USA — ‘Investing in People is Key’ at Cyber Command

WASHINGTON, March 17, 2011 — U.S. Cyber Com­mand is build­ing its work­force, launch­ing efforts with indus­try and work­ing with inter­na­tion­al part­ners to ful­fill an impor­tant mis­sion, the command’s leader said here yes­ter­day.
Cyber­com com­man­der Army Gen. Kei­th B. Alexan­der and James N. Miller, prin­ci­pal deputy under­sec­re­tary of defense for pol­i­cy, dis­cussed the command’s 2012 bud­get request and oth­er issues dur­ing tes­ti­mo­ny before a House Armed Ser­vices Com­mit­tee sub­com­mit­tee.

“Peo­ple are the big thing” at Cyber­com and “for our future invest­ing in peo­ple is key,” Alexan­der told legislators. 

Based at Fort Meade, Md., Cyber­com is charged with pro­vid­ing con­nec­tiv­i­ty and safe­guard­ing DOD’s and allies’ world­wide infor­ma­tion net­works. The com­mand reached full oper­a­tional sta­tus on Oct. 31, 2010. 

The cyber­se­cu­ri­ty bud­get request for 2011 is a lit­tle under” $3.2 bil­lion and “a lit­tle over” $3.2 bil­lion for 2012, Miller said. 

Alexan­der said work­force costs com­prise “the biggest por­tion” of Cybercom’s budget. 

The next-biggest por­tion of Cybercom’s bud­get pie goes toward facil­i­ties and infor­ma­tion tech­nol­o­gy infra­struc­ture, the gen­er­al added. 

“That accounts for anoth­er 25 per­cent of the bud­get, and oper­a­tions are the last part,” Alexan­der said. 

Mean­while, Cyber­com is build­ing capac­i­ty, he said, not­ing “the ser­vices are help­ing us do that.” 

The gen­er­al said the ser­vices are dis­cussing request­ing pro­fi­cien­cy pay for mil­i­tary lin­guists work­ing at Cyber­com and those with oth­er tech­ni­cal skills, although “right now that’s not an issue.” 

“The oth­er thing that we’re look­ing at is how to col­lapse some of our mil­i­tary occu­pa­tion­al spe­cial­ties down into a few that allow us to look at the full spec­trum [of cyber oper­a­tions],” Alexan­der added. “I think we need to do that and the ser­vices have been won­der­ful in set­ting that up.” 

A crit­i­cal task for Cyber­com, Miller said, “is to look hard at what we can do under exist­ing author­i­ties, includ­ing mak­ing bet­ter use of the Guard and Reserve.” 

The type of peo­ple pos­sess­ing the nec­es­sary skills for duty with Cyber­com “will span a wider range than the stan­dard pro­file for mil­i­tary ser­vice,” Miller said. 

Out­reach and pilot pro­grams will help attract those with need­ed skills, Miller said, “so that they see what DOD can pro­vide for their edu­ca­tion and that they can make a con­tri­bu­tion to nation­al secu­ri­ty as well.” 

In Jan­u­ary, Alexan­der said, the Navy Post­grad­u­ate School launched a tech­ni­cal master’s degree course either in com­put­er sci­ence or with major­i­ty of cours­es in cyber and cyber­se­cu­ri­ty-relat­ed disciplines. 

“That’s a step in the right direc­tion,” the gen­er­al said. 

Inno­v­a­tive joint efforts with fed­er­al agen­cies, Inter­net ser­vice providers and the defense indus­try con­sti­tute anoth­er focus for Cyber­com, Alexan­der told leg­is­la­tors. On Oct. 13, 2010, Defense Sec­re­tary Robert M. Gates and Home­land Secu­ri­ty Sec­re­tary Janet Napoli­tano announced an agree­ment for their agen­cies to work togeth­er on cyber­se­cu­ri­ty issues to pro­tect crit­i­cal mil­i­tary and civil­ian infor­ma­tion tech­nol­o­gy infrastructure. 

The agree­ment includ­ed a for­mal mech­a­nism for ben­e­fit­ing from the tech­ni­cal exper­tise of the Nation­al Secu­ri­ty Agency, which is respon­si­ble for pro­tect­ing nation­al secu­ri­ty sys­tems, col­lect­ing relat­ed for­eign intel­li­gence, and enabling net­work warfare. 

“The depart­ment does rec­og­nize that we’re depen­dent on both our part­ners in gov­ern­ment — the dot-gov and our part­ners in indus­try — to be able to con­duct and suc­ceed in mil­i­tary oper­a­tions,” Miller said. 

Two efforts under­way to address such issues, Alexan­der said, include the Endur­ing Secu­ri­ty Frame­work and the Defense Indus­tri­al Base pilot pro­gram. The Endur­ing Secu­ri­ty Frame­work, he said, is a part­ner­ship between gov­ern­ment with DHS, DOD, the Direc­tor of Nation­al Intel­li­gence and indus­try to look at crit­i­cal cyber­se­cu­ri­ty issues. 

If the part­ner­ship can iden­ti­fy com­mon prob­lems, Alexan­der added, “it’s been our expe­ri­ence that indus­try, in devel­op­ing much of that equip­ment, will go solve them, free to the gov­ern­ment. That is a huge step for­ward and we’ve made some tremen­dous jumps in that area.” 

Under the Defense Indus­tri­al Base pilot pro­gram are two sets of activ­i­ties, Miller said. 

“One is a broad defense indus­tri­al-base pilot in which we are shar­ing infor­ma­tion about poten­tial threats and look­ing at how to do that more effec­tive­ly,” he said. “It’s been a two-way street and very effec­tive. We’re look­ing to grow that.” 

In the sec­ond part, Cyber­com is work­ing with sev­er­al defense indus­tri­al base com­pa­nies and Inter­net ser­vice providers in a tech­nol­o­gy-shar­ing project that has not yet been launched, Miller said. 

“It’s some­thing that I hope we’re very close to ini­ti­at­ing, he added. 

Work­ing with inter­na­tion­al part­ners is anoth­er key ele­ment in Cybercom’s strat­e­gy, Miller said. 

Because the Unit­ed States “fights in a coali­tion,” he said, the U.S. mil­i­tary real­izes “the secu­ri­ty of our infor­ma­tion and our oper­a­tions both depend on the secu­ri­ty of our part­ners’ and allies’ networks.” 

Sig­nif­i­cant focus has been placed on work­ing with the mil­i­taries of Great Britain, Aus­tralia, New Zealand and Cana­da, Miller said. 

“We have long-stand­ing rela­tion­ships with them, and on intel­li­gence issues, and that’s been a good foun­da­tion for what we do in cyber as well,” he added. 

Anoth­er sig­nif­i­cant effort over the past year, Miller said, involved work­ing with NATO and mak­ing cyber­se­cu­ri­ty a key thrust of the NATO Strate­gic Con­cept at the Lis­bon Sum­mit. “The cyber­se­cu­ri­ty cen­ter that’s been estab­lished has begun to oper­ate,” he said, “but we have a lot more work to do there in NATO in terms of imple­ment­ing that effort.” The com­mand also is begin­ning to have “use­ful con­ver­sa­tions” on cyber­se­cu­ri­ty with South Korea and Japan, Miller said. 

“We also need to have con­ver­sa­tions about cyber and oth­er strate­gic issues with Rus­sia and Chi­na,” he added. “We’ve made some head­way with respect to Rus­sia in hav­ing the ini­tial con­ver­sa­tions on cybersecurity.” 

Asked what grade, on a scale of “A” to “F,” Alexan­der would give the Defense Depart­ment for its abil­i­ty to defend its net­works, the admi­ral said he would give DOD a “C.” “When you look [from] the prob­lems we had on our net­works a few years ago to where we are today, it’s a huge improve­ment,” the gen­er­al said. 

“I’d like to say an ‘A,’ but I think it’s going to take us some time to get to an ‘A,’ ” which Alexan­der described as rep­re­sent­ing an impen­e­tra­ble network. 

“But we have made it extreme­ly dif­fi­cult for adver­saries to get in, and every day we improve that,” the gen­er­al said. 

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs) 

Face­book and/or on Twit­ter