The most serious national security threat looming in cyberspace may be the potential for vital data to be altered by cybermarauders, according to a cyber expert with the Office of the Director of National Intelligence (ODNI). Speaking to an attentive audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council in the ODNI, admitted that the threat to data integrity keeps him awake at night.
Resistance to change may prove to be the biggest impediment to information sharing among the cyber intelligence community. Both government and industry must break out of their existing paradigms to share cyber intelligence that may prove vital to national security.
Panelists on the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., outlined some of the cultural obstacles that hold back information sharing. In the intelligence community, the conflict is the traditional need to know versus the new need to share.
While government and industry wrestle with issues of sharing cyber intelligence, different private sectors face an equally difficult—and important—task of information sharing among themselves. Many face similar threats, and their survival against cybermarauders may depend on how well they share threat knowledge.
Effective cyber experts require an increasing skill set that is putting them out of reach of the government. As threats have become more diverse, so have the abilities needed to defend against them, and the government may need to turn to innovative methods of building its cyberforce.
Just as an earlier panelist at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., emphasized the importance of the human element in cyber intelligence, a subsequent panel sounded the alarm for acquiring and keeping cyber personnel. Obsolete hiring rules and competition from the private sector loom large as impediments to the government’s ability to hire and retain effective cyber intelligence personnel.
Information sharing, automated intelligence reporting and all-source analysis capabilities are cited by many experts as being necessary for helping ensure cybersecurity. However, the human element must remain not only present, but also dominant, in any cybersecurity process.
The military is so busy combating cybermarauders that it has not been able to shape an overall strategic approach to securing cyberspace, said the head of intelligence for the Joint Staff. Rear Adm. Elizabeth Train, USN, director for intelligence, J-2, the Joint Staff, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the cyberdomain is a multidimensional attack domain that threatens both the military and the private sector.
The same challenges facing the military now confront law enforcement as it embraces cyber capabilities. Disciplines ranging from data fusion to security are becoming integral parts of the curriculum for police officers.
Cathy Lanier, chief of the Washington, D.C., Metropolitan Police Department, did not understate the changes technology has wrought as she spoke at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. “It almost feels like completely reinventing police work,” she said.
Companies that are hacked have valuable information that can help prevent future cyber intrusions, said an FBI cyber expert. Rick McFeely, executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the bureau is depending on industry to share vital information on cyber attacks.
The FBI has created an information sharing portal for cyber defense modeled on its Guardian counterterrorism portal. Known as iGuardian, the trusted portal represents a new FBI thrust to working more closely with industry on defeating cyberthreats. It is being piloted within the longtime InfraGard portal, according to an FBI cyber expert.
Hackers need to pay a greater price for intrusions if network security is to be effective, said a former director of national intelligence. Adm. Dennis Blair, USN (Ret.), who also is a former commander of the U.S. Pacific Command, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the nation needs to raise the cost to the hacker without breaking the bank for the defender.
Legislation that creates both positive and negative incentives may be necessary for industry to incorporate effective network security. The role of the insurance industry also can be brought to bear to convince companies it is in their best interest to ensure the sanctity of their data.
Many elected officials who opposed the National Security Agency’s (NSA’s) broad surveillance efforts were “demagogues” who did not know the real issues involved, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the people in the House who voted to cut funding for the NSA’s surveillance efforts preferred taking a stand to understanding the situation.
The U.S. Senate is moving on a cyber bill that is more in line with the approach being taken by the House, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum at the National Press Club in Washington, D.C., that this bill may be marked up by the Senate Commerce Committee this week.
General Dynamics Advanced Information Systems has created a portal to facilitate collaboration among experts from multiple industries in a secure, controlled, cooperative environment. GDNexus matches innovative solutions to customer requirements across the defense, federal government, intelligence community and commercial markets.
Frank Kendall, undersecretary of defense for acquisition, technology and logistics, told the Senate Banking, Housing and Urban Affairs Committee that he is concerned about the level of cyber attacks affecting defense suppliers. As a result, he is considering changes in contracting procedures to mitigate the risk of corporate espionage.
The United States is one of the best in the world at protecting civil liberties, Gen. Keith Alexander, USA, director of National Security Agency (NSA) and commander of the U.S. Cyber Command said at the AFCEA Cyber Symposium in Baltimore.
Edward Snowden, the NSA contractor who leaked reams of data about NSA monitoring activities to the press, has been called a hero whistleblower by some, but Gen. Alexander contends that the employees at the NSA, FBI, CIA and Defense Department, who protect the nation while protecting civil liberties, are the real heroes.
Maj. Gen. Burke Wilson, USAF, director, space operations, Headquarters U.S. Air Force, told the audience that cyber is all about improving operational effectiveness in other domains. “Mission outcome is the only reason we invest in this. We believe it will generate in better mission outcomes across the service,” he stated.
The U.S. Navy will announce the winner of the Next Generation Enterprise Network (NGEN) tonight, according to Brig. Gen. Kevin Nally, USMC, Marine Corps director of command, control, communications and computers and chief information officer. Gen. Nally discussed the pending decision while participating in a panel discussion on the final day of the AFCEA International Cyber Symposium in Baltimore.
Although pockets of resistance still exist, leaders in the Defense Department and military services largely agree on the need for a Joint Information Environment, according to panelists at the AFCEA International Cyber Symposium in Baltimore. The JIE will one day consolidate all of the department’s myriad networks into one while providing enterprise services, such as email, Internet access, common software applications and cloud computing. It is expected to increase operational efficiency, enhance network security and provide cost savings through reduced infrastructure and manpower.