While government and industry wrestle with issues of sharing cyber intelligence, different private sectors face an equally difficult—and important—task of information sharing among themselves. Many face similar threats, and their survival against cybermarauders may depend on how well they share threat knowledge.
Quote of the Day:
“The more we can talk about cyber and intelligence in the open, the better we will be … the less the demagogues can take it and run with it.”—U.S. Representative Mac Thornberry (R-TX)
Intelligence needs cyber, and cyber needs intelligence. How they can function symbiotically is a less clear-cut issue, with challenges ranging from training to legal policy looming as government officials try to respond to a burgeoning cyber threat.
Effective cyber experts require an increasing skill set that is putting them out of reach of the government. As threats have become more diverse, so have the abilities needed to defend against them, and the government may need to turn to innovative methods of building its cyberforce.
Just as an earlier panelist at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., emphasized the importance of the human element in cyber intelligence, a subsequent panel sounded the alarm for acquiring and keeping cyber personnel. Obsolete hiring rules and competition from the private sector loom large as impediments to the government’s ability to hire and retain effective cyber intelligence personnel.
Information sharing, automated intelligence reporting and all-source analysis capabilities are cited by many experts as being necessary for helping ensure cybersecurity. However, the human element must remain not only present, but also dominant, in any cybersecurity process.
The military is so busy combating cybermarauders that it has not been able to shape an overall strategic approach to securing cyberspace, said the head of intelligence for the Joint Staff. Rear Adm. Elizabeth Train, USN, director for intelligence, J-2, the Joint Staff, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the cyberdomain is a multidimensional attack domain that threatens both the military and the private sector.
The same challenges facing the military now confront law enforcement as it embraces cyber capabilities. Disciplines ranging from data fusion to security are becoming integral parts of the curriculum for police officers.
Cathy Lanier, chief of the Washington, D.C., Metropolitan Police Department, did not understate the changes technology has wrought as she spoke at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. “It almost feels like completely reinventing police work,” she said.
Companies that are hacked have valuable information that can help prevent future cyber intrusions, said an FBI cyber expert. Rick McFeely, executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the bureau is depending on industry to share vital information on cyber attacks.
The FBI has created an information sharing portal for cyber defense modeled on its Guardian counterterrorism portal. Known as iGuardian, the trusted portal represents a new FBI thrust to working more closely with industry on defeating cyberthreats. It is being piloted within the longtime InfraGard portal, according to an FBI cyber expert.
Hackers need to pay a greater price for intrusions if network security is to be effective, said a former director of national intelligence. Adm. Dennis Blair, USN (Ret.), who also is a former commander of the U.S. Pacific Command, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the nation needs to raise the cost to the hacker without breaking the bank for the defender.
Legislation that creates both positive and negative incentives may be necessary for industry to incorporate effective network security. The role of the insurance industry also can be brought to bear to convince companies it is in their best interest to ensure the sanctity of their data.
Many elected officials who opposed the National Security Agency’s (NSA’s) broad surveillance efforts were “demagogues” who did not know the real issues involved, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the people in the House who voted to cut funding for the NSA’s surveillance efforts preferred taking a stand to understanding the situation.
The U.S. Senate is moving on a cyber bill that is more in line with the approach being taken by the House, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum at the National Press Club in Washington, D.C., that this bill may be marked up by the Senate Commerce Committee this week.
Government officials now admit they underestimated the scope and complexity of the federal data center realm.
General Dynamics Advanced Information Systems has created a portal to facilitate collaboration among experts from multiple industries in a secure, controlled, cooperative environment. GDNexus matches innovative solutions to customer requirements across the defense, federal government, intelligence community and commercial markets.
Frank Kendall, undersecretary of defense for acquisition, technology and logistics, told the Senate Banking, Housing and Urban Affairs Committee that he is concerned about the level of cyber attacks affecting defense suppliers. As a result, he is considering changes in contracting procedures to mitigate the risk of corporate espionage.
A new white paper titled “Insider Threat: Protecting U.S. Business Secrets and Sensitive Information” focuses on raising risk awareness by highlighting current issues and outlining continuous challenges.
AFCEA International is partnering with Carnegie Mellon University’s Software Engineering Institute to offer its members a comprehensive range of online cybersecurity training on an annual subscription basis. For the cost of one five-day classroom course, students have unlimited access to more than 30 classes.
The planners of the Defense Department Joint Information Environment, or JIE, must specify the requirements that can cope with the surges in asymmetric cyberwarfare—now. Asymmetric warfare describes conflicts in which the resources of the two belligerents differ in terms of their weapons and organization. The opponents will attempt to exploit each other’s weaknesses.
The Army adjusts its training and career path for cyber domain troops and leaders.