This 2019 report is in response to the request of the Secretary of the Navy to conduct an independent Cybersecurity Readiness Review following the loss of significant amounts of Department of the Navy data. Attached are the findings of that review along with specific recommendations for your consideration as you determine the way ahead for the nation's Navy. The review examined cybersecurity at the governance layer and identified five critical pillars key to cybersecurity readiness: culture, people, structure, processes, and resources. The team interviewed dozens of senior military leaders as well as Chief Executive Officers, Chief Operating Officers, Chief Information Officers, and Chief Information Security Officers from several Fortune 500 companies with deep experience in implementing successful cybersecurity measures following significant incidents of their own. We identified best-practices in both government and private sector organizations who are demonstrating success in contending with cyber threats.This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community. Scope and Methodology * Chapter 1: Introduction * Economic Security, National Security, and Cybersecurity * The Eroded Military Advantage * The Department Today * DIB Observations and Vulnerabilities * What Follows * Chapter 2: Culture * The Role of Culture as a Governance Tool to Achieve Cybersecurity * Culture Best Practices * State of Today's Naval Service Culture * Culture Recommendations * Chapter 3: People * The Role of People as a Governance Tool to Achieve Cybersecurity Resiliency * People Best Practices * State of Today's Naval Service People * People Recommendations * Chapter 4: Structure * Role of Structure as a Governance Tool to Achieve Cybersecurity Resiliency * Structure Best Practices * State of Today's Naval Service Structure * Structure Recommendations * Chapter 5: Process * The Role of Process as a Governance Tool to Achieve Cybersecurity Resiliency * Process Best Practices * State of Today's Naval Service Process * Process Recommendations * Chapter 6: Resources * Resources Best Practices * State of Today's Naval Service Resources * Resources Recommendations * Final ThoughtsIn time, this era's opponent will overmatch our nation in manpower, industrial capacity, intellectual capital, and eventually financial resources. We, not they, stand to become the near-peer. Given this relative erosion of US dominance over time, every differentiating idea or intellectual product gained or lost is material. More importantly, in the years to follow, it will have compounding effects in advantage or disadvantage. That reality demands every bit of relevant intellectual property (IP) must be defended, but the relevant IP to be protected must expand beyond what we now protect, to that which our rivals want.The failure to protect Navy and Marine Corps information systems and IP is an existential threat to their existence. To the extent the Department of the Navy (DON) assesses its performance in this realm, it judges itself against and ahead of the private sector and its sister services. We do not believe either to be true. The DON should be assessing itself against the best of the private sector and its global rivals. We find the DON preparing to win some future kinetic battle, while it is losing the current global, counter-force, counter-value, cyber war. Knowing and acting on that new reality is essential for the DON. The Secretary of the Navy was correct to question if the current cybersecurity governance structure was optimally focused, organized, and resourced. We find it is not. What follows are best practices and solutions that can put the DON on the right path. Getting this right and underway can only be done by those who govern the Navy and Marine Corps.

The review examined cybersecurity at the governance layer and identified five critical pillars key to cybersecurity readiness: culture, people, structure, processes, and resources. The task was to examine the Department of the Navy (DON) current cyberspace governance structures to assess if they are optimally focused, organized, and resourced to prevent or mitigate future incidents. The team was specifically directed to examine the DON cybersecurity posture as well as the organizational and industrial environments in which previous events occurred. Finally, the review team was charged with investigating end-to-end cybersecurity processes to assess the alignment of authority, accountability, and responsibility within the DON. To fully understand the current cybersecurity posture, this review examined the shift of national defense strategy, to include past and present information strategies, cyber strategies, cyber policies, and guidance across all elements of the government that has occurred since the 2017 National Security Strategy and 2018 National Defense Strategy’s acknowledged return to global peer rivalry.

In order to conduct operations successfully and defend its capabilities against all warfighting domains, many have warned the Department of Defense (DoD) of the severity of the cyber threat and called for greater attention to defending against potential cyber attacks. For several years, many within and outside DoD have called for even greater attention to addressing threats to cyberspace. At the request of the Chief of Naval Operations, the National Research Council appointed an expert committee to review the U.S. Navy's cyber defense capabilities. The Department of the Navy has determined that the final report prepared by the committee is classified in its entirety under Executive Order 13526 and therefore cannot be made available to the public. A Review of U.S. Navy Cyber Defense Capabilities is the abbreviated report and provides background information on the full report and the committee that prepared it.

As industries are rapidly being digitalized and information is being more heavily stored and transmitted online, the security of information has become a top priority in securing the use of online networks as a safe and effective platform. With the vast and diverse potential of artificial intelligence (AI) applications, it has become easier than ever to identify cyber vulnerabilities, potential threats, and the identification of solutions to these unique problems. The latest tools and technologies for AI applications have untapped potential that conventional systems and human security systems cannot meet, leading AI to be a frontrunner in the fight against malware, cyber-attacks, and various security issues. However, even with the tremendous progress AI has made within the sphere of security, it’s important to understand the impacts, implications, and critical issues and challenges of AI applications along with the many benefits and emerging trends in this essential field of security-based research. Research Anthology on Artificial Intelligence Applications in Security seeks to address the fundamental advancements and technologies being used in AI applications for the security of digital data and information. The included chapters cover a wide range of topics related to AI in security stemming from the development and design of these applications, the latest tools and technologies, as well as the utilization of AI and what challenges and impacts have been discovered along the way. This resource work is a critical exploration of the latest research on security and an overview of how AI has impacted the field and will continue to advance as an essential tool for security, safety, and privacy online. This book is ideally intended for cyber security analysts, computer engineers, IT specialists, practitioners, stakeholders, researchers, academicians, and students interested in AI applications in the realm of security research.

The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response. Halting this digital aggression will require Americans to undertake sweeping changes in how we educate, organize and protect ourselves and to ask difficult questions about how vulnerable our largest technology giants are. If we are waiting for a “Cyber 9/11” or a “Cyber Pearl Harbor,” we are misunderstanding how our adversaries wage cyber warfare. This is a timely and critically important book. No other book has analyzed the threat of cyber warfare with the depth and knowledge brought to the subject by the authors. It has now become a cliché to argue that a “whole of government” or “whole of society” response is necessary to respond to this crisis, but that concept has never been more important. It will take many years and billions of dollars to even begin to secure our IT systems and prevent the slow rot that is destroying America. Using language that the layman can understand, we wish to educate Americans about what has happened and inspire them to seek solutions.

Written by award-winning CQ Researcher journalists, this collection of non-partisan reports offers an in-depth examination of today’s most pressing global issues. With reports ranging from preparation for global pandemics, protest movements around the world, and environmental degradation, the 2021 Edition of Global Issues promotes in-depth discussion, facilitates further research, and helps readers formulate their own positions on crucial global issues. And because it’s CQ Researcher, the reports are expertly researched and written, presenting readers with all sides of an issue. Key Features Chapters follow a consistent organization, beginning with a summary of the issue, then exploring a number of key questions around the issue, next offering background to put the issue into current context, and concluding with a look ahead. A pro/con debate box in every chapter offers readers the opportunity to critically analyze and discuss the issues by exploring a debate between two experts in the field. All issues include a chronology, a bibliography, photos, charts, and figures to offer readers a more complete picture of the issue at hand.

he first overview of US NC3 since the 1980s, Nuclear Command, Control, and Communications explores the current NC3 system and its vital role in ensuring effective deterrence, contemporary challenges posed by cyber threats, new weapons technologies, and the need to modernize the United States’ Cold War–era system of systems.