Showing posts with label CYBER DEFENSE. Show all posts
Showing posts with label CYBER DEFENSE. Show all posts

Wednesday, August 20, 2014

U.S. CYBER COMMAND EXPANDING

FROM:  U.S. DEFENSE DEPARTMENT 
Rogers: Cybercom Defending Networks, Nation
By Cheryl Pellerin
DoD News, Defense Media Activity

FORT MEADE, Md., Aug. 18, 2014 – U.S. Cyber Command continues to expand its capabilities and capacity, Navy Adm. Mike Rogers said Aug. 14.
The Cybercom commander was speaking during an interview at the NSA headquarters building here. Rogers is also director of the National Security Agency and chief of the Central Security Service.

“The decision to create [Cybercom] was a … recognition of a couple things. No. 1, the increasing importance of the cyber domain and the cyber mission set in Department of Defense operations in the 21st century,” Rogers said.

Such a command would add to the department’s ability to protect and defend its networks, and give policymakers and operational commanders a broader range of options, he said.

The second consideration involved DoD’s mission to defend the nation, coupled with the potential of nation-states, groups and individuals to conduct offensive cyber activities against critical U.S. infrastructure.

In that scenario, the admiral said, defense officials thought it was likely the president would “turn to the secretary of defense and say, ‘In your mission to defend the nation, I need you to do the same thing here in the cyber arena against this mission set critical to U.S. infrastructure, and I need an organization capable of doing that.’”

These conditions led the department to realize the need to create a traditional warfighting organization capable of executing a spectrum of cyberspace missions, Rogers said.

And, he added, they knew they needed to do so “with a dedicated professionalized workforce. This is not a pickup game where you just come casually to it.”
Rogers said he focuses on five priorities for Cybercom.

These are to build a trained and ready cyber force, put tools in place that create true situational awareness in cyberspace, create command-and-control and operational concepts to execute the mission, build a joint defensible network, and ensure Cybercom has the right policies and authorities that allow it to execute full-spectrum operations in cyberspace.

Making progress is important to Rogers, who characterized his ultimate goal as bringing Cybercom to a level where it’s every bit as trained and ready as any carrier strike group in the U.S. Central Command area of responsibility or any brigade combat team on the ground in Afghanistan.

“My objective during my time as the commander, first and foremost,” the admiral said, “is to ensure that we have brought to fruition the operational vision in cyber … [to make sure] it’s something real, it’s something tangible, and it is operationally ready to execute its assigned missions.”

That is happening as Cybercom brings its warfighting capability online, with the services generating a total cyber mission force of about 6,000 people by 2016, all trained to the same high standard and aligned in 133 teams with three core missions:

-- The Cyber National Mission Force, when directed, is responsible for defending the nation’s critical infrastructure and key resources.

-- The Cyber Combat Mission Force provides cyber support to combatant commanders across the globe; and
-- The Cyber Protection Force operates and defends the DoD information network, or DoDIN.

Defending the DoDIN is the focus of a partnership in progress with the Defense Information Systems Agency, or DISA.

The agency provides command and control and information-sharing capabilities and a globally accessible enterprise information infrastructure to warfighters, the president and national leaders, and other mission and coalition partners.
DISA, Rogers points out, is also a combat support agency.

The agency reports to acting DoD Chief Information Officer Terry Halvorsen, and its director is Air Force Lt. Gen. Ronnie D. Hawkins Jr.

“I have always believed … that we need to integrate operations and networks and our defensive workforce into one team,” Rogers said, “and that you are more effective in operating a network and in defending a network when you do it with one integrated approach.”

As a result, Rogers’ team decided they needed to create a relationship with DISA, he said, adding, “At the moment there’s no formal [command and control] line between us, but we’re in the process of creating one.”

As part of that process Rogers collaborates with Halvorsen and Hawkins.
“What I think we need to do,” he said during their meeting, “is create an operational construct that creates a direct linkage [between] U.S. Cyber Command, DISA and U.S. Cyber Command service components.”

It’s critical that the relationship includes the service components, Rogers said, “Because, under the current network structure today, those networks are largely run by [the] services. So we’ve got to create a relationship between DISA and the services that is very operational because you’ve got to maneuver networks, you’ve got to react to changes, and you can’t do that in a static kind of environment.”
He added, “We're in the process of doing that and I expect to roll it out in the fall. … You’ll hear it referred to as JFHQ DoDIN,” he said, or Joint Force Headquarters DoD Information Networks.

Rogers said that he, Halvorsen and Hawkins agree, this is the future of DISA.
“[DISA] will operate on the networks. They'll be part of our defensive effort so they will be out operating on the networks just like us,” he added.

“One of the core missions is the defense of the DoDIN,” Rogers said. “The forces associated with that mission will be assigned to DISA, to the services [and] to the combatant commanders.” So, he added, DISA will have operational control over some of the cyber mission force to help execute their mission.

Another of Rogers’ priorities for Cybercom is to help develop a common situational awareness of “what’s happening in DoD networks,” he said.

The commander highlighted the need for speed and agility in the cyber arena, adding, “If you can’t visualize what you’re doing … you’re not going to be fast or as agile, and thus arguably not as effective as you need to be.”

Rogers said, “As an operational commander I am used to the idea of walking into a command center, looking at a visual depiction that through symbology, color and geography enables me to very quickly come to a sense of what's happening in this space. We are not there yet in the cyber arena.”

Establishing situational awareness in the cyber realm is a combination of technology and capability, the admiral said, and determining what knowledge is needed and what elements contribute to that.

“Is what U.S. Cyber Command needs to know about what's going on in the network world the same thing as a strike group commander needs in the Western Pacific? The same thing an Air Force air wing needs in Minot, North Dakota? The same thing a brigade combat team needs in Afghanistan? It will vary, so we've got to create a system that you can tailor to the needs of each commander,” he said.
Rogers noted there are many ongoing efforts to improve situational awareness, pointing out the need to work collaboratively to fix the problem.

“We do have some tools right now,” he added. “They’re just not as mature and comprehensive as I'd like them to be.”
Cyber is foundational to the future, the admiral said, and he often comments to his fellow operational commanders that cyber is a mission they have to own.
“The wars of the 20th century taught most warfighting professionals that, no matter what you do, a good foundational knowledge of logistics is probably going to stand you in good stead,” Rogers explained.

In the 21st century, he added, operational commanders may find that, regardless of their mission, they will need a sense of what’s going on in their networks, where they’re taking risk, and the impact of network structure and activities on their ability to execute the mission.

“It’s not something you turn to your communications officer … or your CIO and say, ‘I don't really understand this. Go out and do some of that for me.’ That isn't going to get us where we need to go,” the admiral said.

Rogers elaborated on the need for Cybercom to be ready.

During his time as Cybercom commander, he said he expects that a nation-state, group or individual will attempt to engage in offensive, destructive capability against critical U.S. infrastructure, from the power grid to the financial sector.
The Presidential Policy Directive for Critical Infrastructure Security and Resilience outlines 16 designated U.S. Critical Infrastructure sectors.
Rogers says he tells his team they have to be ready to respond to such a call. But for an attack on the United States, Cybercom will support the Department of Homeland Security, which is the lead agency for broader security protections associated with critical infrastructure, and partner with the FBI, which is the lead agency for domestic attacks and law enforcement.

“Our biggest focus really is going to be bringing our capabilities to bear to attempt to interdict the attack before it ever gets to us,” the admiral said.

“Failing that,” he continued, “we'll probably also have some measure of capability that we can provide to work directly with those critical infrastructure networks to help address the critical vulnerabilities and where the networks could use stronger defensive capability.”

To prepare for such interagency collaboration in the event of a domestic cyberattack, the command trains as it will fight, Rogers said.

“In the military I'm used to the idea that you train like you fight. So we exercise [and] we replicate the things we think are going to occur in a combat scenario,” the admiral said. “I want to do the exact same thing with the same set of teammates I'm going to operate with if we get the order to do so.”

The department and Cybercom already do internal exercises, he said, as well as ongoing interagency exercises such as Cyber Guard, in which elements of the National Guard, reserves, NSA and Cybercom exercise their support to DHS and FBI responses to foreign-based attacks on simulated critical infrastructure networks.

The whole-of-government exercise, completed June 17, was designed to test operational and interagency coordination and tactical-level operations to prevent, mitigate and recover from a domestic cyber incident.

Cyber Guard is a good example, Rogers said, “but I want to build on that. DHS and FBI were there but I think we can do even more.”

Information sharing and partnerships with the critical infrastructure sectors is an important aspect of enabling Cybercom to more effectively interdict and stop an attack, if directed to do so by the president and defense secretary, he added.
The cyber threat is growing increasingly complex, the Cybercom commander said, and a more diverse set of actors is involved in the mission set, “from nation-states that continue to increase their capabilities, to groups, to individuals.”

In broad terms, he added, “you don’t see a crisis in the world today that doesn’t have a cyber aspect to it.”

For that reason and others, the ultimate construct of Cybercom must be flexible, the admiral said.

“If you want to develop full-range capabilities and generate the maximum flexibility for their application, you’ve got to build a construct that recognizes we’re going to be supported sometimes, we’re going to be supporting other times, and sometimes we’re going to be doing both simultaneously,” Rogers said.
In one scenario Cybercom might be helping the commander in the Pacific, he said, and “at the same time we might be driving efforts to secure the U.S. financial infrastructure … and trying to support U.S. Central Command.

“It’s just the nature of things,” Rogers said, “because cyber is so global and so foundational.”


Friday, May 30, 2014

SECRETARY KERRY, ESTONIAN PRIME MINISTER PAET MAKE REMARKS BEFORE MEETING

FROM:  U.S. STATE DEPARTMENT S
Remarks With Estonian Foreign Minister Urmas Paet Before Their Meeting
Remarks
John Kerry
Secretary of State
Treaty Room
Washington, DC
May 29, 2014

SECRETARY KERRY: Good morning, everybody. Great pleasure to welcome Foreign Minister Paet of Estonia to Washington. We could not be more grateful or pleased for and with the relationship with Estonia.

Estonia is a very strong NATO partner. In fact, one of only four countries in NATO that has met its 2 percent commitment to defense, and has committed to continue that 2 percent spending for at least the next 10 years. We have a very strong relationship with respect to democracy, commitment to democracy building, territorial integrity. Estonia has been a solid partner in the effort to make clear all of our feelings about the territorial violations that have taken place with respect to Ukraine and the challenge to stability in the region.

In addition to that, Estonia is currently hosting a significant increase of presence within NATO in order to make clear the issues of sovereignty within the region. So on the issues of defense and security we have been as forward leaning as any members within the NATO alliance. But in addition to that, we have other efforts in which we’re working together, particularly diversity of the energy supply to Europe. There are important choices to be made in order to try to create greater energy independence. Estonia is a leader with respect to that effort, as well as our hopes, all of us, to try to move forward on the Transatlantic Trade and Investment Partnership, which we think is a critical economic step that can rekindle growth in Europe and strengthen the rules of the road for our economies.

So we have a lot to talk about today, but particularly grateful to welcome a country that has been, frankly, as courageous, as clear, as principled as Estonia has been. It’s a strong and important NATO ally, and we’re happy to have the discussions we will today.

Thank you.

FOREIGN MINISTER PAET: Thank you. Well, it’s good to be in Washington once again, and thank you very much for hosting, Secretary Kerry. Estonia and the United States, we are very strong partners and we share all important and basic values. And Estonia really and strongly appreciates the very quick reaction of the United States to change the security circumstances and security environment in Europe. We appreciate a lot the additional contribution of the United States with air policing of Estonia and also Latvia and Lithuania, and also troops you sent to Estonia to participate in military exercise, but also to stay longer in Estonia.

Of course, we both at the moment like to see the quick and clear de-escalation of the situation in Ukraine. Unfortunately, recently, another four OSCE observers were taken by people in eastern Ukraine. Among these four OSCE observers also one is an Estonian citizen, and we of course hope that these people will be released as soon as possible.

We’re also making good cooperation with the United States in this fare of supporting new democracies, which together in the so-called LEND project, which supports the leaders of new democracies and also one of the areas we make very strong cooperation is cyber defense and all other cyber and IT-related issues.

I’d like also mention energy security of Europe, and here the United States plays important and critical role, and the EU and U.S. relationship is also for us absolute necessity, so that we are also firm and strong supporter of European Union and United States free trade agreement talks, so that we hope that this common free trade area will be created as soon as possible.

So that once again, thank you very much for hosting. Thank you very much for this very strong partnership and friendship. Thank you.

SECRETARY KERRY: Thank you very much.

QUESTION: Mr. Secretary, Edward Snowden says he has cooperated with Russia…

SECRETARY KERRY: I have no comment right now, but thank you.

Thursday, August 22, 2013

READOUT OF DEFENSE SECRETARY HAGEL'S MEETING WITH DENMARK'S MINISTER OF DEFENSE

FROM:  U.S. DEPARTMENT OF DEFENSE 
Readout of Secretary Hagel's Meeting With Denmark's Minister of Defence Nicolai Wammen

           Pentagon Press Secretary George Little provided the following readout:


           "Secretary of Defense Chuck Hagel and Danish Minister of Defence Nicolai Wammen met Wednesday at the Pentagon, reaffirming the two countries' strong defense relationship based upon shared approaches to defense and security issues, and pledging to continue to deepen military cooperation.


           "The two leaders highlighted the long friendship between the two nations' armed forces, as well as present-day cooperation in North Atlantic Treaty Organization (NATO)-led operations in Afghanistan, off the Horn of Africa, and cyber defense.  Secretary Hagel and Minister Wammen also discussed the ongoing violence in Syria and the situation in Egypt.


           "The leaders also discussed the developments in Afghanistan's national security forces' capability to address the country's own security challenges and the role of NATO post-2014.  Hagel and Wammen underscored their belief that the United States and Denmark should work to maintain and increase interoperability and implement lessons learned from operations in Afghanistan.  They both agreed on the importance of exploring new approaches to bilateral and multinational cooperation for the benefit of both nations and of NATO as a whole.


           "Hagel and Wammen discussed exchanging lessons learned in defense materiel and logistics.  They also discussed opportunities to cooperate on veterans' initiatives.  Hagel and Wammen agreed on the inauguration of annual policy-level staff discussions that would develop plans for cooperation in more detail.


           "Secretary Hagel expressed appreciation for Denmark's close partnership, and Minister Wammen invited Secretary Hagel to visit Denmark at his earliest convenience."

DEFENSE SECRETARY HAGEL AND DANISH DEFENSE MINISTER WAMMEN MEET AT PENTAGON

FROM:  U.S. DEFENSE DEPARTMENT 
Hagel, Danish Defense Minister Discuss Continued Cooperation
American Forces Press Service

WASHINGTON, Aug. 21, 2013 - Defense Secretary Chuck Hagel and Danish Defense Minister Nicolai Wammen met today at the Pentagon, reaffirming the two countries' strong defense relationship based upon shared approaches to defense and security issues, and pledging to continue to deepen military cooperation, Pentagon Press Secretary George Little said.

"The two leaders highlighted the long friendship between the two nations' armed forces, as well as present-day cooperation in North Atlantic Treaty Organization-led operations in Afghanistan, off the Horn of Africa, and cyber defense," Little said in a statement summarizing the meeting.

"Secretary Hagel and Minister Wammen also discussed the ongoing violence in Syria and the situation in Egypt," Little added.

The two defense leaders also discussed the developments in the capability of Afghanistan's national security forces to address the country's own security challenges and the role of NATO in Afghanistan after the alliance's current mission ends there at the end of 2014, Little said.

Hagel and Wammen underscored their belief that the United States and Denmark should work to maintain and increase interoperability and implement lessons learned from operations in Afghanistan, the press secretary said.

"They both agreed on the importance of exploring new approaches to bilateral and multinational cooperation for the benefit of both nations and of NATO as a whole," he added.

In addition, they discussed exchanging lessons learned in defense materiel and logistics and opportunities to cooperate on veterans' initiatives, Little said. They also agreed on the inauguration of annual policy-level staff discussions that would develop plans for cooperation in more detail.

"Secretary Hagel expressed appreciation for Denmark's close partnership, and Minister Wammen invited Secretary Hagel to visit Denmark at his earliest convenience," Little said.

Friday, April 12, 2013

AIR FORCE GEN. KEHLER ON PLANNING FOR THE UNEXPECTED

FROM: U.S. DEPARTMENT OF DEFENSE
Strategic Command Plans for Unexpected, Commander Says
By Donna Miles
American Forces Press Service


OFFUTT AIR FORCE BASE, Neb., April 8, 2013 - The last thing Air Force Gen. C. Robert Kehler -- the point man for the U.S. nuclear arsenal as well as space, cyber, ballistic missile and other capabilities -- wants is to be caught by surprise.

As commander of U.S. Strategic Command, Kehler's job is to ensure U.S. deterrence remains so strong that it dissuades potential adversaries from challenging it.

In the days of the Cold War, the concept of deterrence was relatively straightforward, with both the United States and former Soviet Union recognizing that a nuclear attack by either side would result in "mutually assured destruction," he told American Forces Press Service.

Today, deterrence is a whole different matter, he said, with a broader array of potential adversaries, all operating in different ways and guided by different motivations. The challenge is to ensure that as the United States confronts this whole new ball game, it doesn't get dealt a devastating curve ball.

So Kehler regularly challenges his staff to think about the unthinkable to ensure they're ready for whatever comes their way.

"The question for us is, 'Are we ready to deal with uncertainty?'" he said. "Have we prepared ourselves in a way that acknowledges that surprise is going to happen -- and that surprise can be deadly if we allow it to be so?"

Being open to "alternative futures," he said, "helps us think about things we are not thinking about today, and therefore, prepare as a matter of course for things that may not unfold the way we think they will."

Kehler is such a firm believer in out-of-the-box thinking that he's made "prepare for uncertainty" one of his top five command priorities. He and his senior staff regularly gather around a conference table to ponder "what ifs" that may seem inconceivable to many.

"This isn't about what happens if Martians land," Kehler said. "This is about coming up with some plausible scenarios that make you step back and go, 'Hmmm ....'"

Doing so presents situations in a new light, and sometimes with new insights, the general said.

"I believe you can train yourself to recognize that you probably don't have it right, and that there is going to be something else out there," he said.

Kehler cited historical examples when an unrecognized "something else out there" had a devastating effect on the United States.

"I think it's our responsibility to go back and ask ourselves, 'What were we thinking on 6 December 1941, and then on 8 December 1941?" he said, referring to the dates surrounding the attack on Pearl Harbor. "And what were we thinking on 10 September 2001, and then on September 12?"

Kehler said he largely agrees with those who blame the 9/11 attacks on "a failure of imagination."

"If that is so, then we had better be imaginative now," he said. "Because as complex and uncertain as the world is, we are not going to get all this right. It is not going to be all neatly presented to us in a planning problem. And that makes it more important than ever that we understand the things that are out there."

Tabletop exercises and brainstorming sessions might not identify the exact next threat or predict who will launch it, and when, he acknowledged.

"But at least we will have given ourselves a bunch of challenges to think about that I believe help us prepare for the day when something has happened that you just didn't foresee," Kehler said. "That way, we're not left flabbergasted and flat-footed here because something happened, because we weren't so locked in on things that we didn't recognize that it could happen."

Thursday, September 20, 2012

CARTER WANTS MORE PROGESS ON CYBER DEFENSE

FROM: U.S. DEPARTMENT OF DEFENSE
Carter Urges Stepped Up Progress on Cyber Defense
By Cheryl Pellerin
American Forces Press Service


WASHINGTON, Sept. 19, 2012 - Even as the Defense Department increases investments in cyber capabilities, officials are working to reduce vulnerabilities in their own networks and in those of contractors who build sensitive defense systems, Deputy Defense Secretary Ashton B. Carter said today.

Speaking at the Air Force Association's Annual Air and Space Conference and Technology Exposition in Maryland, Carter said DOD's cyber concerns are threefold.

"Two of [these parts] we can get our hands on, including by managerial moves within the department, and a third ... is harder to get our hands on," the deputy secretary said.

The first is DOD's defense of its own networks, he said, noting that task is "technically very challenging."

It's paramount that DOD maintains security and integrity across its cyber networks, Carter said, because "we depend on them ... today in everything we do."

The second part involves developing cyber weapons as weapons of war, he said, "doing the intelligence preparation of the battlefield for their employment and planning for their employment. Again, that's something we can do within our own walls and are doing."

The third part is protecting the nation at large from cyberattack, he added, a job that's harder because DOD plays only a role in a larger cast.

The scope of DOD's responsibility for domestic cyber defense extends to the dependence of DOD installations and bases on the U.S. cyber infrastructure, and on the use of DOD data and plans by contractors who build the department's sensitive systems.

"First of all, other parts of the government have capabilities and responsibilities and we work with them. But the most important thing is that most of those networks are ... owned and controlled by private entities who typically fail to invest, or underinvest, in their security," the deputy secretary said.

"When we offer to assist them in protecting [the networks], we run up against barriers that we're slowly trying to knock down and reason our way through," he added.

Such barriers could include antitrust issues if the department provides information to a particular business, he said.

"Do we have to provide the same information to company B? Can company A provide information to company B or does that violate the antitrust laws?" Carter said. "Can company A provide information back to the United States or is that providing personal information to the government that is on their networks?"

He questioned whether DOD should require private industry to control and strengthen its cyber networks, or whether that would be interpreted as excessive government regulation.

"These are all tough problems," he said.

When it comes to dealing with issues of safeguarding the nation as a whole from cyberattack, "we're working our way through all these issues, and my own view is [we're doing it] way too slowly," Carter said.

The Cybersecurity Act of 2012, which called for minimum cyber security performance standards for critical infrastructure that the U.S. government would help develop with private industry, fell short of passage during an Aug. 8 Senate vote.

"We were hoping for some legislative relief this summer that we didn't get out of the Congress," Carter said.

Meanwhile, he said, the Defense Department is considering making U.S. Cyber Command, an armed forces subunified command subordinate to U.S. Strategic Command and led by Army Gen. Keith B. Alexander, a separate combatant command.

Tuesday, July 31, 2012

JOBS: SKILLED PEOPLE NEEDED FOR CYBER DEFENSE

FROM: U.S. DEPARTMENT OF DEFENSE
Photo Credit:  U.S. Department of Defense.
Highly Skilled People Are Key to Cyber Defense, Leaders Say
By Jim Garamone
American Forces Press Service

WASHINGTON, July 26, 2012 – Having the right people in the right places with the right training is the best defense against any attack, and this is as true in the cyber world as it is on battlefields Afghanistan, military commanders charged with improving capabilities in the cyber world told Congress yesterday.

Navy Vice Adm. Michael S. Rogers, commander of the 10th Fleet; Lt. Gen. Rhett A. Hernandez, commander of 2nd Army; Lt. Gen. Richard P. Mills, commander of Marine Corps Development Command; and Maj. Gen. Suzanne M. Vautrinot, commander of 24th Air Force testified before the House Armed Services Committee’s emerging threats subcommittee and described what the services are doing to attract and retain the best people.

And this is a problem, they said, because government and the private sector are worried about defending data and networks from attacks.

Cyber war is complicated, the commanders said, because defending systems demands world-class engineers and technicians and the military must compete with other public agencies and the private sector in attracting these world-class specialists.

"The Navy’s workforce is perhaps our greatest strength in this emerging discipline," said Rogers, who has commanded the 10th Fleet – the Navy’s Cyber Command – for about a year. "Our sailors and civilians are at the forefront of advances in cyberspace operations."

The changing nature of the cyber world complicates the effort to recruit and retain cyber specialists, Rogers said. The Navy has established a summer intern program at the Naval Academy and with ROTC to expose midshipmen to the cyber defense world, and has established the cyber engineer career field to allow direct accessions for a few recent college graduates with deep cyber expertise, he told the panel.

"While the Navy cannot compete with the compensation offered by industry, we provide individuals with unique opportunities that they cannot receive out in industry, and the highly motivated Navy cyber workforce is opting to stay Navy at record levels," the admiral said.

His sailors, Rogers said, are warriors. They know they are working to protect not only data, but also the country, and they know that, and it motivates them, he told the representatives.

Soldiers also recognize that they are warriors fighting in a different kind of war, Hernandez said. The Army is working to exercise all cyber warriors in the skills they need to defend networks and data.

"We will integrate cyberspace operations into 13 joint and Army exercises this fiscal year, and will double that number next year," the general said. The service also is using cyber specialists to play opposing forces in exercises at the National Training Center and at combatant command exercises.

The Air Force continues to stress the need for Americans with science and mathematics backgrounds, Vautrinot said, and works with high schools and colleges to encourage and mentor students involved in science and mathematics.

Overall, attacks in the cyber world are a serious threat, the military leadersagreed, so education, training and development of cyber defense professionals needs to continue unabated.

 

Search This Blog

Translate

White House.gov Press Office Feed