Thank you to our readers! The COAR team is signing off for the remainder of the 2017 year. We hope you all have safe and healthy holidays and hope to see you in the new year.
The COAR Team.
Cyber Research
Women in Cybersecurity
The Current Trend
Despite intense growth in the field of cybersecurity, women continue to form merely a small minority of the cybersecurity workforce. The industry currently boasts approximately one million available jobs, and the number is expected to increase to 1.5 million available jobs by 2019. However, women only hold about one in every 10 positions[1] in the cybersecurity industry, constituting a meager 8-13 percent[2] of cybersecurity professionals overall. Figure 1 below illustrates a comparison of the amount of women in computer science-related studies versus alternative fields:
A number of possible reasons have been suggested for the lack of women in the cybersecurity workforce. For example, the information-security organization CREST discusses a deficiency in computer-science courses among secondary schools.[3] Without proper exposure to the field, many women remain unaware of their opportunities. Similarly, the workforce itself has witnessed a lack of mentorship that encourages women to pursue advancement in cybersecurity.[4] Instead of encouragement, the National Cybersecurity Institute (NCI) argues that the marketing industry tends to use aggressive, more masculine terminology in relation to cybersecurity, selecting phrases such as “combat cyberthreats” or “fortify digital defenses”.[5] The entertainment industry also tends to portray men more often than women in mathematical, scientific, or technical television and film roles.3 As a result, women may pursue fields that offer a more welcoming environment. Read more
MORE MTD Named 2017 R&D 100 Finalist
In an R&D Magazine press release on August 9th, the R&D 100 Awards Committee announced its 2017 finalists, with COAR’s patented technology, Multiple OS Rotational Environment Moving Target Defense (MORE MTD), among them.
2017 R&D 100 is the 55th annual awards program that recognizes prestigious innovations of science or technology. It awards 100 ideas, each of which falls into one of five categories: Analytical/Test; IT/Electrical; Mechanical Devices/Materials; Process/Prototyping; and Software/Services, and provides four Special Recognition Awards as well: Market Disruptor Services; Market Disruptor Products; Corporate Social Responsibility; and Green Tech. Read more
Holiday Sign-Off
In conjunction with the laboratory’s holiday schedule, the COAR website will not be updated for the rest of December.
Be sure to check our website in the new year for more content, articles, and puzzles!
If you are going to the Scholarship for Service: CyberCorps® Career Fair, stop by the Argonne Booth and say hi!
Happy Holidays!
-The COAR Team
Reddit AMA: The ins and outs of working in cybersecurity
UPDATE: Reddit AMA is here: https://redd.it/5gujag
Join the live Reddit Ask Me Anything (AMA) online event TODAY at 1 p.m. to learn about available cyber security jobs in Argonne’s Cyber Operations, Analysis and Research (COAR) team, part of the Risk and Infrastructure Science Center (RISC). Current team members stand ready to answer your questions about what it’s like to work in cyber security at a national laboratory.
Cyber Security Opportunities at Argonne
COAR is looking for creative individuals with strong problem-solving skills to join our dynamic group! As a cybersecurity team, our mission is to strengthen and defend our nation’s critical infrastructure by analyzing, developing, and implementing novel cyber solutions that penetrate three key areas: cyber intelligence, cyber physical, and cyber resilience.
Those joining in our mission will have the resources to pursue new research ideas, flexibility that supports a healthy work-life balance, and fulfillment through numerous career advancement and professional development opportunities.
This post was written by: COAR
Moving Target Defense Collaboration with AFRL, Ratheon BBN, and FIT
In October, the COAR team launched an initial collaboration with the Air Force Research Laboratory, Ratheon BBN, and Florida Institute of Technology to test our Multiple OS Rotational Environment for Moving Target Defense (MORE MTD) technology. MORE is a rotational environment that runs an application on several different OS platforms to thwart attacker reconnaissance efforts and improve application resilience to the threat of zero day exploits. Read more about our Moving Target Defense technologies here.
This post was written by: Mike Thompson
COAR is Hiring!
The Cyber Operations, Analysis, and Research (COAR) team is hiring!
The program is growing and Argonne is opening several positions in cyber security, cyber analysis, and cyber research at all levels of appointment starting at the junior all the way to highest level, including leadership positions.
What We Do in COAR
The COAR team develops and implements the tools and provides the expertise to conduct extensive analysis to support Federal agencies, military sponsors, and commercial organizations in efforts to improve the security and resilience of their network design and operations. The COAR team has analyzed vulnerabilities and potential consequences within cloud infrastructure, blood banks, and industrial control systems, etc. The team also has current research being done in moving target defense, vehicle security, botnet research, and visualizing dependencies.
What do we do at Argonne
Argonne is a multidisciplinary science and engineering research center, where “dream teams” of world-class researchers work alongside experts from industry, academia and other government laboratories to address vital national challenges in clean energy, environment, technology and national security. We pursue big, ambitious ideas that redefine what is possible. Our pursuit of groundbreaking discoveries pushes the boundaries of fundamental science, applied science and engineering to solve complex challenges and develop useful technologies that can transform the marketplace and change the world.
Why Work at Argonne?
The world’s best and brightest cyber minds come to Argonne; minds that have a passion for excellence and a desire to apply their technical expertise to solve problems of national and global significance. The emphasis here is on work excellence in a relaxed atmosphere. Similar to a university campus, you will experience groups of employees working, talking, and walking together within Argonne’s wooded grounds formulating the next scientific breakthrough.
Take a look at the positions that are open within COAR today.
Cyber Security Analyst
Cyber Security Specialist
Cyber Analysis and Research Team Lead
Secure Operations and Hosting Section Lead
Cyber Security Intern : 192-GSS-1 OR 193-GSS-1
If you have any questions regarding these positions or the team please email [email protected].
This post was written by the COAR team.
Heartbleed and Marketing Vulnerabilities
Within days of discovery, Heartbleed burst into popularity on the news and social media. This named bug eclipsed previous vulnerabilities in terms of impact and awareness — alerting engineers, 
technicians, and IT personnel to protect their vulnerable systems. However, most do not remember Heartbleed for the exact technical details, but rather the colossal awareness campaign that rocked mainstream media, which normally does not concern itself with software bugs. Other serious software glitches in the past have been cause for alarm; what warranted, or enabled, the massive “media explosion” of coverage for Heartbleed? How does the usage of marketing tactics help or harm the cause of vulnerability reporting? Finally, two years later, how have companies attempted to imitate this style of vulnerability marketing popularized by Heartbleed?
Ashburn, VA: Internet Infrastructure Resilience
We recently published our high level summary of work done in conjunction with the Department of Homeland Security’s Regional Resiliency Assessment Program. The project was centered on the Ashburn, VA area’s Internet Infrastructure. You can read the full summary here.
Internet infrastructure is highly distributed among different private and public sector entities. Networks using TCP are highly resistant to failures when multiple paths from sender to receiver exist. TCP’s resilience has the potential to fail if a concentration of high-capacity routes between a particular sender and receiver become unavailable.