Cyberspace Requires Active Defense
Cyberspace security experts no longer can afford the luxury of traditional security that detects malicious operations when they begin, said Lt. Gen. Robert E. Schmidle, USMC, deputy commander of the U.S. Cyber Command. This active approach must be extended across the civilian realm of cyberspace as well as in the military arena, he said. "You can't have static defense where you wait for something to happen," the general declared at the Joint Warfighting Conference 2011. "You've got to be out in the network hunting for malware." One approach is an agile tipping and cueing capability similar to that employed in signals intelligence (SIGINT). Applying that approach to cybersecurity would help head off threats before they achieved their malicious goals. Gen. Schmidle allowed that the .mil network is well-protected, but huge vulnerabilities exist in other networks that also are vitally important. "There are critical pieces of our infrastructure, part of our national security, that must be robustly defended against threats," he warned.