When National Science Foundation officials announced in February that three major providers of cloud computing were donating up to $9 million collectively for big data research, they already were looking for ways to broaden the effort to include a wider variety of topics, including cybersecurity. The expansion is intended to benefit both research and education initiatives and is necessary, in part, because the cloud providers now acquire cutting-edge hardware before it is made available to researchers.
The Cyber Edge
The U.S. Army’s Communications-Electronics Research, Development and Engineering Center, known as CERDEC, is gearing up to face increasing asymmetrical threats in cyberspace. The center looks to improve cyber operations, information warfare, electronic countermeasures and information security, among other areas. Its efforts are prompted as the military finds itself fighting or preparing to fight more and more in cyberspace, in conjunction with the traditional domains of sea, air, land and space.
The potential geopolitical consequences of quantum communications will result in clear asymmetries in both knowledge and confidentiality of information. Countries whose data can be protected through quantum communication techniques will have a significant information advantage, a situation that would have important, albeit hard to predict, effects on geopolitical developments.
As a result of recent federal legislative and administrative activity, government agencies are expected to launch significant modernizations of their cybersecurity systems, get offensive with hackers and take a more strategic approach to risk. Combined, these policy directives promise to transform our government into a robust digital society, gaining greater resiliency to cyber threats by leveraging opportunities while reinforcing standards and procedures.
Here’s a breakdown of the key components of the four policies:
The days of the United States’ stature as a force without equal appear to be over. The threat of near-peer competition with increasingly sophisticated adversaries is growing. As Secretary of Defense James Mattis says in the National Defense Strategy, "America has no preordained right to victory on the battlefield."
This month is a crucial time for the U.S. Navy, as far as information technology goes. Its Program Executive Office for Enterprise Information Systems is developing the request for proposal for its Next Generation Enterprise Network Re-compete contract that will provide information technology services, including cloud services, for more than 700,000 Navy and Marine Corps users.
Whether a Social Security number from an individual, or financial information from a company, hackers continue to find ways to steal data from millions of Americans. To combat these crimes, the idea of active cyber defense has arisen on Capitol Hill with the introduction of the Active Cyber Defense Certainty (ACDC) Act.
In January, Homeland Security Secretary Kirstjen Nielsen voiced measured support for empowering companies to be more active in their approach to cybersecurity. These active measures would allow companies to access other computer networks in order to thwart cyber attacks, monitor the hackers, collect evidence or destroy stolen files.
Domestic cybersecurity has some new potential vulnerabilities to defend, according to the Department of Homeland Security’s (DHS’s) 2018 Cybersecurity Strategy. In addition to conventional concerns such as the water and power grids and the financial sector, the burgeoning number of Internet-connected devices and the global supply chain have emerged as areas that must be protected against a growing threat from a variety of adversaries.
Thoughts by experts about the ability of the military to defend cyberspace are centering around the concept of improved partnerships, which may be outside of the Defense Department’s usual practices. A lot can be gained from the insight of coalition partners and think tanks—wisdom and information that the DOD may not have tapped into, experts said.
Raising the bar for STEM education comes through practice, competition and a culture shift to help prepare the next generation of defense leaders. It’s less about how many hours of STEM courses or what is the right age to engage kids in STEM and more of a focus on how to create access to opportunities in a way that they can connect with for the long term.
Faced with unending cyber attacks that are increasing in sophistication and coming from all types of adversaries, the U.S. Army Cyber Center of Excellence is preparing its best defense: cyber operators. With a dedicated section of the Army’s force that focuses only on cyberspace operations, the service must continue to fill the ranks and train cyber operators, said Maj. Gen. John Morrison Jr., USA, commanding general, U.S. Army Cyber Center of Excellence (CoE) and Fort Gordon.
If you think of the cyber threat as Godzilla, you can see the need for a framework that optimizes limited resources. As the beast attacks the building, those individuals located on the ground floor—for example the architects and engineers—worry about being stepped on by its feet. Those on the next floor up, the systems engineers, see the knees and want protection from being kicked. The next level, the incident responders, see the claws and worry about what those claws can do. Higher in the building, the operators see the shoulders and are focused on how big the threat might be based on the shoulder size. The customers at the top only see teeth and flames.
As the Department of Defense is working to improve lethality, it is making the transition to fight in the new domain of cyber, according to Anthony Montemarano, executive deputy director, Defense Information Systems Agency (DISA). The key to this evolution is innovation and harnessing emerging technologies to protect and defend the homeland. “We’ve got to get ahead of the adversaries,” he said.
Speaking to a room packed full of industry and government officials on Tuesday at the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore, and in an interview with SIGNAL Magazine, Montemarano called on industry to provide innovation.
In her unique, dual-hatted role as director of the Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters–Department of Defense Information Network (JFHQ-DODIN), Vice Adm. Nancy Norton, USN, is pushing to provide the best communication and information technology capabilities to the Defense Department (DOD).
“Everything we do is to support the warfighter and increase their ability to accomplish their mission,” she said. The admiral was the keynote speaker opening the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore on May 15.
The increased sophistication and unpredictability of adversaries’ cyber capabilities and tactics demands improvements in war-fighting readiness by revolutionizing how information warfare is executed in the U.S. Navy’s fleet. To address this challenge, the service is aligning and synchronizing efforts among its various communities and supporting multiple warfare areas with an information-packed warfighting model.
One does not have to look too far beyond the headlines to see that the battle for world power is playing out in the information space. Free and open democratic societies increasingly are tested by rising autocratic countries employing high technology in information warfare.
For the United States to succeed in this battle, citizens, not just the government, need to be more discerning about information, experts say.
After years of lagging behind competitors in the battle for electromagnetic spectrum dominance, the U.S. Army may be catching up with reinforcement from technology researchers. But it may be the application of technology rather than the systems themselves that truly gives the Army an edge.
Service leaders say they lost focus on electronic warfare and information warfare capabilities while preoccupied with the wars in Iraq and Afghanistan, where cutting-edge technologies were not a necessity. Now, they contend, the next war likely will be against a foe capable of formidable offense and defense in the electromagnetic domain.
Being able to pace technology is the top challenge facing the Defense Information Systems Agency, according to its director. This activity encompasses both positive pacing, in which the agency takes the lead in incorporating innovative capabilities, and negative pacing, where it responds to the constantly evolving technology-based threat.
Industry plays a significant role in both aspects of pacing. The private sector serves as the font of innovation for new information capabilities sought by agency customers. Similarly, industry must be the primary source of related technologies that help counter the growing threat posed by nation-state and independent adversaries.
U.S. Navy personnel with advanced skills in information warfare may be ready to hit the decks and deploy across the fleet by year’s end.
Adding those adept information warriors to the fleet is a top priority for the commander of the Naval Information Warfighting Development Center (NIWDC), which was established about a year ago. Similar to other warfighting development centers, the NIWDC mission includes training and assessing forces in advanced tactics, techniques and procedures at the individual, unit, integrated or advanced and joint levels.
The organization tasked with protecting U.S. Defense Department networks is looking to accelerate its ability to detect and respond to enemy cyber attacks. While detection and response are not new, they have assumed greater importance as cyber attacks are combined with kinetic operations throughout the battlespace.