Instead of deciding where to spend its money, the Pentagon now must decide where not to spend its increasingly scarce cash resources. This entails risk assessment that focuses on how not to hurt the warfighter.
Cyber has provided the means for rapidly assembling and operating military coalitions in the post-Cold-War era. Now, the very nature of the domain may require coalitions to save it from a growing menu of threats. These threats can range from annoying hackers to organized crime to malicious nation-states and even geopolitical movements to restrict the flow of ideas. While the panoply of perils is diverse, the actions to defend against them may have to spring from the well of government and organizational cooperation.
South Korea didn't merely react when it suffered two extensive cyber attacks earlier this year. It established a national cyber policy and formed a government/military/commercial partnership to protect against future intrusions.
The best intentions among international cyber experts may be foiled simply because they don't understand each other's cultural differences. Priorities and even the way of thinking can inhibit progress without cyber experts even realizing it.
The national laws that ensure freedom in modern democracies are preventing effective international cybersecurity measures. Hackers hide behind borders as they ply their malice around the world, and authorities are hard-pressed to reach them.
Maintaining Internet security--and ensuring its continued freedom--likely will depend on like-minded nations forming coalitions that help formulate international regulations and rules of governance.
More than just generational differences characterize today's cyber work force. People of all ages have different ways of thinking and different goals for their profession. The variation is almost as great as the technology changes they are incorporating.
Australia has implemented a cybersecurity policy that brings together government and industry to secure the domain nationally. The country recently elevated cybersecurity as a major priority for national security, and in 2009, it established a Cyber Security Operations Center (CSOC).
Now that allied forces have accepted coalitions as a requisite for future military operations, they must undergo a cultural sea change for cybersecurity. Accepting nontraditional partners demands a new way of viewing cybersecurity that entails greater flexibility at its most philosophical level.
An evolving mission network connecting U.S. and Australian forces is being expanded to include other trusted allies with an eye toward adding coalition partner nations. The network is built around a risk-managed approach for sensitive information sharing.
Quote of the Day:
"If you allow the United States to operate out of sanctuary, we will beat the crap out of you." - Lt. Gen. Stanley T. Kresge, USAF, vice commander, U.S. Pacific Air Forces, addressing potential adversaries
U.S. Pacific Command military leaders agree that any future operation will be conducted amid a coalition, and partner countries must be networked. However, that networking opens the possibility for greatly increased network vulnerabilities as less-secure nations provide weak links for network security.
The U.S. Pacific Air Forces will benefit greatly from combining its A-3 and A-6, said its director of communications and chief information officer. The concept of cyber readiness has a different perspective from the operations side and the cyber side. This consolidation helps provide warfighting integration across the entire network.
The United States must weigh its command and control (C2) capabilities before it embarks on a military plan instead of the other way around, according to the vice commander, U.S. Pacific Air Forces. Lt. Gen. Stanley T. Kresge, USAF, told the opening luncheon audience in TechNet Asia-Pacific 2013 in Honolulu, Hawaii, that vulnerabilities have increased the importance of C2 in planning and execution.
U.S. forces may be over relying on cyber to meet challenges in the Asia-Pacific region at a time when potential adversaries view it as a key to disrupting U.S. operations, according to the top leaders of the U.S. Pacific Command (PACOM). Lt. Gen. Thomas L. Conant, USMC, deputy commander of PACOM, offered that U.S. forces must expect to operate without at least some of their cyber assets in a time of conflict.
Eight emerging cybersecurity technologies developed by the Department of Energy’s National Laboratories will be featured at the Transition-to-Practice Technology Demonstration Day for Investors, Integrators and IT Companies East event on December 18 in Washington, D.C.
Members of President Obama’s Council of Advisors on Science and Technology have found that cybersecurity for government and industry organizations requires a set of processes that continuously couple information about an evolving threat to defensive reactions and responses. In a report to the president, the council shared its six findings and correlating recommendations for remedies to better security information technology in both the public and private sectors.
Two pictures have taken up residence in my mind over the past few weeks. They highlight the growing disconnect between the U.S. Defense Department and the broader strategic environment—not just in terms of geopolitics but also in the way the rest of the world lives, works and interacts.
The critical infrastructure must address cyberthreats in a manner different from that of conventional information technology systems.
The U.S. Department of Homeland Security is seeking participants for the Software Assurance Marketplace (SWAMP), which is expected to open to beta users in January. The ultimate goal for the marketplace is to help protect the nation’s critical infrastructure by improving software used for essential functions.