Blog     e-Newsletter       Resource Library      Directories      Webinars     Apps
AFCEA logo


Tuesday, March 09, 2010
Joe Mazzafro

As the Congress and the DC dignitary debate if health care is affordable given the nation's first trillion dollar annual debit incursion, I am wondering where the money would come from should the United States need to defend its national interests against another Al Qaeda attack or worse.  The President has already frozen budgetary growth for all discretionary spending not related to national security, but can the Defense Department and Intelligence Community remain fenced for much longer given the increasing national debt ----- the size of which already is a national security concern in its own right?

There is another debate occurring between former DNI Mike McConnell and newly appointed White House Cybersecurity Coordinator (aka czar?) Howard Schwartz regarding whether the United States is an unwilling/unacknowledged participant in cyberwarfare.  McConnell says we are close if not already so involved; Schwartz says we are not.  I would have a better idea of who was more proximate to right if I actually knew what constituted cyberwarfare.  I use to think as a naval officer that a physical attack on a U.S. Navy warship was an obvious act of war, but then the USS Cole was declared a "crime scene" so I am certain I have no idea what even loosely defines an act of cyberwarfare.  To be effective the newly formed US Cyber Command is going to have to develop rules of engagement (ROE) based on what is "hostile intent" and an "act of war" in cyberspace that will strain the current boundaries of both military doctrine and law.  Even more immediately if I where assigned as CYBERCOM’s J2 I would be concerned with how to do collection management, targeting, and post action assessment in cyberspace.  Other questions on my mind would be what constitutes "order of battle" in cyberspace; how do you do meaningful net assessment?  My hair would begin to really hurt when the topics shifted to threat warning and dissemination to non-SCI cleared elements and foreign partner information sharing.

Sounds like there is lots of deep thinking for military and intelligence scholars to do regarding the metaphysics of cyberspace so lets move on  ---- or back to our last discussion on "Systemic Failure or Irrelevance" of the IC, which drew several interesting and insightful comments.

First, I want to note that from their reaction it now seems clear that General McCrystal, General Patreaus, Admiral Mullen and Secretary Gates were all aware of MG Flynn's assessment of the changes needed in the Afghanistan intelligence domain to insure mission success of defeating a Taliban lead insurgency against the central Afghan government.  Even more significantly they did not object to it being unclassified and published for wide distribution by a private sector think tank. Given the lessons learned from Desert Storm, the overthrow of the Taliban post 9/11 and Operation Iraqi Freedom as well as the findings from the 9/11 and Weapons of Mass Destruction Commissions, Flynn's "FIXING INTELLIGENCE" thesis is distressing to me because it reveals that the military intelligence community continues to cling at least sublimely to its Cold War mindset with collection, analysis, and operations being remote and separate from each other.  As with cyberwar, the intelligence needs associated with irregular warfare also appear to be not well articulated or understood yet.

Second, I hope most of you saw AFCEA Intelligence Committee Chairman Bill Nolte's commentary on the AFCEA Intelligence website: where Bill asks "How Good Should Intelligence Be" and by extension what are reasonable metrics for assessing how good it is?  In the aftermath of the intelligence community's collective failure to "no fly" Abdulmutallab (a.k.a. Passenger 19A) on December 25th, Bill’s central point is captured in a rhetorical question of "should the public expect intelligence to eliminate threats any more than they expect police services to eliminate crime?”" The answer is obviously NO, but this got me to thinking what should American people expect from their $75 billion intelligence enterprise?  My immediate response was (and still is) military forces are not expected to eliminate wars, but they are expected to win them so is it not reasonable to expect the intelligence community to undermine the threat of terrorism (or cyber events, irregular warfare, etc.) over time?  Some will properly argue that intelligence does not have the bandwidth to deal with all the threats confronting national security,  if that is the case then the leadership of the intelligence community must advise the political leadership of the nation (probably in a classified setting) where the nation can best take more risks because of insufficient intelligent resources.

Another way of thinking about what metrics might be meaningful for the intelligence community is to suppose that the DNI was an elected position.  This is a bad idea of course, because the campaigning would lead immediately to meaningless counter claims about who could provide the best intelligence for the least cost by reducing waste and still protect the civil liberties of all Americans. Remember the old adage about which two of the three do you want? Nonetheless, and elected DNI position would be an interesting way for the American people to express what they want their intelligence community to do for them.  In a popular contest to become DNI, I wonder how long it would be before at least one of the candidates began to run ads after focus group testing promising to use the unequaled technical and human resources to insure that government understands the future threats it has to protect the republic from vice extrapolating threats from the recent past into the present?

That's what I think; what do you think?



Few comments:

1. Look what happens every now and then when we elect Presidents. As a citizen, do you want that happening when an ODNI is elected? I don't. The technical/operational/analytical/programmatic qualifications for the job are simply more stringent and non-negotiable.

2. On the matter of the Abdulmuttalab case, check out the latest from today's NCTC Congressional Testimony:

3. So often I think what are characterized after-the-fact as mainly IC failures could more accurately be described as policy, doctrinal or cultural failures across or within other parts of the USG. Drawing from Travers' testimony, setting "reasonable suspicion" and "specific minimum deragatory information" thresholds way too high (as a prerequisite to action) seems to be the operative problem. That and some fundamental failures to fuse/analyze and act on information that was known.

4. It'll take a few more nasty incidents costing significant numbers of innocent lives to cause a whole-scale review of our policy/doctrine vis-a-vis lone or loosely-networked jihadists all around the world. What I find most notable about Mr. Travers' testimony is the lengths to which he goes in pretty much rationalizing every aspect of the process, including the thresholds for resolute reporting, presumably driving resolute action. As a taxpayer and citizen, I expect a more serious and critical executive review than what is implied in Travers' explanations. The overall tone seems to be defensive and dismissive that anything notable is wrong with how these things are done. Yet on the bottom of page 2, he as much as acknowledges that this particular scenario might have been pieced together in such a way as to drive a much more resolute and time-sensitive response.

5. Unfortunately the IC has become such a politicized entity -- it bends, sways, breaks, rebuilds itself in places, collapses in other places, all as an outcome of the frequent ideological shifts that happen in the political sphere of our country. I'm quite sure the tone being communicated to the most senior IC folks right now from this administration, and probably even from Congress, is that they better be damned careful about being too aggressive with preemption of threats. I think that tone is deeply damaging to the IC and the country's security. The uber-careful tone and content of Travers' testimony is something we'd all better get used to. Until the winds of political/ideological change blow again.

Best, Dave

By Dave McDonald

JoeMaz's point about how the USCYBERCOM J2 will perform its mission, functions, and tasks is a valid concern. Of equal and probably more pressing is how the Sub-Unified, Four Star Commander will integrate all staff functions for military decision making and command and control. The cyber domain will indeed strain current JCSP/JOPES processes, much like the joint and service C2 issues strained the doctrinal boundaries in the information domain debate -Commander or Coordinator?

By John Liles

John/Dave thanks for insights and feedback

On cyber the J2 is going to be the keeper of operations at least at the outset because of SCI classification. I expressed concerns about skills needed by CYBERCOM J2, but John reminds me that more often than not CyberCom is going to be the supporting command for an engaged CoCom were neither the commander the J2, 3, 5, or 6 are going to have much cyber domain experience.

Dave I agree with you about policy failure re FLT 253 and saw Russ Travers statement as completely defensive. More importantly this incident shows the shallowness of information sharing: the act of sharing is unimportant if it does not cause or enable beneficial action. Regardless of whether FLT 253 failure was the result of technology, policy, conops, ttp's, etc at the end of the day NCTC as a proxy for the IC failed to adequately warn. I said electing DNI's is a bad idea for all the reasons you articulate Dave, but came up with the election metaphor because when elected officials fail they are not usually returned to office. To date no one in authority as resigned or been fired over FLT 253 so the questions of responsibility and accountability remain unaddressed telling the IC workforce that failure is acceptable because the work is hard. I know you and cannot fathom that on a nuclear submarine where the work is extremely technical and difficult, but if there is significant failure on an SSN not only is Captain relieved immediately but the chain of command above him has to explain why the skipper was there and how come his shortcomings were not identified before disaster? joemaz

By Joemaz