Showing posts with label NATIONAL SECURITY ADMINISTRATION. Show all posts
Showing posts with label NATIONAL SECURITY ADMINISTRATION. Show all posts

Wednesday, August 20, 2014

U.S. CYBER COMMAND EXPANDING

FROM:  U.S. DEFENSE DEPARTMENT 
Rogers: Cybercom Defending Networks, Nation
By Cheryl Pellerin
DoD News, Defense Media Activity

FORT MEADE, Md., Aug. 18, 2014 – U.S. Cyber Command continues to expand its capabilities and capacity, Navy Adm. Mike Rogers said Aug. 14.
The Cybercom commander was speaking during an interview at the NSA headquarters building here. Rogers is also director of the National Security Agency and chief of the Central Security Service.

“The decision to create [Cybercom] was a … recognition of a couple things. No. 1, the increasing importance of the cyber domain and the cyber mission set in Department of Defense operations in the 21st century,” Rogers said.

Such a command would add to the department’s ability to protect and defend its networks, and give policymakers and operational commanders a broader range of options, he said.

The second consideration involved DoD’s mission to defend the nation, coupled with the potential of nation-states, groups and individuals to conduct offensive cyber activities against critical U.S. infrastructure.

In that scenario, the admiral said, defense officials thought it was likely the president would “turn to the secretary of defense and say, ‘In your mission to defend the nation, I need you to do the same thing here in the cyber arena against this mission set critical to U.S. infrastructure, and I need an organization capable of doing that.’”

These conditions led the department to realize the need to create a traditional warfighting organization capable of executing a spectrum of cyberspace missions, Rogers said.

And, he added, they knew they needed to do so “with a dedicated professionalized workforce. This is not a pickup game where you just come casually to it.”
Rogers said he focuses on five priorities for Cybercom.

These are to build a trained and ready cyber force, put tools in place that create true situational awareness in cyberspace, create command-and-control and operational concepts to execute the mission, build a joint defensible network, and ensure Cybercom has the right policies and authorities that allow it to execute full-spectrum operations in cyberspace.

Making progress is important to Rogers, who characterized his ultimate goal as bringing Cybercom to a level where it’s every bit as trained and ready as any carrier strike group in the U.S. Central Command area of responsibility or any brigade combat team on the ground in Afghanistan.

“My objective during my time as the commander, first and foremost,” the admiral said, “is to ensure that we have brought to fruition the operational vision in cyber … [to make sure] it’s something real, it’s something tangible, and it is operationally ready to execute its assigned missions.”

That is happening as Cybercom brings its warfighting capability online, with the services generating a total cyber mission force of about 6,000 people by 2016, all trained to the same high standard and aligned in 133 teams with three core missions:

-- The Cyber National Mission Force, when directed, is responsible for defending the nation’s critical infrastructure and key resources.

-- The Cyber Combat Mission Force provides cyber support to combatant commanders across the globe; and
-- The Cyber Protection Force operates and defends the DoD information network, or DoDIN.

Defending the DoDIN is the focus of a partnership in progress with the Defense Information Systems Agency, or DISA.

The agency provides command and control and information-sharing capabilities and a globally accessible enterprise information infrastructure to warfighters, the president and national leaders, and other mission and coalition partners.
DISA, Rogers points out, is also a combat support agency.

The agency reports to acting DoD Chief Information Officer Terry Halvorsen, and its director is Air Force Lt. Gen. Ronnie D. Hawkins Jr.

“I have always believed … that we need to integrate operations and networks and our defensive workforce into one team,” Rogers said, “and that you are more effective in operating a network and in defending a network when you do it with one integrated approach.”

As a result, Rogers’ team decided they needed to create a relationship with DISA, he said, adding, “At the moment there’s no formal [command and control] line between us, but we’re in the process of creating one.”

As part of that process Rogers collaborates with Halvorsen and Hawkins.
“What I think we need to do,” he said during their meeting, “is create an operational construct that creates a direct linkage [between] U.S. Cyber Command, DISA and U.S. Cyber Command service components.”

It’s critical that the relationship includes the service components, Rogers said, “Because, under the current network structure today, those networks are largely run by [the] services. So we’ve got to create a relationship between DISA and the services that is very operational because you’ve got to maneuver networks, you’ve got to react to changes, and you can’t do that in a static kind of environment.”
He added, “We're in the process of doing that and I expect to roll it out in the fall. … You’ll hear it referred to as JFHQ DoDIN,” he said, or Joint Force Headquarters DoD Information Networks.

Rogers said that he, Halvorsen and Hawkins agree, this is the future of DISA.
“[DISA] will operate on the networks. They'll be part of our defensive effort so they will be out operating on the networks just like us,” he added.

“One of the core missions is the defense of the DoDIN,” Rogers said. “The forces associated with that mission will be assigned to DISA, to the services [and] to the combatant commanders.” So, he added, DISA will have operational control over some of the cyber mission force to help execute their mission.

Another of Rogers’ priorities for Cybercom is to help develop a common situational awareness of “what’s happening in DoD networks,” he said.

The commander highlighted the need for speed and agility in the cyber arena, adding, “If you can’t visualize what you’re doing … you’re not going to be fast or as agile, and thus arguably not as effective as you need to be.”

Rogers said, “As an operational commander I am used to the idea of walking into a command center, looking at a visual depiction that through symbology, color and geography enables me to very quickly come to a sense of what's happening in this space. We are not there yet in the cyber arena.”

Establishing situational awareness in the cyber realm is a combination of technology and capability, the admiral said, and determining what knowledge is needed and what elements contribute to that.

“Is what U.S. Cyber Command needs to know about what's going on in the network world the same thing as a strike group commander needs in the Western Pacific? The same thing an Air Force air wing needs in Minot, North Dakota? The same thing a brigade combat team needs in Afghanistan? It will vary, so we've got to create a system that you can tailor to the needs of each commander,” he said.
Rogers noted there are many ongoing efforts to improve situational awareness, pointing out the need to work collaboratively to fix the problem.

“We do have some tools right now,” he added. “They’re just not as mature and comprehensive as I'd like them to be.”
Cyber is foundational to the future, the admiral said, and he often comments to his fellow operational commanders that cyber is a mission they have to own.
“The wars of the 20th century taught most warfighting professionals that, no matter what you do, a good foundational knowledge of logistics is probably going to stand you in good stead,” Rogers explained.

In the 21st century, he added, operational commanders may find that, regardless of their mission, they will need a sense of what’s going on in their networks, where they’re taking risk, and the impact of network structure and activities on their ability to execute the mission.

“It’s not something you turn to your communications officer … or your CIO and say, ‘I don't really understand this. Go out and do some of that for me.’ That isn't going to get us where we need to go,” the admiral said.

Rogers elaborated on the need for Cybercom to be ready.

During his time as Cybercom commander, he said he expects that a nation-state, group or individual will attempt to engage in offensive, destructive capability against critical U.S. infrastructure, from the power grid to the financial sector.
The Presidential Policy Directive for Critical Infrastructure Security and Resilience outlines 16 designated U.S. Critical Infrastructure sectors.
Rogers says he tells his team they have to be ready to respond to such a call. But for an attack on the United States, Cybercom will support the Department of Homeland Security, which is the lead agency for broader security protections associated with critical infrastructure, and partner with the FBI, which is the lead agency for domestic attacks and law enforcement.

“Our biggest focus really is going to be bringing our capabilities to bear to attempt to interdict the attack before it ever gets to us,” the admiral said.

“Failing that,” he continued, “we'll probably also have some measure of capability that we can provide to work directly with those critical infrastructure networks to help address the critical vulnerabilities and where the networks could use stronger defensive capability.”

To prepare for such interagency collaboration in the event of a domestic cyberattack, the command trains as it will fight, Rogers said.

“In the military I'm used to the idea that you train like you fight. So we exercise [and] we replicate the things we think are going to occur in a combat scenario,” the admiral said. “I want to do the exact same thing with the same set of teammates I'm going to operate with if we get the order to do so.”

The department and Cybercom already do internal exercises, he said, as well as ongoing interagency exercises such as Cyber Guard, in which elements of the National Guard, reserves, NSA and Cybercom exercise their support to DHS and FBI responses to foreign-based attacks on simulated critical infrastructure networks.

The whole-of-government exercise, completed June 17, was designed to test operational and interagency coordination and tactical-level operations to prevent, mitigate and recover from a domestic cyber incident.

Cyber Guard is a good example, Rogers said, “but I want to build on that. DHS and FBI were there but I think we can do even more.”

Information sharing and partnerships with the critical infrastructure sectors is an important aspect of enabling Cybercom to more effectively interdict and stop an attack, if directed to do so by the president and defense secretary, he added.
The cyber threat is growing increasingly complex, the Cybercom commander said, and a more diverse set of actors is involved in the mission set, “from nation-states that continue to increase their capabilities, to groups, to individuals.”

In broad terms, he added, “you don’t see a crisis in the world today that doesn’t have a cyber aspect to it.”

For that reason and others, the ultimate construct of Cybercom must be flexible, the admiral said.

“If you want to develop full-range capabilities and generate the maximum flexibility for their application, you’ve got to build a construct that recognizes we’re going to be supported sometimes, we’re going to be supporting other times, and sometimes we’re going to be doing both simultaneously,” Rogers said.
In one scenario Cybercom might be helping the commander in the Pacific, he said, and “at the same time we might be driving efforts to secure the U.S. financial infrastructure … and trying to support U.S. Central Command.

“It’s just the nature of things,” Rogers said, “because cyber is so global and so foundational.”


Sunday, July 7, 2013

DOD SAYS PEOPLE AND PARTNERS ARE CRITICAL CYBER NEEDS


Navy Lt. John Knolla mans the tactical action officer watch in the combat direction center aboard the Nimitz-class aircraft carrier USS Ronald Reagan during Exercise Valiant Shield 2006 in the Philippine Sea. Valiant Shield focuses on integrated joint training among U.S. military forces, enabling real-world proficiency in sustaining joint forces and in detecting, locating, tracking and engaging units at sea, in the air, on land and in cyberspace in response to a range of mission areas. U.S. Navy photo by Airman Christine Singh 
FROM:  U.S. DEPARTMENT OF DEFENSE 

Critical Cyber Needs Include People, Partners, General Says
By Cheryl Pellerin
American Forces Press Service

WASHINGTON, July 2, 2013 - Despite the inherent technical "geekiness" of cyberspace and urgent Defense Department efforts in that area, people and partners are among DOD's most critical cyber needs, the senior military advisor for cyber to the undersecretary of defense for policy said last week.
Army Maj. Gen. John A. Davis spoke to a large audience at the June 25-27 Armed Forces Communications and Electronics Association International Cyber Symposium in Baltimore.

Cyber partnerships such as those with the National Security Agency and the Defense Intelligence Agency and external partnerships such as those with industry, international allies and academia represent a transformation in the way DOD approaches cyber, Davis said.

For more than two years, he said, "DOD has been fundamentally and deliberately transforming the way we think, the way we organize, the way we train and equip, the way we provide forces and capabilities, the way we command and control those forces, the way we operate and the way we insure leadership and accountability for cyberspace operations."

Even the general's job as military advisor for cyber, a new position formally approved in August in an environment of reduced resources, "is an indication of how seriously senior department leaders are taking this subject," he said.
The standup of U.S. Cyber Command in 2010 was part of this transformation, he said.

"It brought together disparate cyber functions of operating our networks, defending our networks and applying offensive capabilities against adversary networks," said Davis, adding that Cybercom's collocation with the National Security Agency at Fort Meade, Md., greatly improved DOD cyber capabilities.

"There's a much better integration of intelligence through NSA's hard work," the general said. "From shared situational awareness to a common operational picture, NSA is doing some really great work. Leveraging their skills and expertise is not only an operational advantage, it's a necessity."

Beyond NSA's technical focus, Davis said, DOD needs broad strategic context for intelligence to fulfill its cyber mission and that DIA, along with other intelligence community organizations, plays a critical role.

Ultimately, people and organizations who work against the United States and its allies in cyberspace are behind the development of malicious code and software, he said.

"This is where DIA is helping us refine and improve our indications and warning so it's not limited to actions taking place at the speed of light, but actions by humans and organizations and processes that might help us ... act with more options for leadership decisions," the general added.

As it does with interagency partners at the Department of Justice's FBI and the Department of Homeland Security, DOD builds capabilities in cyberspace by working with industry, international partners and academia.

In its work with the defense industrial base, or DIB, DOD is the sector-specific agency under Homeland Security for interacting with the DIB.

In 2010, the voluntary DIB Cybersecurity Information Assurance, or CS/IA, effort opened as a permanent program after a pilot period with 34 companies. Activities under the program enhance cybersecurity capabilities to safeguard sensitive DOD information on company unclassified information systems.

With the publication of a federal rule in 2012, DOD expanded the program, and nearly 100 companies now participate. At the same time, the optional DIB Enhanced Cybersecurity Services, or DECS, became part of the expanded DIB program.
Homeland Security officials said DECS is a voluntary program based on sharing indicators of malicious cyber activity between DHS and owners and operators of critical infrastructure. The program covers 18 critical infrastructure sectors, including banking and finance, energy, information technology, transportation systems, food and agriculture, government facilities, emergency services, water, and nuclear reactors, materials and waste.
"DOD relies heavily on critical infrastructure, which is in part why the department has a role to play in providing support to defend these commercial systems," Davis said. More than 99 percent of electricity and 90 percent of voice and communication services the military relies on come from civilian sources, he noted.

"Defending our networks is a challenge that's not getting any easier because of our reliance on key networks and systems that are not directly under DOD's control," the general observed.

Davis said the DIB CS/IA program and DECS "are part of a whole-of-government approach to improve the nation's cybersecurity posture. It's a holistic approach, because that's what's required in order to achieve this goal."

DOD international engagement supports the U.S. International Strategy for Cyberspace and President Barack Obama's commitment to fundamental freedoms, privacy and the free flow of information, and the right of self-defense, Davis said.
DOD's ongoing cyber engagement with allies and close partners takes many forms, he added, including sharing information about capabilities and processes, warning each other about potential threats, sharing situational awareness and fielding more interoperable capability.

Such engagement includes joint training venues and exercises, he said -- "everything from tabletop exercises to more sophisticated exercises, and we're doing joint training and putting cyber into our bilateral exercises on a more regular basis."

With the State Department and other interagency partners, the general added, DOD participates on cyber matters in bilateral, multilateral and international forums, such as the United Nations and NATO.

"As an example of a critical bilateral relationship," he said, "I've had the great honor twice in the past year to engage as part of a U.S. academic and government interagency forum with counterpart Chinese academic and government organizations."

The last meeting was in Washington in December, Davis said.
"We recognize China as a rising power and one of the world's leading voices in this discussion, so senior government officials across the interagency have actively engaged their Chinese government counterparts, including their military [counterparts] ... in a number of ways already and we would like to see those engagements expand," Davis said.

On July 8, DOD officials and several interagency partners "will hold a working group meeting on cyber with our Chinese counterparts to talk about this directly and to strive for concrete solutions with actionable steps for progress," he added.
DOD's partnership with academia addresses what Davis describes as the department's biggest challenge going forward: building the cyber workforce.
"DOD is looking at ways to fundamentally change the way it recruits, trains, educates, advances and retains both military and civilians within the cyberspace workforce," he said. "The vision is to build a system that sustains the cyberspace operations' viability over time, increases the depth of military cyberspace operations experience, develops capable leaders to guide these professional experts ... and ensures that we build real cyberspace operational capability from within our human resources into the future."

The department is looking to partner in new ways with other federal, academic and private institutions, he said, to attract and retain skilled professionals in cyberspace.

"While cyber is always viewed as a technical area," Davis said, "the fact is it's always about people. People are going to make the difference in cyber, just as they have in every other dimension of DOD operations. So we must get the people part right to guarantee success for the future.

Search This Blog

Translate

White House.gov Press Office Feed