, employee productivity, and customer satisfaction all suffer while the network team is doing this work.
Given the stakes, network management tools must have well-defined workflows and technical functionality to support the troubleshooting process. Unfortunately, many tools are letting network managers down.
Root-cause analysis (RCA)is the critical aspect of network troubleshooting. Network engineers must form a theory of the problem and test that theory. Only after they have confirmed their theory of the problem can they move forward confidently with a solution.
Over the years, network managers have told EMA that RCA is one of the most time-consuming aspects of their job. Given that network-management tools are clearly failing to support this task, engineers and admins must perform complex calculations themselves. The tools often present dashboards with vast arrays of alerts and time-series graphs that show patterns and indicators of a possible problem, but no clear definition of the nature of the problem. As a result, IT pros have to infer the root cause by looking for patterns of cause and effect. This is no easy tasks, especially given that network managers said that 42.7% of the alerts produced by their tools are false alarms, not indicative of an actionable problem.
Problem isolation and identification is the other least supported troubleshooting task. Before network managers can theorize a root cause, they need to find the problem, so they spend their days looking at their tools, which display red and yellow alerts and charts that reveal mysterious spikes and dips and traffic and device metrics. Engineers have to sift through this information and figure out which data are tied to an actual problem. Trouble tickets may offer clues, but isolating the source of a problem is not easy.
A better toolset
In conversations with network-management vendors, I see signs that help is on the way. Tool developers are working to define better workflows for troubleshooting. This has not always been the case, as an engineer who procures and implements network management tools for a large North American government agency once told me: “I see vendors who do not quite understand or research how the product is going to be used, whether it will be an engineering tool or an operations tool. [They fail to ask] how do I make this product fit into a workflow?”
Some of my confidential conversations with vendors have shifted toward a focus on problem isolation and RCA. These conversations are about specific workflows to support the process, but also about presenting data in a new way that makes it easier to find and work with essential information. Ease of use is a term they often use. When vendors talk about it, they are usually referring to making their tools useful to tier-1 admins, not just the elite engineers who are the last line of defense during a fire drill.
AIOps is also starting to deliver results. Many commercial network-management vendors are adding new features that use machine learning and big-data technology to make their tools smarter. Rather than present data, they offer natural language explanations of a problem, possible root causes and recommended fixes.
These AIOps features are still maturing, and not every vendor offers them, but there is progress. The question is whether IT organizations will be willing to pay for them. Vendors are investing a lot of resources into this technology, and many of them are asking themselves, “Is this going to be worth it?”
Some vendor might see AIOps as a competitive differentiator that can help them earn new business so they don’t charge extra for it. Others charge a premium for AIOps products and services that enrich the core tool. Network managers need to ask themselves whether a tool that is better at solving complex problems is worth paying for. Afterall, these tools will deliver tremendous business benefits, from better end-user experience to improved IT productivity.
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Nearly two-thirds say disruptions were at least moderate in severity, and more have seen VPN connectivity issues as employees work from home.
The global shift to remote work has caused a level of network disruption in 86% of companies, a new study shows. Of the organizations surveyed, 41% said they experienced moderate disruptions to network security practices, 23% saw major disruptions, and 22% said disruptions were minimal.
These findings come from the Neustar International Security Council, which today published its latest bimonthly International Cyber Benchmarks index. For its March survey, researchers polled 303 professionals who hold senior IT and security positions within their organizations. Their goal was to learn the current state of cybersecurity across the United States and EMEA.
March brought a Cyber Benchmarks Index of 33.1, "maintaining the upward trend and a more significant spike than is typical," researchers wrote in their report. The January 2020 index was 29.8, November 2019 was 28.2, and September 2019 was 26.9. Results indicate an increasing upward trend and higher-than-average responses over the past 17 months.
The threat of attack across all vectors has increased across the board – some as much as 10% or more, says Michael Kaczmarek, vice president of product for Neustar's security business. Given the change in how companies need to do business now, such as an increase in remote work and lack of resources to support it, they said they view the threat of attack as much higher.
"We have noticed a shift in the cyberthreats companies are most concerned about," Kaczmarek points out. "More companies are focused on securing the tools that are needed to keep their workforce productive and conducting business." The shift is intended to protect people off the corporate network, which has become a priority as home networks often aren't as secure.
Data shows most companies were prepared for an incident like the coronavirus pandemic: Nearly three-quarters (71%) had a business plan in place to protect their networks in case of a major unplanned or extended event. Less than 30% were caught off-guard by COVID-19. Still, preparedness doesn't mean things will go smoothly, especially if organizations don't know exactly what they're in for. The pandemic has redefined how companies approach business continuity, Kaczmarek explains.
"Most business continuity plans addressed impacts by relocating critical workers to other facilities or failing over to other manned sites," he says. "Very few plans took into account the need for the entire workforce to work remotely." Now capacity plans are being rewritten on the fly, collaboration tools are being bought and tested live, and processes are being reworked.
The sudden and massive transition to remote work led to interruptions in network security business practices for most companies. A moderate disruption, which 41% of respondents said they experienced, could lead to productivity loss for a few reasons, Kaczmarek says. These include impacts to scheduled maintenances to push updates or features, lack of licenses or systems needed to access corporate resources, or delays in the installation of collaboration software.
Kaczmarek notes many businesses' resources were already stretch thin, and teams had to prioritize what was important when working with others in an office. Now those resources may have less visibility into business threats because not all the displays are available to them remotely, making it even more difficult to work together in a remote environment.
A major disruption, as experienced in 23% of organizations, could interrupt processes for the following reasons: impact to maintenance schedules to push critical updates, both internally and for customers; lead time for delivery of logical capacity and physical systems to meet business demands; failure of VPN services to support the minimum amount of people needed to continue operations during shelter-in-place; failure of a business continuity plan for mission-critical workers; and/or major outages of third-party providers to deliver essential tools.
VPN connectivity also brought challenges. Only 22% of corporate VPNs handled the shift to remote work "perfectly," with no issues at all, researchers found. More than 60% saw "minor connectivity issues" but said VPNs have fared well overall, 14% said results have been spotty, and only 3% said major VPN issues have occurred amid the transition to remote work.
Researchers asked about businesses' concern for different types of cybercrime and learned distributed denial-of-service (DDoS) attacks are perceived as the greatest threat among 23% of respondents, followed by system compromise (22%), ransomware (18%), and threats to intellectual property (16%). Attitudes toward attack vectors have shifted as well. Social engineering emails are most likely to be seen as a growing threat, 61% of professionals said, followed by DDoS (59%), ransomware (58%), targeted hacking (58%), generalized phishing (56%), and IP address hacking (50%).
When asked about their ability to respond to threats, respondents said they focused most on improving their response to targeted hacking (54%). Slightly less (53%) have worked on addressing vendor or customer impersonation; the same amount improved ransomware response. DDoS, spear-phishing, and IP address hacking are other areas of improvement.
"Considering the change in how the world has to conduct work, knowing that your resources are depleted and there stands to be a potential inability to provide continued focus on critical services, this has opened the door for bad actors to look for areas of weakness by either targeting less protected infrastructure/services or conducting impersonation attacks in an attempt to gain an advantage," Kaczmarek says.
Related Content:
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
Frequent hand washing has become the new zeitgeist. But cybersecurity hygiene might still be the longer term concern. The Defense Department has not one but three cyber hygiene initiatives. But they’re incomplete and no one is reporting what’s going on. That’s according to research by the director of defense capabilities and management issues at the Government Accountability Office, Joe Kirshbaum. He joinedFederal Drive with Tom Temin to explain.
Tom Temin: Joe, good to have you back.
Joe Kirshbaum: Good morning, Tom.
Tom Temin: So you looked at the cyber hygiene efforts at the Defense Department. And just to clarify, these are not cybersecurity efforts by the network operations and the CIO staff, but this is what they want their people to do to keep bad things from coming in. Correct?
Joe Kirshbaum: Correct. And your your analogy about hygiene hand washing is very apt. One of the things that we found right off the bat was even though DoD leadership used that term hygiene, there was an incomplete understanding of what it meant, but the analogy is actually spot on because there are hundreds and hundreds of technical practices, individual practices, cybersecurity efforts that need to be done. But the effort to convince people to do those things to make sure they’ve been done, and find out how well they’ve been done. That’s the hygiene portion. It’s just like we’re all practicing right now to prevent further spread of pandemics. So that’s what we were concentrate on those efforts, those cultural efforts that department needs to do and how well they are doing those and tracking them.
Tom Temin: And just briefly describe the three lines of effort they do have going.
Joe Kirshbaum: So three lines of effort that we followed, stemmed from the one of the last major cyber strategies that the Department of Defense put out in 2015. They followed up with a number of things, one of which was called the defense to cybersecurity culture and compliance initiative. This one’s important because it gets at one of the key facets of cybersecurity that we’ve found over the years and that is that yes, it is true, cybersecurity is undeniably a technical problem and technical issue, but it is not just for technical experts to solve, it is everyone’s responsibility. So that’s where the culture comes in. So DoD set up this culture and compliance initiative that set forth 11 overall tasks that everyone’s supposed to do. We also looked at something similar that was called the cyber discipline plan. Once again, it’s focused on how to view the defense culture with cybersecurity, get the right people doing the right things at the right time. And then the last one, of course, was kind of a yearly routine, the cyber awareness training that everyone in the department is supposed to perform.
Tom Temin: And when you look at these programs, you found that the 17 tasks in one the 11 tasks and the other were not completed or nobody was tracking them. Correct?
Joe Kirshbaum: Correct. And I think it’s important to note that in many of the cases, when we’re looking at things that were not fully tracked, when we dug deeper, we found instances where they were being done. So I’m not suggesting that we found like an absolute hole in cybersecurity. That’s not necessarily the case. What We did find was incomplete understanding of the extent to where some of these things are done. And some of these are basic cybersecurity practices, making sure you’ve got the principles throughout the department imputing all the training at the right levels, making sure you’re following through with who’s supposed to be doing that training. And you know, when they’ve done it, and when they have it. Those are the things that are important to make sure that cyber hygiene is much better than it has been. And they’re also key to making sure that the leadership of the department knows where the risks might be.
Tom Temin: And I guess this is particularly important in view of the fact that there’s so much turnover every year at DoD I mean, they get in 10s of thousands of new recruits. And presumably once they’re past basic training, they will have access to some DoD system to interact on, even if only for their personal lives, but still official business. So they really need to keep up that training because so many people are coming and going every year.
Joe Kirshbaum: Absolutely. And it’s even more important at this particular moment when the department is rapidly expanding their capabilities to do telework, which they have not done before. I mean, they have the resources to do that in the short term. But hopefully they’re doing it not just with the view to improving efficiency of their remote computing capability, but they’re also doing it with cybersecurity in mind.
Tom Temin: What were your principal recommendations here then?
Joe Kirshbaum: So one of the things we recommended was that the follow through on these initiatives be carried forward. In other words, we want the department to take the initiatives that they develop, which are frankly very good they achieve what you want them to achieve, that is making sure the culture is improved. And we want them to follow through on those things, to track the things that need to be tracked and to make sure that the department’s leadership is aware of those things and the status of those things so they can make those risks. management decisions. So those were our principal recommendations.
Tom Temin: And the response from DoD?
Joe Kirshbaum: We got a mixed response from DoD. They obviously agree with the importance of cybersecurity. That’s without question. One of the things they disagreed with was the extent to which they needed to follow up on some of these things, because they may be overcome by events, or there may be new strategies to follow. It is true that there may be things that are overcome by events, but by and large, most of what we found in these initiatives was still relevant or should be still relevant or needs to be assessed if they’re still relevant. And as I said before, a lot of these are their basic cybersecurity practices. They’re enduring, they’re not going to go away. So there’s still relevance in what DoD found. And one of the other things we’re concerned about is you talked about the turnover for personnel that affects the leadership as well. What’ll happen is you’ll get a series of initiatives that are aimed at a certain number of really good goals, and then they’ll chug along for a few years of implementation at then that leader will get replaced. And suddenly that initiative receives much less attention in favor of a new initiative that either overlaps, doesn’t fully replace, or is otherwise downgraded in relevance. So what you end up leaving is you end up leaving momentum that you’ve already built. So we’re trying to make sure that they’re focusing on maintain that momentum through to their vision they want to achieve.
Tom Temin: And sometimes it looks like the tasks that they have given themselves under these initiatives seem almost like something you could check off on a box but not actually affect cybersecurity. I’m looking at one for example, combatant commanders, service chiefs agency and DoD component heads will take appropriate actions to incorporate the DC3I principles into all levels of training. And that sounds like a really kind of bureaucratic exercise and it’s hard to tell and it’s one you notice that it’s not fully implemented. When it’s done, there’s a change the cybersecurity posture at all of DoD, seems hard to measure also.
Joe Kirshbaum: It is. I would agree with that. 100%. And that’s one of the reasons we would find that not only tracking implementation because some of these are almost like compliance drills, you’re supposed to do x, have you done x, check that off. Some of these are are enduring, or they’re there. What’s the phrase, “they’re a journey, not a destination.” So one of the things that makes it so important that they track these things is not just to understand where the department is in implementation, but also that assessment side, making sure that what they’ve ended up doing to meet whatever recommendation they’ve made whatever task is ensuring that that action actually affects the original intent. So your ideas, you’re constantly assessing whether or not where you are is where you want to be.
Tom Temin: Yes, because you could put something in training or something in a service chiefs responsibilities, but if you still get 10,000 people a day clicking on a phishing email, then you haven’t really done much?
Joe Kirshbaum: Absolutely. That’s absolutely right.
Tom Temin: Joe Kirschbaum is director of Defense Capabilities and Management Issues at the Government Accountability Office. Thanks so much.
Press Release From: Space Foundation
Posted: Wednesday, April 29, 2020
COLORADO SPRINGS, Colo. (April 29, 2020) — Space Foundation Chief Operating Officer Shelli Brunswick has been selected as one of 25 women from around the world to be part of theSpace4Women Mentor Network, a program of the United Nations Office for Outer Space Affairs that promotes gender equality and gender empowerment in the space sector. Role models within the Space4Women Mentor Network are space industry leaders and sector professionals with notable accomplishments that distinguish them among the global space community.
Together, these role models support women and girls around the world, and share their expertise, knowledge, and experiences to build an environment where women and girls can take their place as active and equal participants in space science, technology, innovation and exploration efforts. As global role models, each of the Space4Women Mentors is charged to raise awareness, offer inspiration and advocate for women and girls through their personal stories, and through coaching and sponsorship of women in space.
“I am deeply honored to serve as a Space4Women Network Mentor," said Brunswick. “The future of the space economy is about creating partnerships and building capacity and by working together with like-minded advocates and mentors in government, business, education, the military and the space community, we can make a world-changing difference in the lives of women and the next generation of space contributors. The space community presents extraordinary opportunities for women that span all aspects of life and I cannot wait to work with my fellow mentors to further our impact. Space touches every citizen, community and country around the globe. I am humbled and excited by the opportunity to help mentor a new generation of talent and difference makers.”
Ms. Brunswick will be joining other Space4Women Mentors on “The First #Space4Women Show,” on Saturday, May 2, at 9:00 a.m. (MT). This is the first of a series of programs that will connect mentors and mentees from around the world in sharing experiences and discussing strategies to advance women and girls in space activities. The subject for this Saturday’s program is, “What Can Space Do for Women?” Interested persons can participate via Zoom athttps://lnkd.in/dPdKxtC.
About Brunswick
As Space Foundation Chief Operating Officer, Brunswick serves as a corporate officer, and is responsible for Space Foundation operations, facilities, processes and personnel. Functions reporting to her include education, development/philanthropy, marketing and communications, operations, human resources and administration, customer service, information technology, facilities, maintenance, security and assurance. She has primary responsibility for Space Foundation headquarters, the Space Foundation Discovery Center, operational management of the annual Space Symposium and the Faga Forum on Space Intelligence. She also oversees government affairs activities in the Washington, D.C., office including relationships with government agencies, other space advocacy organizations and associations and corporate interests.
Brunswick joined the Space Foundation in 2015 after a distinguished career as an acquisition and program management professional for the United States Air Force, and finished her career as a key leader within the Air Force Congressional Liaison office working both within the Pentagon and on Capitol Hill. She was Defense Acquisition Workforce Improvement Act (DAWIA) certified in Program Management Level III, Financial Manager Level II, and a certified Space Professional Level III by the United States Air Force Space Professional Functional Authority.
From 2016-2019, Ms. Brunswick served as the Chair of Women in Aerospace (WIA), one of the most renowned professional organizations dedicated to the advancement and opportunities of women in the public, private and research sectors of this core international discipline. Currently, she serves as the Chair of the WIA Foundation which is dedicated to increasing the leadership capabilities and visibility of women in the aerospace community. Also, she serves on the board of directors for Manufacturer’s Edge, strengthening the competitiveness of manufacturers through coaching, training, and collaboration-focused industry programs, and by leveraging government, university, and economic development partnerships. Previously, she was a member of the Colorado Springs Chamber of Commerce Military Affairs Council and the National Defense Industrial Association (NDIA) Rocky Mountain Chapter.
Brunswick graduated summa cum laude from the University of Southern Colorado with a bachelor’s degree in business administration, and earned a master’s degree in business administration from the University of Phoenix. She is a Certified Project Management Professional through Project Management Institute, and was a Professor of Acquisition Management at Defense Acquisition University..
About Space4Women
Space4Women is a project of the United Nations Office for Outer Space Affairs (UNOOSA) to promote women's empowerment in space. Space4Women encourages women and girls to pursue science, technology, engineering, and mathematics (STEM) education and raises awareness about career opportunities and the importance of gender equality and empowerment in the space sector. Learn more by visitingspace4women.unoosa.org/.
About Space Foundation
Founded in 1983, Space Foundation is a 501(c)(3) nonprofit and the world’s premier organization to inspire, educate, connect, and advocate on behalf of the global space community. It is a leader in space awareness activities, educational programs, and major industry events, including the annual Space Symposium. Space Foundation headquarters is in Colorado Springs, Colo., USA, and has a public Discovery Center, including El Pomar Space Gallery, Northrop Grumman Science Center featuring Science On a Sphere®, and the Lockheed Martin Space Education Center. Space Foundation has a Washington, D.C., office, as well as field representatives in Houston and on the Florida Space Coast. It publishes The Space Report: The Authoritative Guide to Global Space Activity,and through its Space Certification™and Space Technology Hall of Fame®programs, recognizes space-based innovations that have been adapted to improve life on Earth. Visit both websites —www.SpaceFoundation.organdDiscoverSpace.org— and follow us onFacebook,Twitter,Instagram,LinkedIn,andYouTube.
# # #
Space Foundation contact:
Carol Hively,Director - Public Relations & Team Communications
