Lynn Explains U.S. Cybersecurity Strategy

BRUSSELS, Bel­gium, , Sept. 15, 2010 — Deputy Defense Sec­re­tary William J. Lynn III detailed the Defense Department’s new cyber­se­cu­ri­ty strat­e­gy here today.

Lynn – who spoke at a gath­er­ing spon­sored by the Secu­ri­ty and Defense Agen­da after meet­ings at NATO and the Supreme Head­quar­ters Allied Pow­ers Europe on cyber­se­cu­ri­ty – described the strat­e­gy as hav­ing five “pil­lars.”

The first pil­lar is the recog­ni­tion that cyber­space is a new domain of war­fare, Lynn said.

“Like air, sea, land and space, we’re going to have to treat cyber­space as an are­na where we need to defend our net­works and to be able to oper­ate freely,” he explained.

There are obvi­ous dif­fer­ences, the deputy sec­re­tary acknowl­edged. Cyber­space is man-made, he said, and much of the infra­struc­ture is in pri­vate hands. But this does not mean it’s not crit­i­cal to mil­i­tary effec­tive­ness, he added.

“We need to treat it orga­ni­za­tion­al­ly as a domain – we need train­ing, we need doc­trine, we need all the ele­ments we apply to any oth­er domain,” he said. “That’s the fun­da­men­tal rea­son that the U.S. stood up the Unit­ed States Cyber Com­mand.”

The new com­mand has the lines of author­i­ty to man, train and equip for the new domain, he said.

The strategy’s sec­ond pil­lar is defens­es that go beyond pas­sive ones. “You can­not have a fortress men­tal­i­ty in this are­na,” he said.

The two main pas­sive defens­es – sim­ple com­put­er hygiene and fire­walls – will catch about 70 to 80 per­cent of the attacks, Lynn said. To get the rest, he added, “We need active defens­es, using sen­sors that are able to act at net­work speed to detect and then block the attacks on our net­works.”

“You also need the abil­i­ty to hunt and attack on your own net­works to get the intrud­ers who do get past the ini­tial defens­es,” he said.

The third pil­lar is to ensure the safe­ty of crit­i­cal infra­struc­tures. “It won’t do any good to pro­tect mil­i­tary net­works if your pow­er goes down,” said the deputy sec­re­tary explained.

Col­lec­tive defense is the strategy’s fourth pil­lar. “There is a strong log­ic to col­lec­tive defense in the cyber are­na,” Lynn said. “The more attack sig­na­tures you are able to detect ear­ly and build those into your defens­es, the stronger your defens­es will be.”

He likened this pil­lar to the Cold War strat­e­gy of shared ear­ly warn­ing. “Just as our mis­sile defens­es have been linked, so too, our cyber defens­es have to be linked as well,” the deputy sec­re­tary said.

The fifth pil­lar, Lynn said, is to keep the tech­no­log­i­cal advan­tage.

“We have a lead in infor­ma­tion tech­nol­o­gy, and it is crit­i­cal to both our secu­ri­ty and our economies to main­tain that,” he said. “We have to mar­shal our tech­no­log­i­cal dom­i­nance to ensure that the supe­ri­or mil­i­tary capa­bil­i­ties we’ve devel­oped are main­tained.”

Improv­ing train­ing, devel­op­ing arti­fi­cial intel­li­gence capa­bil­i­ties and tools such as an Inter­net train­ing range are among the invest­ments the Unit­ed States is mak­ing to main­tain this lead, Lynn said.

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

More news and arti­cles can be found on Face­book and Twit­ter.

Fol­low GlobalDefence.net on Face­book and/or on Twit­ter

Team GlobDef

Team GlobDef

Seit 2001 ist GlobalDefence.net im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. GlobalDefenc.net war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →