Cyberthreats come from different areas—whether they represent terrorists, industrial espionage, the Islamic State of Iraq and the Levant (ISIL), organized crime, nation-states or even “hacktivists” trying to shape the political environment. Multiple sources with diverse motivations are affecting activities throughout cyberspace, and there is no one-size-fits-all remedy or “silver bullet” solution.
Throughout its rich history, the U.S. Marine Corps has developed many significant warfighting concepts that remain valid today. With adjustments for unforeseen new technologies and capabilities, these forward-looking concepts serve the Marine Corps and the nation well.
My hope is that the general public at last is beginning to develop a basic understanding of the vulnerabilities the nation faces in cybersecurity. My fear is that, while these vulnerabilities affect the public at large, this developing understanding has not yet integrated itself into the culture and broad practice of cybersecurity.
Today’s intelligence community is facing new challenges. That in and of itself is not new; the community has been evolving for decades. What is new is both the changing nature of the threat and the approach that must be taken to meet it.
Despite everyone’s best intentions, developing a solid critical infrastructure protection policy and plan must take into account the cultural differences, privacy and the respective needs of a diverse society, coupled with a disciplined, systematic approach to critical infrastructure protection.
The United States acknowledged a long-evolving trend when it initiated the strategic rebalance toward the Asia-Pacific region. For many years we have needed to place increased emphasis on that vast and dynamic area, and the rebalance has set a course for that important goal. But we are in danger of losing the benefits of the pivot to the Pacific in several ways.
A key challenge to building a new tactical technology acquisition model is that it requires carefully identifying and prioritizing requirements, as well as staying engaged with the acquisition arm of government throughout the acquisition process. Carefully defining an operational requirement—not the end technical solution—allows industry to develop and provide the most effective solution. Industry has a strong economic impetus to provide the capability that the operating forces require.
Despite the various associated national security and economic issues emerging worldwide, this can be a time of opportunity. Major challenges often compel bold steps and creative thought, which is why opportunity defines our future.
Virtualization and cloud implementation are critical components of information technology planning, acquisition and management going forward. Cloud implementations are important to security, efficiency, effectiveness, cost savings and more pervasive information sharing, particularly among enterprises.
The world may be more dangerous today than in any period in history. Threats are widespread and diverse. It no longer is enough to watch nation-states. In this period of asymmetric warfare, with the addition of the cyberthreat, almost anyone can become a threat to national security. In this dangerous world, the value of intelligence has risen, and the tools and means of intelligence must be richer than in the past.
Anyone following the progress of the Joint Information Environment (JIE) knows by now that it is not a program of record. No one will see large procurements to provide the JIE. It definitely is a framework: it defines standards and architectures for consistency across the defense environment. It defines a core environment and interfaces for the connection of networks and systems to the core.
Open source intelligence, which is gained from the public domain, is certainly not new. Intelligence professionals have used open sources as long as intelligence has been gathered and utilized. So what is different today? Why is open source intelligence (OSINT) getting more attention and the commitment of more resources?
Even though the Cold War has ended and the monolithic threat against the West has disappeared, the relationship between Europe and the United States remains vital. Europe includes some of the United States’ strongest coalition partners and alliances; the two economies are closely tied and interdependent; and defense and security in Europe are evolving rapidly, just as in the United States. AFCEA chapters and members outside the United States number the greatest in Europe.
This rarely happens, but for 2014, defense and technology analysts are in agreement that big data and cybersecurity are the two drivers in planning and investment for information technology, both in government and in industry. Most everything else will be enabling these two key capabilities. While much attention has been focused on the threats and work being done globally on cybersecurity, I want to focus on big data.
Big data is critical because, unless it is collected, analyzed, managed and made ubiquitously available, many analysts and decision makers will be buried in information they cannot use effectively in a timely fashion. It also is the starting and ending point for many of the technologies and capabilities we care about: networks, data centers, cloud initiatives, storage, search, analytics and secure access
Naval forces represent the ultimate projection capability for the United States. This important capability creates some unique requirements and constraints in intelligence, surveillance and reconnaissance (ISR) support to the Navy and Marine Corps. The expeditionary nature of these forces drives two distinctive aspects of naval ISR.
In the most recent U.S. defense guidance of January 2012, signed for emphasis by both the president and the secretary of defense, cyber was one of the few areas that received both emphasis and increased funding—no small feat in the current budget environment. Part of that emphasis and increased funding goes to the intelligence community to support the cyber domain. Such support requires an expansion of the intelligence mission set, new processes and tools, and new interfaces to the operational community now emerging to command and control the cyber domain.
Do you ever find yourself trying to reconcile with your environment? That is where I am now with regard to national security and reaction to leaks and programs designed to protect against terrorist threats.
In 2010, Julian Assange and his WikiLeaks organization got themselves on the world stage by publishing large volumes of classified documents, many provided by Pfc. Bradley Manning, USA, an intelligence analyst. At that time, and since, both Assange and Manning have been held up as villains by some and as heroes and whistle-blowers by others.
This time it is the Internal Revenue Service (IRS) that has demonstrated bad judgment and lack of a full understanding of the rules governing large meetings. The revelation of extravagant IRS spending on meetings follows similar issues with the General Services Administration and the U.S. Department of Veterans Affairs. This waste shines a light on bad judgment for sure—but it also reveals a larger problem. For the most part, government personnel who are planning and coordinating government-run events do not do this as their primary function.
Those of us who have been involved with government information technology (IT) for some time clearly remember the many efforts to improve IT acquisition. All certainly remember Vivek Kundra’s IT Management Reform Program, the 25-point plan. Most would agree that progress has been made, but some would argue—correctly I believe—that work remains to be done.
Homeland Security and the global effort against terrorism are incredibly complex activities. The organizations and individuals are just as complex. The homeland security establishment in the United States—as the collection of government agencies at the federal, state, local and tribal levels and the affected industries are referred to—numbers in the thousands of entities.