Gen. Michael Hayden, USAF (Ret.), principal, the Chertoff Group, shifted the weight of the conversation at the AFCEA/GMU Critical Issues in C4I Symposium from the direction of cyber narrowly defined to information broadly defined. Throughout his morning keynote he touched on Russian manipulation of the 2016 election, the U.S. moving into a post-truth culture and what cyber leaders can do in the future to help secure the nation.
Situational awareness is key to cybersecurity and using analytics can help create the situational awareness needed to defend the nation from adversaries. “Never before have we had the tools that we have today to understand the environment we’re in,” said Roberta “Bobbie” Stempfley, director, Carnegie Mellon University’s Software Engineering Institute, CERT Division, during her morning keynote at the AFCEA-GMU Critical Issues in C4I Symposium.
Thoughts by experts about the ability of the military to defend cyberspace are centering around the concept of improved partnerships, which may be outside of the Defense Department’s usual practices. A lot can be gained from the insight of coalition partners and think tanks—wisdom and information that the DOD may not have tapped into, experts said.
Providing an information network that enables warfighters to perform global missions is not easy given the network itself is besieged constantly by cyber attacks. All U.S. Defense Department organizations use the complex technical infrastructure known as the Department of Defense Information Network (DODIN), and the responsibility to protect it 24/7 falls squarely on the shoulders of Joint Force Headquarters–Department of Defense Information Network (JFHQ-DODIN).
Machine learning has advanced to the point where more sophisticated methods can be more effective at cyber event detection than traditional methods, an expert says. Along with emerging methods, access to large amounts of “fresh” data is important for processing, determining trends and identifying malicious activity.
Teams looking at how to use machine learning need to consider different methods, suggested Mark Russinovich, chief technology officer, Microsoft Azure, at the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore on May 17.
Raising the bar for STEM education comes through practice, competition and a culture shift to help prepare the next generation of defense leaders. It’s less about how many hours of STEM courses or what is the right age to engage kids in STEM and more of a focus on how to create access to opportunities in a way that they can connect with for the long term.
Between 1.5 and 3 million cyber professionals will be needed worldwide by the year 2020 according to various studies. However, the majority of individuals currently entering the field are male; estimates are only 5 percent to 11 percent of professionals entering technical fields are women on a global basis. It is critical to bring more women into cyber fields not only to fortify the cyber workforce with more talent but also to apply the power of diversity that leads to better solutions.
Faced with unending cyber attacks that are increasing in sophistication and coming from all types of adversaries, the U.S. Army Cyber Center of Excellence is preparing its best defense: cyber operators. With a dedicated section of the Army’s force that focuses only on cyberspace operations, the service must continue to fill the ranks and train cyber operators, said Maj. Gen. John Morrison Jr., USA, commanding general, U.S. Army Cyber Center of Excellence (CoE) and Fort Gordon.
If you think of the cyber threat as Godzilla, you can see the need for a framework that optimizes limited resources. As the beast attacks the building, those individuals located on the ground floor—for example the architects and engineers—worry about being stepped on by its feet. Those on the next floor up, the systems engineers, see the knees and want protection from being kicked. The next level, the incident responders, see the claws and worry about what those claws can do. Higher in the building, the operators see the shoulders and are focused on how big the threat might be based on the shoulder size. The customers at the top only see teeth and flames.
As the Department of Defense is working to improve lethality, it is making the transition to fight in the new domain of cyber, according to Anthony Montemarano, executive deputy director, Defense Information Systems Agency (DISA). The key to this evolution is innovation and harnessing emerging technologies to protect and defend the homeland. “We’ve got to get ahead of the adversaries,” he said.
Speaking to a room packed full of industry and government officials on Tuesday at the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore, and in an interview with SIGNAL Magazine, Montemarano called on industry to provide innovation.
In her unique, dual-hatted role as director of the Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters–Department of Defense Information Network (JFHQ-DODIN), Vice Adm. Nancy Norton, USN, is pushing to provide the best communication and information technology capabilities to the Defense Department (DOD).
“Everything we do is to support the warfighter and increase their ability to accomplish their mission,” she said. The admiral was the keynote speaker opening the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore on May 15.
As a result of recent federal legislative and administrative activity, government agencies are expected to launch significant modernizations of their cybersecurity systems, get offensive with hackers and take a more strategic approach to risk. Combined, these policy directives promise to transform our government into a robust digital society, gaining greater resiliency to cyber threats by leveraging opportunities while reinforcing standards and procedures.
Here’s a breakdown of the key components of the four policies:
As the need for more sensor processing and embedded security continues to grow in defense applications such as unmanned systems and munitions, the footprint for these mission-critical systems continues to shrink. A fundamental shift in microelectronics design and packaging is required to address the needs of the modern threat environment where non-invasive attacks are imminent.
U.S. Navy personnel with advanced skills in information warfare may be ready to hit the decks and deploy across the fleet by year’s end.
Adding those adept information warriors to the fleet is a top priority for the commander of the Naval Information Warfighting Development Center (NIWDC), which was established about a year ago. Similar to other warfighting development centers, the NIWDC mission includes training and assessing forces in advanced tactics, techniques and procedures at the individual, unit, integrated or advanced and joint levels.
The organization tasked with protecting U.S. Defense Department networks is looking to accelerate its ability to detect and respond to enemy cyber attacks. While detection and response are not new, they have assumed greater importance as cyber attacks are combined with kinetic operations throughout the battlespace.
The increased sophistication and unpredictability of adversaries’ cyber capabilities and tactics demands improvements in war-fighting readiness by revolutionizing how information warfare is executed in the U.S. Navy’s fleet. To address this challenge, the service is aligning and synchronizing efforts among its various communities and supporting multiple warfare areas with an information-packed warfighting model.
After years of lagging behind competitors in the battle for electromagnetic spectrum dominance, the U.S. Army may be catching up with reinforcement from technology researchers. But it may be the application of technology rather than the systems themselves that truly gives the Army an edge.
Service leaders say they lost focus on electronic warfare and information warfare capabilities while preoccupied with the wars in Iraq and Afghanistan, where cutting-edge technologies were not a necessity. Now, they contend, the next war likely will be against a foe capable of formidable offense and defense in the electromagnetic domain.
Being able to pace technology is the top challenge facing the Defense Information Systems Agency, according to its director. This activity encompasses both positive pacing, in which the agency takes the lead in incorporating innovative capabilities, and negative pacing, where it responds to the constantly evolving technology-based threat.
Industry plays a significant role in both aspects of pacing. The private sector serves as the font of innovation for new information capabilities sought by agency customers. Similarly, industry must be the primary source of related technologies that help counter the growing threat posed by nation-state and independent adversaries.
Advances in technology and improvements in understanding cognitive science have led to a rediscovery of key elements of information warfare (IW). This once-arcane topic has re-emerged as a vital component of international security that must be closely considered and comprehended in the context of geopolitical objectives, military operations and the daily events of our lives.
A bug bounty program worth a total of $10 million aims at acquiring and developing active cyber-defense capabilities for some of the most popular software programs for Windows, MacOS, iOS and Android. The public program is offering payouts focusing on quality over quantity to identify and address some of the toughest problems.