Personally I do see some positives, but I see more downsides….what say you?
The Department of Defense announced today that it will invite vetted hackers to test the department’s cybersecurity under a unique pilot program. The “Hack the Pentagon” initiative is the first cyber bug bounty program in the history of the federal government.
Under the pilot program, the department will use commercial sector crowdsourcing to allow qualified participants to conduct vulnerability identification and analysis on the department’s public webpages. The bug bounty program is modeled after similar competitions conducted by some of the nation’s biggest companies to improve the security and delivery of networks, products, and digital services. The pilot marks the first in a series of programs designed to test and find vulnerabilities in the department’s applications, websites, and networks.
Participants in the bug bounty will be required to register and submit to a background check prior to any involvement with the pilot program. Once vetted, these hackers will participate in a controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system. Other networks, including the department’s critical, mission-facing systems will not be part of the bug bounty pilot program. Participants in the competition could be eligible for monetary awards and other recognition.
This innovative project is a demonstration of Secretary Carter’s continued commitment to drive the Pentagon to identify new ways to improve the department’s security measures as our interests in cyberspace evolve.
Pentagon to Establish Defense Innovation Advisory Board
WASHINGTON, March 2, 2016 — In an effort to enhance the Defense Department’s culture, organization and processes by tapping innovators from the private sector in Silicon Valley and beyond, Defense Secretary Ash Carter announced plans today to establish a Defense Innovation Advisory Board, Pentagon Press Secretary Peter Cook said.
The initiative represents the secretary’s enduring commitment to building lasting partnerships between the public and private sectors, Cook said in a statement.
“Just as the Defense Business Board provides advice to the department on best business practices from the private sector, the Defense Innovation Advisory Board will provide advice on the best and latest practices in innovation that the department can emulate,” Cook added.
The board’s mandate is to provide department leaders independent advice on innovative and adaptive means to address future organizational and cultural challenges, the press secretary said, including the use of technology alternatives, streamlined project management processes and approaches — all with the goal of identifying quick solutions to DoD problems.
Areas Deeply Familiar in Silicon Valley
The board will seek to advise the department on areas that are deeply familiar to Silicon Valley companies, such as rapid prototyping, iterative product development, complex data analysis in business decision making, the use of mobile and cloud applications, and organizational information sharing, Cook said, and will not engage in discussion of military operations or strategy.
Alphabet Executive Chairman Eric Schmidt will chair the board, which will be composed of up to 12 people who have successfully led large private and public organizations and excelled at identifying and adopting new technology concepts, Cook said.
Carter and Schmidt will jointly select the board, Cook said. “Members will represent a cross-section of America’s most innovative industries, drawing on technical and management expertise from Silicon Valley and beyond,” he added.
As chairman of Alphabet and as the author of “How Google Works,” Schmidt has a unique perspective on the latest practices in harnessing and encouraging innovation and in the importance of technology in driving organizational behavior and business operations, Cook said.
**** Background
US spy chief James Clapper highlights cyber threats
BBC: US intelligence agencies have placed cyber attacks from foreign governments and criminals at the top of their list of threats to the country.
Online assaults would increasingly undermine US economic competitiveness and national security, said Director of National Intelligence James Clapper.
A report issued by his office said Russia’s military was setting up a cyber command to carry out attacks.
The report also describes China, Iran and North Korea as leading threats.
In testimony to a congressional committee on Thursday, Mr Clapper said he no longer believed the US faced “cyber Armageddon”.
The idea that major infrastructure such as financial networks or power grids could be disabled by hackers now looked less probable, he said.
However he warned: “We foresee an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
Mr Clapper highlighted the case of Russia, which he said posed the greatest a cyber risk to US interests. He said that threat from the Russian government was “more severe” than previously realised.
He also said profit-minded criminals and ideologically driven hackers were also increasingly active.
Over the past year there have been a series of high-profile cyber attacks against US targets.
North Korea was accused of being behind the theft of a huge data cache from Sony Pictures in November.
Mr Clapper also mentioned the example of an alleged Iranian attack on the Las Vegas Sands Casino Corporation last year.
Meanwhile in January the Twitter and YouTube accounts of the US military command were hacked by a group claiming to back Islamic State (IS).
During the hearing, Mr Clapper acknowledged that the US had its own “offensive capabilities”.
In 2010 Iran experienced a cyber attack on its nuclear program. Tehran accused Israel and the US of planting malware.