By Claudette Roulo
DoD News, Defense Media Activity
WASHINGTON, Nov. 15, 2014 – "Cyber blur" is an
enormous challenge to those seeking to defend the nation's networks, Navy Adm.
Michael S. Rogers, the National Security Agency’s director, said today.
At the Reagan National Defense Forum in Simi Valley,
California, Rogers, who’s also commander of U.S. Cyber Command and chief of the
Central Security Service, explained that network defense isn't an either-or
proposition that can be neatly divided into public sector, private sector and
national security responsibilities.
"This is the ultimate team sport," he said.
"There is no single sector, there is no single element of this population,
there is no single element within the government that has the total answer. It
will take all of us working together to make this work."
The nation's adversaries don't hesitate to blend public and
private capabilities in the cyber realm, either, he said.
"The biggest thing that concerns me ... in the
immediate near term is we're taking capabilities, whether it be nation-states,
groups or individuals, and I'm watching some of these blur and create
partnerships that make attribution more difficult. They clearly are intended to
try to stymie attribution as well as policy decisions on our part," Rogers
said. "... This is going to require us to think a little
differently."
National Cyber Strategy
Lack of a cyber strategy that includes not just national
defense, but public and private sector networks, has created a situation where
attackers run little risk by engaging in attempts to penetrate inner systems
and steal information, the admiral said.
"My concern there is, if we're not careful and this
trend continues, this will encourage nation-states, groups or individuals
potentially to start to engage in ever more escalatory and riskier behavior,
and that's not a good thing for us as a nation," he said.
Right now, there's a broad consensus on what elements need
to be addressed by a national cyber strategy, Rogers said, but the challenge
has been in coming to an agreement on specifics.
"From a Department of Defense perspective, I'm very
comfortable with the vision we have in terms of how do we create capability,
what skill set should it have, how should it be employed operationally, how
should it be integrated -- cyber's got to be integrated with a much broader
effort," he explained. "I'm not a big fan of looking at cyber kind of
in isolation."
Bridging the Corporate Divide
Rogers said he's visited Silicon Valley twice in his seven
months in office in an effort to bring together the public- and private-sector
sides of the nation's cyber workforce and find some agreement between the needs
of corporate cyber and national defense.
"We have got to understand each other, and I'm watching
two cultures that are largely just talking past one another," the admiral
said. "Not because one is good and one is bad but because they're two
different cultures with really different views of the world around them [and]
lack of familiarity with the other side.
"If we are each going to vilify each other, we will get
nowhere,” Rogers continued. “It cannot be that one of us is good and one of us
is bad. We each have a valid concern, and what's the way that we can work
together to make this work."
No comments:
Post a Comment