Justin Henry, a senior pursuing a Bachelor of Science in Cyber Operations in the School of Computer and Cyber Sciences, loves looking at the big picture when it comes to cybersecurity.

Henry, an Augusta native, enrolled at Augusta University in 2018, following his service in the U.S. Marine Corps. He was first intrigued by the field of cyber operations, thanks to his fellow Marines showing him the ropes of what they did during their service.

While Augusta University didnt have a cyber operations program when he initially enrolled since it wasnt created until 2019, Henry started his time at Augusta University as a computer science major.

With my security background, Ive definitely been interested in the whole picture, he said.

To Henry, cyber operations is the best of both worlds of computer science and cybersecurity. Contrary to popular belief, computer science and cybersecurity are two different disciplines. The cyber operations degree program blends both disciplines into one program. Thats what Henry loves the most about it.

With computer science, the focus is what can I make a computer do? When it comes to cybersecurity, the focus is what can I make a network do? said Henry. Cyber operations is a perfect blend of both disciplines.

October is Cybersecurity Awareness Month, and the theme this year is Do Your Part. #BeCyberSmart. The 2021 theme is meant to empower individuals and organizations to own their role in protecting their part of cyberspace.

To be cyber smart this month and beyond Henry advises to never assume a website youre on is safe. Always approach a website with a bit of skepticism.

Back in 2004, the National Cyber Security Alliance and the U.S. Department of Homeland Security launched National Cybersecurity Awareness Month in an effort to help all Americans become more secure online.

As we get more and more connected to the internet, this field is only going to become more relevant, Henry said. Its not going away at all, probably ever.

Henry is working with Dr. Hoda Maleki on a medical information research project this semester. The researchers are analyzing how to facilitate the sharing of medical information with providers who need it, while simultaneously coming up with a way to identify if there is a breach in the system. Maleki said she appreciates how Henry fully invests himself into his work.

Justin consistently meets and often exceeds my expectations for him, said Maleki. He invests himself in the work, which resulted in significant progress on our research.

In his spare time outside of school, Henry loves to spend time with his family.

While Henry has put his name out there for some job opportunities, he said life post-graduation is likely going to include going back to school. Down the road, he is interested in a masters program, if not a doctorate as well likely at Augusta University.

LikeLoveHahaWowSadAngry

11

See the original post here:
Cybersecurity Awareness Month: Soon-to-be grad loves the 'whole picture' of cyber operations - Jagwire Augusta

Honeywell's cloud-connected Anthem cockpit system offers "always on" connectivity and a smart-phone ... [+] like user interface.

Honeywell Aerospace is touting the benefits of its new Anthem flight deck system, an always-on cloud connectivity platform that it claims will improve flight efficiency, operations, safety and comfort. But whether connecting the cockpit of a bizjet or Urban Air Mobility vehicle to the internet 24/7 provides sufficient benefit to outweigh its risk is a daunting question.

The cabins of modern business jets already connect to the internet via the cloud on a routine basis. But with their relatively newfound ability to interact with the cloud/internet for extended windows, bringing busy VIPs live-streaming or videoconference calls, has come the recognition that such convenience comes with vulnerability.

In fact the International Civil Aviation Organization designated 2020/2021 as the Year of Security Culture, calling for a cybersecurity action plan for all sectors of aviation (including business and air transport) in response to the many cyber threats.

These have arisen in a post-pandemic environment in which highly placed or high net-worth individuals are spending more time aboard corporate/private business aircraft to bypass the risks and individual liberty-inhibiting hassles of commercial air travel.

Combining the connectivity-enhanced properties of aircraft cabins with the more highly prized information of the individuals and enterprises which travel in them sets the motivational table for data breaches and other cyber malfeasance.

With Anthem, it could be argued that Honeywell is inadvertently setting another place at the table for unauthorized access to flight deck information, despite its best intentions.

Making Pilots Lives Easier All The Time

Honeywell says its Anthem cloud connected flight deck system will make life easier for pilots like ... [+] this pair striding from a Bombardier Challenger 350.

Vipul Gupta, vice president and general manager of avionics for Honeywell, is keen to stress that Anthem is the first comprehensive cloud-connected cockpit system on the market.

There are lots of [aircraft] systems which can connect to the cloud, he says. What were trying to drive differently with Anthem is being always connected, not just when youre on the ramp Its always connected and architected in a way to provide that capability in the future.

The near to mid-term future is key for Honeywell, eager to regain market share from Garmin International, which has come to dominate the general aviation and increasingly business aviation avionics markets in the past couple decades. Those old enough to remember when a Bendix/King avionics panel was the gold standard (Bendix/King is now a Honeywell brand) will understand the primacy to which the company would like to return.

Anthems always-connected quality and user friendliness theoretically pave a way for that return. Even when an aircraft so-equipped sits on a patch of tarmac, powered down, cold and dark, Honeywells Integrated Network Server Unit (INSU) is running on battery power, keeping the cloud connection active.

The INSU connects the Anthem flight deck to internet via WiFi or 4G LTE cellular connections on the ground. In the air it connects through high-speed Ka/Ku band satellite links.

In so doing, Anthem doesnt just bring internet into the forward display stack Gupta says. It provides unprecedented ease of access to information, including third-party applications, to the flight crew at any point in a mission.

When we say we have an always on cloud connected avionics or flight deck suite, it ultimately has a purpose of reducing pilot workload. It will make pilots lives easier and everyone associated with that flight, maintenance technicians, operations directors, Gupta affirms.

Anthems touch-and-swipe interface plays its part in easing information access. Though he admits he loves buttons and knobs, Gupta explains that Honeywell told Anthem developers they could use only the companys flat panel displays when designing the control interfaces for the system. The resulting smartphone-like UI can speed pilot tasks and minimize interruption in-flight, Gupta says.

Gupta relates an example wherein a bizjet flight from Phoenix to London has just reached cruise altitude. The pilot is making some flight plan changes via the instrument panel or a tablet in response to weather variations when air traffic control interrupts that task to warn of traffic with instructions to contact another Traffic Center on a different frequency.

The amount of time which the pilot devotes, from an interruption perspective, is quite high, Gupta maintains.

With Anthem, a pilot could simply type in a new frequency on the smart scratch pad window and then the system will prompt for selection into the correct field (COM1/COM2) while remaining in the flight planning page.

You dont have to go back to the radio tuning page, you dont have to get out of the flight panning page. Gupta says. You just put information into the smart scratch pad and the system will prompt you. Once you put it in the system automatically takes you back to the page you were in.

If this feature saves time and work in-flight, as Honeywell maintains, the savings are marginal. When its pointed out that such a cross-ocean flight would have a pilot and co-pilot, the latter of which typically copies radio traffic and adjusts comms, Gupta acknowledges the small advantage such a feature would yield.

For single-pilot operations it might be different. But autonomy is likely the main point. The companys press release notes that Anthem supports growing levels of aircraft autonomy, leading to complete autonomous capabilities in the future as regulations allow.

Future neutral pilot reviews should tell us if Anthem truly reduces workload or if its value-add is mostly marketing. Whether obviating the need for pilots entirely makes things easier is a conundrum those reviewers may want to take up as well.

In the shorter term, the benefits of its cockpit connectivity may best be seen in terms of remote flight planning, according to Honeywell.

Any Time, Every Time

Remote flight plan loading is a headline Anthem capability. Vipul Gupta asserts that its a precedent-setting feature. The ability to [remotely plan/load] any time, whenever you want, is not there today.

Indeed, the example Gupta gives would be precedent setting.

There is very deep integration with electronic flight bag applications, the capability to complete a flight plan and then upload that flight plan from the hotel room to straight into the airplane.

Honeywell asserts that this remote flight planning/uploading can dramatically reduce pilots preflight preparation time by up to 45 minutes per flight.

However when one considers that the vast majority of business aviation flight plans are known canned routes, the up to 45 minutes claim looks spurious. Gupta concedes the point as well as the fact that spur-of-the-moment flight plans are routinely crafted, sent and approved in 15 minutes or so.

Nevertheless, loading a flight plan while riding the WiFi from the Hilton or Embassy Suites certainly would be a step from transferring critical data like maintenance status and flight plans via wired connections or drives at the airplane. One noted cybersecurity expert we ran it past on background said it would also be a tremendous cyber risk.

That risk appears more pervasive than ever. Earlier this month, the heavily defended Reserve Bank of Australia characterized the possibility of a potentially destabilizing attack on Australias financial system as inevitable. The layered cybersecurity of Volkswagen AG was breached along with three other multinational firms in the same month this summer. Forbes recently reported that the cybercriminal group SnapMC is breaching corporate systems and issuing extortion threats in 30 minutes or less.

Honeywell seems undaunted by the possibility that Anthem could be a conduit to data theft, monitoring or aircraft disruption.

You can always say, no connectivity on the airplane. Thats an easy answer for anyone making a [digital] flight deck today, Gupta asserts. Weve chosen to have full connectivity with the flight deck with the full realization that cybersecurity is the number one concern for us.

As such, the company has created an internal organization which supports cyber security 24/7, Gupta says. Anthem has been designed with zero-trust architecture baked in, Honeywell adds, aligning with NISTs 800-207 cyber standard. It also carries the spirit of this standard within the Anthem gateway for internal communication.

The gateway provides hardware partitioning between avionics and communications. Its a logical, vital safeguard but one clouded by Guptas revelation that the third party applications which Anthem can host arent limited to weather, radar, maintenance or catering apps.

Honeywell is also working with airframers and their partners to provide OEM Autonomy as a capability. Anthem can host aircraft system management apps flaps controllers, battery management systems, fuel computers as software on its processing modules.

Whether such critical hosted applications could be accessed is up for argument as is the efficacy of cyber security in general. Another expert reminded us of a line from the movie Anchorman. Referring to the alluring cologne he uses, Ron Burgundys broadcast cohort, Brian Fantana, says 60% of the time it works every time.

A couple of aviation security insiders were willing to go on record about Anthem. Both contend that such systems are the way of the future and that Honeywells timing is appropriate.

Chris Bartlett, president of CCX Technologies, which makes cybersecurity-focused cabin routers, components, and security plans, cautioned, This new product deserves an immense amount of thought, research, and development around cyber security to ensure it functions in a highly secure way and does not become a vulnerability."

Britton Wanik is VP of marketing with the air-to-ground network provider SmartSky Networks, for which Honeywell is a value-added reseller. He observes that there are many landmines for the kind of remote flight planning examples Honeywell posits. Its a concept that goes back at least 20 years he adds and it does raise concerns.

But those are surmountable problems that can be solved with existing security tools.

Wanik sees a bigger challenge for Anthem security in the airborne environment where the latency and unreliability of connectivity yields an unstable, often unsecure connection to the aircraft. SmartSkys low latency, high bandwidth networks provide a solution, he says.

The human element poses just as much of a challenge. Vipul Guptas affirmation that Everyone who touches a flight is able to get information that matters to them when they need it via Anthem is also a reminder that individuals sometimes have malevolent intentions.

Anthem guards against these with internal processes and no single point of failure with respect to safety-of-flight and other information, Gupta says. His contention that human-enabled exploits are probably less than .01% of the threat might be weighed against a recent report from Verizon VZ which concluded that 85% of cyber security breaches involve the human element.

Theres also a question as to whether interested parties could build an electronic profile (as done in cyber circles) of Anthem-configured aircraft for the purpose of monitoring their movements and electronic activity.

Thanks to the FAA-required Automatic Dependent Surveillance-Broadcast (ADS-B) Out ATC feature, the public can freely see when a general aviation, business or air transport aircraft is airborne, read its altitude, N-number and departure/destination information.

But ADS-B allows GA and business aircraft to opt-out, rendering their tail numbers, origin/destination and flight information unreadable. The option was not lost on Honeywell and is where Anthems always on mantra takes a pause.

Connectivity can always be stopped if [the customer] chooses to do so, Gupta acknowledges. I fully expect that in a business aviation environment protecting the tail number and information on flying from where to where will probably be crucial. In an air transport environment it will be a different story.

Scheduled UAM

The seven-seater Lillium approaches New York City in this artist's rendering. If the scenario ... [+] becomes real, Honeywell's Anthem system may dominate the flight deck.

Air transport is another point of focus for Honeywell which sees Anthem in numerous cockpits of the UAM variety. One of the keys to Anthem seen both by outside observers and within Honeywell is its scalability. Its size, weight and power requirements can be scaled to fit a large bizjet, a GA piston-single, or a small 4-passenger UAM eVTOL aircraft.

Contrary to analysts who see the UAM market emerging as a high-cost, business oriented on-demand transport mode akin to chartered helicopter service, Honeywell sees the segment in scheduled-service airline terms.

Some of the early [UAM] segments which we see coming out are more like air transport operations rather than business aviation, Gupta maintains. Four to five regularly scheduled UAM flights per day between paired destinations exemplify an operational model that Honeywell believes will be a firm market for Anthem.

The company has already stood up a dedicated UAM organization and its work with would-be UAM provider and customer Lillium obviously informs its outlook. Gupta says Honeywell expects Lilliums eVTOL transport to be certified by late 2023 and operational in 2024.

If that comes to pass, Anthem will ride along and the challenges it will have to surmount in the dense RF environment of proposed UAM operations will require balancing the benefits of flight deck connectivity with the risks in an even more thorough-going way.

Read this article:
Honeywells Anthem System Connects The Cockpit To The Cloud For Returns That Come With Risk - Forbes

Google Chrome users are currently at risk of new high-level hacks, as the search engine giant confirmed. Because of this, the tech developer issued a warning to a total of 2.65 billion consumers across the globe, saying that they discovered new malicious campaigns in the browser.

This is the third time that Google has issued a high alert level warning for its Chrome users. The company also published a new blog post that to specify the high-level and medium-level vulnerabilities.

(Photo : Photo credit should read FREDERIC J. BROWN/AFP via Getty Images)This photo taken on January 7, 2010 shows a woman typing on the keyboard of her laptop computer in Beijing. China declared its Internet "open" on January 14 but defended censorship that has prompted Web giant Google to threaten to pull out of the country, sparking a potential new irritant in China-US relations. China employs a vast system of Web censorship dubbed the "Great Firewall of China" that blocks content such as political dissent.

Also Read:Google Chat 'Mark as Unread' Feature Rolls Out To Spaces, Direct Messages | Mobile, Desktop Compatibility and More

The giant tech firm confirmed a total of five severe flaws in its popular Chrome browser:

According to Google's official blog post, the company's security team discovered a total of five high-level browser flaws, eight medium-level vulnerabilities, as well as two low-level issues.

(Photo : Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)A picture taken on October 17, 2016 shows an employee typing on a computer keyboard at the headquarters of Internet security giant Kaspersky in Moscow. (Photo by Kirill KUDRYAVTSEV / AFP) / TO GO WITH AFP STORY BY Thibault MARCHAND

On the other hand,Forbesreported that Chrome was also affected by UAF (Use-After-Free) exploits more than ten times back in September. Aside from this, Google also suffered from a zero-day UAF exploit during that period.

Google is just one of the companies that are currently targeted by cybercriminals. Recently, it was reported thatTwitch hackerstargeted the popular streaming platform for hours.

On the other hand, anSMS routing companywas also hacked. Experts said that the malicious campaign against Syniverse lasted for five years.

Since Chrome users are facing severe browser flaws, Google decided to release a critical update. The new Chrome version 95.0.4638.54 is expected to prevent and fix the mentioned vulnerabilities in the company's popular browser service.

To check the update, you need to visit your Chrome's Settings. After that, go to the Help section and choose the "About Google Chrome" option. More details will be provided once you are there.

For more news updates about Google Chrome and other popular browsing services, always keep your tabs open here at TechTimes.

Related Article:Global YouTube Crypto Livestream Scam Involves 1,000 Malicious Domains | Other Things Google Discovers

This article is owned by TechTimes

Written by:Griffin Davis

2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.

The rest is here:
Billions of Google Chrome Users At Risk of New High-Level Hacks | Here's What You Need To Do - Tech Times

Exhibiting their flagship product Acronis Cyber Protect Cloud at GITEX 2021, Mareva Koulamallah, Head of Marketing and Communication MEA spoke to ITP.net about future trends and the pressing need for online security.

The increased use of the internet, especially during the pandemic, has exposed organisations and individuals to a series of cyber threats. While some organisations have a cybersecurity strategy in place to protect their valuable data, others are still not quite there yet and pretty much lagging behind. GITEX gives us the perfect platform to amplify the conversation about the need for cyber protection. We shall be using this opportunity to educate IT teams on matters around cyber protection while at the same time highlighting our flagship product Acronis Cyber Protect Cloud and we will have a surprise with one of our sports partners too.

Some of the key discussions we are looking forward to exploring at this years GITEX event include conversations with Managed Service Providers (MSP) and Service Providers (SP). We want to understand their needs and how we can help them grow their business while protecting their assets and their customers.

Etisalat in Zabeel Hall 1 they are always at the forefront of innovation and amazing hosts for the latest in technology, as they always bring all sorts of incredible and futuristic prototypes to their booths. This year, we have partnered with Etisalat to bring, for the very first time in the Middle East, a breathtaking innovation that will bring joy to the sporting world and especially the racing fans. Acronis and Etisalat will be co-hosting Airspeeders prototype the first electric manned flying car, in a mission to show how technology and innovation can be used to develop interesting sporting activities for the future.

We were already present for the last few years and are always happy to be able to support the region and GITEX. We definitely see a lot of value in having in-person meetings back. Now, we can still continue with online meetings and events from time to time, as it allows us to manage costs, but any time we will have an opportunity where it is relevant for us to attend, we will. In-person meetings and events allow us to actively engage with our core audience. This way we are able to get instant feedback about our products and services. These insights, in turn, help us make our products and services better, as well as improve our customer experience.

We launched our solution around the beginning of the pandemic, in order to respond to an accrued critical need around the right cyber protection solution and an easily deployable tool that can be integrated to existing systems and used remotely with multiple teams. Due to the dynamic nature of consumer needs and preferences, we are constantly making upgrades to the tool. These upgrades are largely driven by the feedback we receive from our partners or customers.

We have been attending GITEX for several years and this year is no different. Despite the prevailing circumstances, economies across countries are bouncing back and the UAE is leading the way on the global scale around this trend. We know the organisers of GITEX quite well and the quality of support they provide in order for us to get the most out of the event, which made our participation this year a no-brainer.

The pandemic has definitely boosted and accelerated innovation and research across segments and industries; from technology to pharmaceuticals. For instance, we have even added new features to our own products such as the remote desk control option. Indeed, smaller organizations were seeking alternatives that could allow them to continue to operate within a heavily digitalized world.

Competition is good as long as it is healthy. Having people with various innovations can only push the next person or company to want to improve not just for themselves but for our society. Prototypes or solutions that are created for a particular project or market could end up being used by a larger audience a few years down the line. It happened to planes, cars, computers, phones, cameras, and more. So, lets continue to encourage innovation across all sectors.

It might not be directly innovation related but still have a great impact on it; I would say an accrued investment in diversity, of all sorts and all aspects. We need people that have different outlooks on life and various creative minds to continue to innovate. Otherwise, I would say to watch out for flying cars!

Read more from the original source:
GITEX 2021: Investing in cyber protection with Acronis - ITP.net

Make Use of Cybersecurity Threat Feeds

With threat detection, its important to keep your ear to the ground to know whats coming, and publicly accessible threat feeds offer a way to do just that. Many of these feeds such as the Cybersecurity and Infrastructure Security Agencys Automated Indicator Sharing network, a program of the Department of Homeland Security are accessible to businesses as a way to understand potential risks. The AIS network is also available through information sharing and analysis centers (ISACs), which provide targeted information on threats to specific industries, as well as a way to privately share information about emerging threats.

The National Council of ISACs offers a starting point for specific fields; for those interested in signing up for more general feeds, the Center for Internet Security is a great place to start. These feeds, however, are often quite busy, making it difficult to know whether your business might be affected by a given threat. With that in mind, a security information and event management solution from a vendor such as RSA would make a good potential investment.

Ransomware has been a major area of focus for nonprofit organizations such as the National Cyber Security Alliance, which helps put on Cybersecurity Awareness Month and also publishes a variety of resources for businesses.

Organizations such as these offer digital resources that can help companies understand potential risks and how to avoid them. The Global Cyber Alliance, a nonprofit based in the United States and Europe, offers a toolkit targeted at small businesses that lays out basic recommendations for both employers and team members, including tips for data encryption, website security and integrating multifactor authentication using tools such as Okta.

EXPLORE:How smaller organizations can benefit from cloud security posture management.

As a part of its cybersecurity offerings, the Small Business Administration and its resource partners offer a variety of free and low-cost events, largely virtual, geared specifically to small businesses, as does NCSA.

Associations can also serve as an asset for small businesses. Some in the financial and retail sectors, for example, have helped to create security resources that offer basic frameworks to follow when approaching topics such as penetration testing, insider threats and protocols around COVID-19 all of which can help a business strengthen its position. Others, such as the National Retail Federation, offer cyber risk exchanges to members that can help keep them abreast of the latest risks within their sector.

Each of these offerings can point you in the right direction to improve your approach to cybersecurity, and can provide information about potential threats and effective strategies for arming your employees with the information they need to avoid unwittingly creating problems down the line.

Of course, if a security event happens, you want to be able to respond quickly, and it helps to have resources readily available. CDWs incident response program offers no-fee retainer agreements that make incident response available immediately in the event of an attack. This lets you focus on solving the problem immediately, not how much the solution is going to cost.

The best way to save money now is to have a solution in place when something happens.

This article is part ofBizTech'sAgilITy blog series. Please join the discussionon Twitterbyusing the#SmallBizIT hashtag.

Continued here:
How Small Businesses Can Fund Their Ransomware Protection - BizTech Magazine