Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars     Apps     EBooks
   AFCEA logo
 

Navy Amasses Digital Armada

December 2011
By Robert K. Ackerman, SIGNAL Magazine
E-mail About the Author

 

Sailors in the combat information center of the guided missile cruiser USS Anzio monitor communications. The Navy is extending cyber operations throughout the service as it mainstreams what once was a niche discipline.

The sea service is marshalling its forces to cruise the cyber realm.

The U.S. Navy is operationalizing cyber throughout the service as it reconfigures both its force and its overarching network. The goal is to pull cyber operations out of the corner and into the middle of daily force activities as part of the Navy’s information dominance mission.

Achieving this goal will require substantial changes in both training and operations. Cyber activities must continue unabated as a host of potential adversaries threaten the network. And, success may depend on how well the Navy balances security requirements against the need to innovate on the fly.

These issues include where cyber fits into the concept-of-operations plan; where it fits into the operational plan; and how the tactics, techniques and procedures for information dominance in the cyberdomain affect changes—particularly for achieving kinetic and nonkinetic effects early in a conflict that would preclude the need to move to a higher level of warfare.

“The next step of taking information dominance forward is operationalizing it down to the core,” declares Rear Adm. Gretchen Herbert, USN, commander of Navy Cyber Forces. “What we don’t want is for cyberspace and cyber operations to be relegated to the domain of a specific job area. We want to make it part of everything that we do throughout mission planning and warfighting.”

The aim of this approach is to have necessary cyber information readily available for the commander without that leader needing to extract it from a niche position in the realm of operational information. For example, if a commander sees that battlespace communications are hampered in a particular sector, he or she would be able to determine if it was caused by adversarial actions and respond accordingly. Because that cyber information was not stashed in a specific realm, such as communications or intelligence, the commander would be able to understand second- and third-order effects of cyber.

As part of this thrust, the Navy is wrestling with the actual definition of the cyber realm. Adm. Herbert relates that the issues affecting this definition largely focus on where cyber ends and other operational domains begin. Just because a young sailor is operating on a keyboard does not necessarily place his or her operations in the cyber realm. Similarly, the type of medium—fiber, wire, radio or satellite—does not necessarily designate a cyber realm. Many agencies vary in their definitions of cyber, and those definitions must be reconciled.

Navy Cyber Forces is the type command for command, control, communications, computers, combat systems and intelligence (C5I), and Fleet Cyber Command/Tenth Fleet is the operational command for the disciplines that compose cyber. Where Fleet Cyber Command performs day-to-day operations and strategic planning, Navy Cyber Forces trains, staffs and equips those operations.

Cyber Forces also supports many programs run by the command. One of these is the CSICP program, which conducts network security inspections afloat and ashore. Cyber Forces performs pre-inspection technical assistance visits prior to the command’s CSICP visits, the admiral explains.

While each of the military services shares many issues with cyber operations, each also has its unique needs. Adm. Herbert notes that the maritime domain offers several of its own challenges. These include subsurface operations, maintaining sea lines of communication, at-sea cyber collection, maritime domain awareness, and obtaining a large persistent view of intelligence, surveillance and reconnaissance (ISR).

Navy at-sea networking is defined by communications in a disconnected environment, and many of its challenges are cyber challenges. “For many of our ships, reachback to so many of their services can be almost a soda-straw-size SATCOM [satellite communications] or RF [radio frequency] signal, or even a different mechanism for relaying communications,” the admiral points out. “Having an organic maritime ISR capability or a communications relay capability is something that we would need to focus on more for Navy mission success.”

Part of the challenge facing Navy cyber planners is how to balance sustainment with modernization. The problems that affect this cyber activity are similar to those that plague other military domains, she notes, particularly with budget constraints impinging on operations and planning. The difference between cyber and traditional domains is that advances in cyber are occurring at a much faster pace than in the other realms. These rapid advances hinder efforts at cyber defense, she adds.

“It’s absolutely impossible to plan to defend against every known attack virus and malware,” the admiral points out. “So it demands a much quicker response time, and being able to balance that … pushes us to a much quicker cycle.”

Another balancing act involves discipline versus agility. “In this modern and fast-paced cyber environment, there is a great need for having the agility to nimbly change course or maneuver freely in what might not be a benign environment,” Adm. Herbert allows. “On the other hand, we can’t lose sight of some of the discipline and rigor that is necessary to ensure that the applications we are putting on our network—or the security features of the new products that we are fielding—have gone through that interoperability testing and accreditation to ensure that they are not bringing new vulnerabilities.”

 

Three cryptologic technicians study training material at the Center for Information Dominance. As members of the Navy’s Information Dominance Corps, cryptologists increasingly are seeing their individual specialty training giving way to cross-detailing as the Navy operationalizes cyber throughout the service.

The admiral cites the need for “finding that sweet spot where we’re doing the necessary rigor for network accreditation or security—but at the same time, not being hamstrung into some bureaucratic process where you just cannot respond to changing requirements.”

Aiding in the quest for smoother cyber operations is the effort to collapse the number of variations in networks and their configurations, the admiral allows. The Navy’s afloat assets can feature more than 25 different variations in networks, she notes, and this brings unique implications and challenges. Reducing that number of networks into a common computing backbone would allow easier training and support.

Just the differences between the surface force and the submarine force can introduce substantial complexity into configuration management for the surface force, the admiral relates. Submarines have two different types of networks, so the 25 network variations inherent in surface ships complicate efforts considerably.

Then come issues between the surface fleet and ashore networks. Adm. Herbert notes that the afloat (PEO C4I) and ashore (PEO EIS) network acquisition arms have had a collaborative and robust working group striving to establish commonalities for hardware and software purchases as well as data strategies and standards.

The Navy’s new Next Generation Enterprise Network, or NGEN (See page 18), represents a Navy effort to re-assume network operations and oversight, the admiral points out. Honest and critical feedback from industry on the Navy’s course for transitioning to NGEN has been essential to the service’s plans.

Overall, the key to success in cyber operations is flexibility, especially in terms of response to potential attacks, Adm. Herbert says. “I would not say that we need to build up this ‘Maginot Line’ of defenses where we are completely impenetrable and can operate with impunity—because that will never be the environment,” she declares. “What we need to do is build up a resilient, diverse capacity for being very flexible; so if you lose one particular path or routing scheme, you’re able to fight through a degraded environment and still get the mission done.”

Having a cyber common operational picture is important to achieving that goal, she continues. “You can’t effectively defend and operate and project force in the cyberdomain unless you know what that cyberdomain looks like, what are potentially adversarial or blue forces, and are able to see what’s out there so that you can plan your next maneuvers in cyberspace appropriately.

“That mandates a common operational picture that provides advanced decision superiority to the commander and to the warfighting force,” Adm. Herbert states. The Fleet Cyber Command is leading the way in this development, she notes, and it has made significant advances over the past year.

In the last two years, the Navy has merged all of its independent information-related communities into its new Information Dominance Corps. This corps now comprises about 45,000 people from among the information professional community, the intelligence community, the information warfare community, oceanographers, cryptologists and the space cadre.

While these personnel still receive individual career training, this approach is being phased out in favor of cross-detailing. This has taken place particularly among officers in the O-5/O-6 levels, the admiral reports, and it has allowed people to bring the unique skill sets and capabilities gleaned from their parent communities into the cyber force. This not only brings expertise to different communities, it also builds an understanding and appreciation for different skill sets among the information dominance community as a whole.

“We’ve had intelligence officers serving in information warfare billets, information technology officers serving in intelligence billets, across the board in very consequential leadership and high-technical-level billets,” Adm. Herbert says. “It has been very successful, and we’re looking at broadening the number of cross-detailing opportunities available—perhaps at the O-4 level as well.”

The Cyber Forces began a cyber work force zero-based review at the end of the summer. Describing this Navy-wide review as “down to the deck plates,” the admiral says that it is designed to determine critical gaps in skill sets and positions. With this review, the Navy should know where it needs to provide more capabilities or skill sets to specific mission areas. The review should wrap up in March, she allows.

As with many segments of the military information technology community, industry will continue to play a key role in the success of Navy cyber efforts. Industry provides the technological advances that define the Navy’s networking and address cyberthreats, and Cyber Forces continues to work with industry and academia on solutions to cyber issues.

The same information security issues that affect civil government cooperation with industry also weigh on Navy efforts with the private sector, Adm. Herbert notes. “It’s not in the nature of everyone who is in business to advertise particular vulnerabilities or network security issues that they have experienced in their own business,” she points out. “But, a lot of that sharing will help build our defenses when we are able to share those challenges and solutions openly and honestly.

“The talent, expertise and solutions that industry is employing for its own systems are things that we absolutely need to be embracing,” the admiral emphasizes.

One challenge in particular is how the Navy can continue to operate in the electromagnetic spectrum when so much of that spectrum is being shared or is transitioning to nondefense use. A range of Navy systems currently under development requires unfettered use of the spectrum, Adm. Herbert says. A cognitive radio that can sense and exploit unused spectrum without interference would be “an area that everyone would end up getting behind,” she offers.

In a broader technological scope, the Navy is increasing its reliance on unmanned undersea vehicles (UUVs), and this will place new burdens on government and industry technologists. These UUVs must be able to operate for long periods of time before returning to their mother ship for replenishment. Technologies that enhance or provide autonomy, power and endurance are high on the Navy wish list, the admiral notes.

To chart a course for the future, Navy Cyber Forces is maintaining close links with formerly deployed forces such as returning strike groups, expeditionary strike groups and submarines. Cyber Forces is tapping the groups’ expertise on the challenges that arose during those deployments, particularly in terms of new issues that arose among forces that had been deployed previously. Adm. Herbert aims to re-hone how her forces are training personnel both in the basic phase and at advanced levels. This information from recent deployments is combined with predictions for near-term future challenges, she adds.

WEB RESOURCE
U.S. Navy Cyber Forces: www.cyberfor.navy.mil