DOD Reviews Cyberspace Rules of Engagement

WASHINGTON, March 20, 2012 — Whether by land, sea or air, Defense Depart­ment lead­ers have long craft­ed rules of engage­ment to deter­mine how, where and when they can attack the ene­my. They expect soon to com­plete the same for their newest domain: cyber­space, the assis­tant sec­re­tary of defense for glob­al strate­gic affairs said today.

“We are work­ing close­ly with the Joint Staff on the imple­men­ta­tion of a tran­si­tion­al com­mand-and-con­trol mod­el for cyber­space oper­a­tions” while review­ing exist­ing rules of engage­ment, Made­lyn R. Cree­don told the House Armed Ser­vices Committee’s sub­com­mit­tee on emerg­ing threats and capa­bil­i­ties.

Tere­sa M. Takai, DOD’s chief infor­ma­tion offi­cer, and Army Gen. Kei­th Alexan­der, com­man­der of U.S. Cyber Com­mand, joined Cree­don at the hear­ing.

“This inter­im frame­work,” Cree­don told the pan­el, “will stan­dard­ize exist­ing orga­ni­za­tion­al struc­tures and com­mand rela­tion­ships across the depart­ment for the appli­ca­tion of the full spec­trum of cyber­space capa­bil­i­ties.”

Describ­ing DOD’s strate­gies for oper­at­ing in cyber­space, Cree­don said the depart­ment main­tains more than 15,000 net­work enclaves and 7 mil­lion com­put­ing devices in instal­la­tions around the globe.

DOD con­tin­ues to devel­op effec­tive strate­gies for ensur­ing the Unit­ed States is pre­pared for all cyber con­tin­gen­cies along the entire spec­trum,” she added, “from peace to cri­sis to war.”

In times of fis­cal con­straint, Cree­don said, DOD also is tak­ing advan­tage of effi­cien­cies pro­vid­ed by infor­ma­tion tech­nol­o­gy advances.

“The depart­ment has been work­ing around the clock, often in close coop­er­a­tion with the Depart­ment of Home­land Secu­ri­ty and oth­er agen­cies,” she said, to pro­tect the nation from cyber threats that include the theft of intel­lec­tu­al prop­er­ty, as well as dam­age to the defense indus­tri­al base, the econ­o­my and nation­al secu­ri­ty.

The depart­ment hit a “sig­nif­i­cant mile­stone” last July with the release of its first strat­e­gy for oper­at­ing in cyber­space, Cree­don said. The doc­u­ment builds on Pres­i­dent Barack Obama’s Inter­na­tion­al Strat­e­gy for Cyber­space and the DOD Qua­dren­ni­al Defense Review, and guides the department’s mil­i­tary, busi­ness and intel­li­gence activ­i­ties in cyber­space in sup­port of nation­al inter­ests, she said.

The DOD works close­ly with col­leagues in the depart­ments of Home­land Secu­ri­ty, Jus­tice, State, Trea­sury, Com­merce and oth­er agen­cies, she added, and pur­sues bilat­er­al and mul­ti­lat­er­al engage­ments to enhance secu­ri­ty and devel­op norms of behav­ior in cyber­space.

Takai told the pan­el that DOD’s $37 bil­lion infor­ma­tion tech­nol­o­gy bud­get request for fis­cal year 2013 includes a range of IT invest­ments, includ­ing $3.4 bil­lion for cyber secu­ri­ty efforts to pro­tect infor­ma­tion, infor­ma­tion sys­tems and net­works against known cyber vul­ner­a­bil­i­ties.

It also includes $182 mil­lion for Cyber Com­mand for cyber net­work defense, cryp­to­graph­ic sys­tems, com­mu­ni­ca­tions secu­ri­ty, net­work resilien­cy, work­force devel­op­ment, and devel­op­ment of cyber secu­ri­ty stan­dards and tech­nolo­gies depart­ment-wide.

Among efforts to improve effec­tive­ness and effi­cien­cy, Takai explained, “is con­sol­i­da­tion of the department’s IT infra­struc­ture, net­works, com­put­ing ser­vices, data cen­ters, appli­ca­tion and data ser­vices, while simul­ta­ne­ous­ly improv­ing the abil­i­ty to defend that infra­struc­ture against grow­ing cyber threats.”

Her office is lead­ing the imple­men­ta­tion of the ini­tia­tives, the chief infor­ma­tion offi­cer added, “but it is impor­tant that we work close­ly with the ser­vices, Joint Staff and U.S. Cyber Com­mand to more aggres­sive­ly mod­ern­ize our over­all infor­ma­tion sys­tems.”

A pil­lar of that mod­ern­iza­tion is a move to a sin­gle, joint net­work archi­tec­ture, Takai said, allow­ing DOD and Cyber Com­mand bet­ter vis­i­bil­i­ty into net­work activ­i­ty and bet­ter defense against cyber attacks.

Indi­vid­u­al­ly, she said, the ser­vices and agen­cies have tak­en action to bet­ter posi­tion the infor­ma­tion enter­prise and secu­ri­ty pos­ture.

The depart­ment has made sig­nif­i­cant progress in sev­er­al areas, Takai said. One effort involved deploy­ing a mod­u­lar sys­tem called a host-based secu­ri­ty sys­tem that enhances sit­u­a­tion­al aware­ness of the net­work and improves the abil­i­ty to detect, diag­nose and react to cyber intru­sions.

“We’ve also tak­en the lead in assess­ing the risk of the glob­al sup­ply chain to our crit­i­cal infor­ma­tion and com­mu­ni­ca­tions tech­nol­o­gy,” Takai added, and has insti­tut­ed a suc­cess­ful defense indus­tri­al base cyber secu­ri­ty and infor­ma­tion assur­ance pro­gram.

Alexan­der said cyber defense requires con­tri­bu­tions not only from DOD, but from Home­land Secu­ri­ty, the FBI, and the Defense Infor­ma­tion Sys­tems Agency — “all key part­ners in help­ing us do our cyber mis­sion.”

Cyber space is becom­ing more dan­ger­ous, he added.

“The intel­li­gence community’s world­wide threat brief to Con­gress in Jan­u­ary raised cyber threats to just behind ter­ror­ism and [nuclear] pro­lif­er­a­tion in its list of the biggest chal­lenges fac­ing the nation.”

The task of assur­ing cyber­space access, the gen­er­al said, “has drawn the atten­tion of our nation’s most senior lead­ers over the last year and their deci­sions have helped to clar­i­fy what we can and must do about devel­op­ments that great­ly con­cern us.”

Cyber Com­mand is specif­i­cal­ly charged with direct­ing the secu­ri­ty, oper­a­tion and defense of DOD’s infor­ma­tion sys­tems, he added, “but our work and actions are affect­ed by threats well out­side DOD net­works … threats the nation can­not afford to ignore.”

Dan­gers are not some­thing new in cyber­space.

“Nation-state actors in cyber­space are rid­ing a tide of crim­i­nal­i­ty,” the gen­er­al said. “Sev­er­al nations have turned their resources and pow­er against us and for­eign busi­ness­es and enter­pris­es, even those that man­age crit­i­cal infra­struc­ture in this coun­try, and oth­ers.”

For the pan­el, Alexan­der described five key areas Cyber Com­mand is work­ing on:

— Build­ing the enter­prise and train­ing the force;

–Devel­op­ing a defen­si­ble archi­tec­ture;

–Get­ting author­i­ties need­ed to oper­ate in cyber­space;

–Set­ting the team­work prop­er­ly across U.S. gov­ern­ment agen­cies; and

–Cre­at­ing a con­cept of oper­a­tions for oper­at­ing in cyber­space.

“I think we’re mak­ing progress,” Alexan­der said, “but … the risks that face our coun­try are grow­ing faster than our progress and we have to work hard on that.”

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)