By Cheryl Pellerin
American Forces Press Service
WASHINGTON, June 2, 2014 – U.S. Cyber Command’s greatest
challenge is to operationalize cyberspace to turn the electro-digital network
of networks into a command-and-control environment where warriors can see the
adversary and whose operations defense leaders can integrate into options for
commanders and policymakers, the new director of the National Security Agency
and commander of U.S. Cyber Command said here last week.
Navy Adm. Michael S. Rogers was a keynote speaker May 28 at
the Armed Forces Communications and Electronics Association 2014 Cyber Summit.
The admiral told a large audience that he and his team are
working to develop a set of five capabilities that will enable the teams of
Cybercom to fight, if that becomes necessary, in cyberspace, which became a
military domain in 2010 with the stand-up of Cybercom as a subunified command
under U.S. Strategic Command.
Rogers also shared the early stages of an idea his team is
working through to make part of the Defense Information Systems Agency, or
DISA, a partner with Cybercom in defending DOD networks.
“At U.S. Cyber Command, as the new guy, I’ve said we need to
focus on what a subunified command should be doing and not doing. We've got to
optimize, focus and prioritize, so let's ask ourselves what we’re doing that we
shouldn't be doing,” Rogers said.
The admiral concluded that if Cybercom intimately focuses on
tactical-level details of defending the network, it would not accomplish much
more, and he turned to DISA. In its current role, he said, DISA is largely an
acquisition and engineering organization.
“I believe that for DISA to achieve what it needs to do with
respect to how it's going to operate and help us defend the networks, a portion
of DISA [must] become an operationalized entity focused on maneuvering and
defending the networks,” he said. “We have to give DISA the ability to come up
with a command-and-control node that can coordinate with others in defending
the DOD information networks.”
The Cybercom commander said that in this role, DISA “could
enable U.S. Cyber Command to function at the operational level of war. That's
our niche and that's where I think we generate the best return and the best
outcome.”
Cybercom teammates, including combatant commanders and
service chiefs, eventually will discuss a more fleshed-out version of the idea,
he added.
On Cybercom’s greatest challenge, Rogers offered five
capabilities that must exist if cyberspace is to become viable as a military
domain.
The first capability is a truly defensible network.
“Today we are … working with a series of networks in which
redundancy, resiliency and defensibility were never core design
characteristics,” Rogers explained. “We often treat defensive capability as
something that is literally bolted onto a system after we've done everything
else.”
The effort to create a defensible architecture is leading
Cybercom to reduce its number of networks and to focus on areas where the
networks have continuous public interfaces -- a source of particular
vulnerability, Rogers added.
OD’s fledgling Joint Information Environment, or JIE, is a
framework for modernizing DOD information technology systems and making them
more secure. The system includes overarching architectures, standards and
specifications; common ways of operating and defending DOD networks; and common
engineered-solution designs.
“We've already created a JIE structure in Europe as a test.
We're moving into the Pacific arena next and we'll continue to expand around
the world,” Rogers said. “We're trying to create a network in which
defensibility, redundancy and resiliency are core design characteristics from
the ground up.”
The second capability is common, shared situational
awareness in cyberspace.
The admiral said that at every level of maritime operations,
he’s used to walking into a command center that gives him a common picture of a
situation through the use of color, symbology and geography in a visual display
that lets him quickly gain situational awareness and make decisions.
“We do not have that right now in the cyber arena,” Rogers
said. “As I used to kid my teammates, how do you defend something you can't
see?”
Cybercom is in the early stages of putting together such a
capability, the admiral said, and it has proven to be a hard challenge.
“We're certainly not as far along as I would like but it's
not because of a lack of effort,” Rogers said, adding that he’s trying to bring
together separate efforts to create the capability across the department.
“In an era of declining resources we’ve … got to do this together
and we've got to divvy up who's going to do what,” he added.
The third capability involves Cybercom’s authorities and
responsibilities to act.
Within the Defense Department, Rogers said, he's comfortable
with Cybercom’s current authorities, “but when we start to go outside the
department, it gets a little more complicated.”
One mission set Cybercom anticipates receiving is in the
event of attempts to disrupt critical infrastructure in the United States, the
admiral said.
“It is our expectation that we are training and working
toward the ability to respond,” he added, “and it is my expectation that
potentially the president and the secretary of defense will turn to U.S. Cyber
Command and say, … ‘We're seeing activity X, and need you to be part of the
federal government's response to this.’”
As a department, the admiral said, DOD routinely provides
support to civil authorities in a multitude of mission areas, including
hurricanes and wildfires.
“I don't think cyber is going to be any different in that
regard,” Rogers said, “and I look for us to partner incredibly closely with our
friends at the Department of Homeland Security, DHS, which is the lead for
protecting federal networks” and for responding to cyber concerns outside the
federal government.
The FBI also plays an important role, he said.
DOD is measured in what it does within the United States
versus what it does overseas, Rogers said, “and we've got to be mindful of [the
Posse Comitatus Act] and this thing we call the law. We are not going to
violate that.”
Under the Posse Comitatus Act, service members and National
Guardsmen who are under federal authority can’t perform in a law-enforcement
capacity in the United States, unless the Constitution or Congress specifically
authorizes it.
“We’ve got to make sure the constructs we build enable us to
work within the U.S. legal [system],” Rogers said, so he and his Cybercom team
are discussing with officials at U.S. Northern Command, which has a primary
mission of homeland defense, how best to work with federal government partners.
“But clearly,” he added, “to work with other federal
partners, we’ll need some measure of authority and direction that we don't
enjoy day to day.”
The fourth capability for operationalizing cyberspace,
Rogers said, is to develop operational concepts and a command-and-control
structure that takes operating in cyberspace from dream to reality.
As U.S. Cyber Command generates teams of warfighters to
operate in cyberspace, its questions will include: Who will operate in
cyberspace? How will command and control work there? How will cyber operations
be prioritized? Who will make critical decisions about what Cybercom teams will
and won’t do in the cyber environment? What authorities are granted to which
individuals? How will Cybercom make the chain of command clear to everyone
operating in cyberspace?
None of this is unique to cyber, and for the military
services, it's nothing new, but one thing that does make cyber especially
challenging is a lack of physical geography, Rogers said.
“In the DOD framework, we often use geography as a way to
define responsibilities, carving the world up as regional combatant commands, …
and yet cyber doesn't recognize the geographic boundary thing,” the admiral
explained.
“If I'm looking at potential attack strategies against
critical infrastructure or … DOD networks, I’m watching a path that bounces
from a nation state, individual or group to infrastructure spread out in
countries that aren’t [our] particularly close friends or allies, then bounces
into U.S. infrastructure, bounces out again, and then comes back in directly at
the final target,” Rogers said.
U.S. Cyber Command must develop operational concepts and a
command-and-control structure that recognizes this reality, he added.
“Like any other military endeavor,” Rogers said, “we tend to
use intellectual thought, exercises and a variety of means in U.S. Cyber
Command and among the broader partner teams … to work our way through this.”
The admiral added, “I tell the team, don't fixate on cyber
as something unique that nobody understands. Ask yourself how we can translate
[into the cyber arena] the operational concepts all of us have spent our lives
in uniform learning and understanding as warfighters.”
The fifth area critical to operationalizing cyber is to
generate trained and ready forces, Rogers said, adding that generating such
forces and deploying them to operational commanders is a service mission.
To accomplish the mission, Rogers has mandated the following
three priorities:
-- Train everyone to the same set of standards.
-- Conform to a team structure that divides 6,000 people
into 133 teams that range in size from more than 60 individuals to about 20. At
U.S. Cyber Command, Rogers said, the goal is to have the 6,000 people trained
and certified by the end of 2016.
-- Generate capacities in the teams focused on defending the
networks -- combatant commander networks, service networks, DISA networks, DOD
enterprise networks, the DOD backbone, and, if needed, critical-infrastructure
networks.
“This is hardest in some ways, because to truly defend a
network takes a host of partners,” Rogers said, “[and] … synchronizing all
areas of defense at one time is master's-level command and control in the cyber
environment.”
The admiral said network defense may be Cybercom’s most
complicated task, “but I would argue it's the most important in some ways
because we’ll be tested every day on our ability to defend the department’s
networks and, if directed, defend other networks.”
Posts
No comments:
Post a Comment