USA — Cyber Command Synchronizes Services’ Efforts

WASHINGTON, July 9, 2010 — Lead­ers of the new U.S. Cyber Com­mand have a long to-do list in cre­at­ing cen­tral over­sight for the military’s com­put­er net­works, includ­ing syn­chro­niz­ing what the ser­vices already have in place, offi­cials said yes­ter­day.

Lead­ers still are work­ing through the basic con­structs for the command’s mis­sion: What con­sti­tutes a “cyber attack?” When is law enforce­ment called? At what point does the Home­land Secu­ri­ty Depart­ment take over? That’s accord­ing to mil­i­tary and fed­er­al civil­ian lead­ers who spoke at a cyber­se­cu­ri­ty sym­po­sium here spon­sored by the Wash­ing­ton chap­ter of the Armed Forces Com­mu­ni­ca­tions and Elec­tron­ics Asso­ci­a­tion.

“We have lots of deci­sions to make in the cyber domain,” Navy Vice Adm. Carl V. Mauney, deputy com­man­der of U.S. Strate­gic Com­mand, said. Cyber Com­mand, which stood up in May, is a Strat­com sub­com­mand.

The military’s rapid­ly grow­ing depen­dence on net­work com­mu­ni­ca­tions, and the risk asso­ci­at­ed with it, has pushed the issue well beyond infor­ma­tion tech­nol­o­gy help desks, Mauney said.

“We can no longer approach this as an IT issue,” he said. “Our net­works are the com­man­ders’ busi­ness, just as they are a CEO’s busi­ness.

“We need to be pre­pared for our net­works to con­tin­ue to oper­ate in the face of a com­put­er net­work attack,” he added. “It’s not about hun­ker­ing down behind a fire­wall. It’s about the mil­i­tary being able to do the job they are called upon to do.”

Cyber Command’s require­ments, Mauney said, are sol­id net­work aware­ness, a con­ver­gence of oper­a­tions and pol­i­cy, and a shared sense of nation­al secu­ri­ty objec­tives.

Air Force Maj. Gen. Suzanne “Zan” Vautrinot, Cybercom’s direc­tor of plans and pol­i­cy, said com­mand lead­ers must ensure that all cyber ele­ments — includ­ing secu­ri­ty, pri­va­cy and capac­i­ty – are account­ed for. “It’s not a bal­ance. It’s a syn­er­gy of all the things it brings togeth­er,” she said.

Vautrinot not­ed that “nobody here has one job.” Those who lead each of the ser­vices’ cyber oper­a­tions are now “dual-hat­ted” to Cyber Com­mand, she said.

Air Force Brig. Gen. Gre­go­ry L. Brun­didge, deputy direc­tor of cyber for U.S. Euro­pean Com­mand, said it is crit­i­cal for the ser­vices to “har­mo­nize” their efforts. “The time we used to have to fig­ure things out, we don’t have that in cyber war­fare,” he said. “These are things that hap­pen in sec­onds and not hours, days, weeks and months.”

In his first six months deployed to Iraq, Brun­didge said, “we were fight­ing to get infor­ma­tion because every­one was report­ing up through their own ser­vices. If there is one les­son we’ve learned over the years, it’s that any­thing that brings our efforts clos­er togeth­er and har­mo­nizes things is going to get us much far­ther along in our jour­ney.

“What we’re all grap­pling with today is how … we bring all these things togeth­er that we have cre­at­ed in our own cocoons,” he said.

Marine Corps Maj. Gen. George J. Allen said cen­tral­iza­tion of cyber oper­a­tions has been good for the Corps, but that region­al help desks are being cre­at­ed to respond more quick­ly. Four ser­vice cen­ters are oper­a­tional, and four more are being built, he said.

“I can’t have a guy at [Marine Corps Base] Quan­ti­co [in Vir­ginia] telling guys at [Camp] Leje­une [in North Car­oli­na] what to do,” Allen said. “The help has to be on site. We need to respond much more rapid­ly.”

Maj. Gen. Paul F. Capas­so, chief infor­ma­tion offi­cer of the Air Force, not­ed that cyber war­fare has many mov­ing parts and cross­es many dis­ci­plines.

“We are mak­ing strides, but we’re not there yet,” he said. “We are in unchar­tered ter­ri­to­ry when comes to cyber law, cyber pol­i­cy and cyber doc­trine.”

As an exam­ple, Capas­so said, “I don’t think you’ll find one agreed-upon def­i­n­i­tion of cyber war­fare. Those basic def­i­n­i­tions and key con­structs are some­thing we’re work­ing very hard on.”

As for main­tain­ing secu­ri­ty, Mauney said, that means ensur­ing every com­put­er user fol­lows “good net­work hygiene.”

“This is about set­ting peo­ple to high stan­dards, and main­tain­ing those stan­dards,” Mauney said. Like hand wash­ing, he said, “it should be sec­ond nature to every­one oper­at­ing on the net.”

Allen said his biggest con­cern in cyber is edu­cat­ing all users about risks. Young peo­ple who have grown up with the Inter­net some­times aren’t cau­tious enough, such as some Marines who have post­ed their deploy­ment dates on Face­book, he said.

“Our biggest prob­lem is … the dig­i­tal natives who are very com­fort­able with YouTube and oth­er things who don’t under­stand the threats behind it,” Allen said. “That’s not their fault — that’s our fault. It’s a mat­ter of edu­cat­ing them.”

Even after Cyber Com­mand is ful­ly oper­a­tional, Mauney said, its staff will need to be flex­i­ble to change. “As the secu­ri­ty envi­ron­ment changes – and we know it will – we’ll have to change how we do busi­ness,” he said.

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

Team GlobDef

Team GlobDef

Seit 2001 ist GlobalDefence.net im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. GlobalDefenc.net war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →