The concept and practice of cyber operations are topics of considerable discussion. I thought about what I could add to this dialogue, and I came down on the side of making one more case for a comprehensive, holistic view of cyber.
Recently, a good friend of AFCEA, Brig. Andy Bristow, BA, who currently is chief of staff of the U.K. National Contingent Afghanistan, spoke at the MILCOM 2011 conference in Baltimore. Using the Afghan Mission Network as a good example of an effective coalition network, Andy pointed to the fact that the 50 participating nations in the coalition—49 plus Afghanistan—can share information, including video, throughout the theater and back to home-nation systems easily. The largest problem remaining, he says, is to rationalize the security and access policies of the member nations so that needed information sharing is not blocked and that appropriately sensitive information is protected.
In the United States, the cyber problem applies to defense, homeland security, intelligence, the remainder of federal, state and local government, and even individual citizens who need to understand how to protect their systems. It is the sheer magnitude of the problem and the number of players that make this so difficult. While understanding, cooperation and coordination have increased among the various parts of government and between government and industry, much work remains to be done. A clearer understanding of the roles of the various players is needed, as is more consensus around priorities and the associated funding. Threats in the cyber domain exacerbate the problem, and these risks are growing daily.
In NATO and the European Union, the problem is similar. In that environment, questions surround the roles of NATO Headquarters and the European Union versus the member nations. Issues also remain to be resolved about the respective roles of NATO and the European Union. NATO only recently has included cyber in the NATO strategic plan.
There are also concerns with regard to NATO engagement in the event of a cyber attack. One question has been asked repeatedly: Are there conditions under which Article 5 of the NATO agreement would be triggered? Article 5 deals with NATO as an alliance coming to the defense of a member nation under attack. The only time it has been invoked was after the September 11, 2001, attacks on the United States. Until now, the answer to an Article 5 cyber application has been no, primarily because of the difficulty in achieving near-real-time attribution for the attacker.
Two of the areas requiring the most work going forward in cyber are total network situational awareness and real-time or near-real-time forensics to allow rapid identification of potential adversaries. Absent these capabilities, it takes too long to identify attackers, and the potential for false indicators leading to misidentification is great. The United States and NATO, along with our coalition partners, share this important constraint.
Also, the cyber work force is evolving over time. The increased focus on security and the expansion of the scope to include critical infrastructure and information have increased dramatically the demand for a professional work force possessing all of the relevant skills that are needed in security, information technology, networking, communications, forensics, legal and other related fields. The problem is that the entire complex set of international players is competing for these people, and a shortage exists. Additionally, not enough students are graduating from colleges and universities to make up the shortfall. The United States and many of its allies are lagging behind the rest of the world significantly in science, technology, engineering and mathematics (STEM) education. AFCEA, through scholarships and grants, has been working to stimulate STEM education, as have many of its member companies. I encourage you to do all you can in this area, because education in the technical disciplines will be key to sustaining our position in the cyber domain.
Here at AFCEA International Headquarters, we have a Cyber Committee. This very talented group already has done some very good work even though it is our newest committee. When we started this committee, we were determined to create a multidisciplinary group that represented all parts of government and industry. As a result, we have members from defense, intelligence, law enforcement, the legal community and homeland security in the United States as well as international coalition partners. On the technical side, we have hardware people, software developers, forensics experts, network operations leaders and security professionals, among others.
As all of you engage in this important area, please maintain the larger view. If we do not all work together, the potential for us to get behind the threat is great. Thank you again for all you do.