China’s global moves to gain technological hegemony over 5G and reshape the Internet to suit its own needs offer the potential to give the Middle Kingdom control over the telecommunications market and information itself. At the very least, it would achieve market dominance. But at most, it would control both the nature of the Internet and the information that flows through it, say Internet experts.
Second of a two-part report.
The Cyber Solarium Commission, a congressionally chartered panel of expert policymakers, was created to tackle cyber conflict in the same way its Truman-era predecessor addressed the Cold War confrontation between the United States and the Soviet Union. An article in SIGNAL Magazine’s August issue (“Leaders Seek a Grand Strategy for Cybersecurity") explored the commission’s theory of deterrence by denial and how it embraced the concept of resilience.
The U.S. Army’s wearable authentication tokens intended for the tactical environment could be used for nontactical purposes, such as accessing strategic-level systems, enterprise networks and medical systems, researchers say.
The COVID-19 pandemic has forced federal agencies and private businesses around the world to adapt to a new reality, one where most of their employees now work remotely and communicate virtually. This “new normal” imposes changes on how organizations protect and manage their networks, making chief information officers (CIOs) and chief information security officers (CISOs) adapt procedures
to operate in this new reality.
The “new normal” caused by the stay-at-home orders imposed during the COVID-19 pandemic reflects the current state of remote work and its security requirements, says Rob Carey, vice president and general manager for Public Sector at RSA.
The U.S. Army’s technology assessment experiment known as Cyber Blitz has grown beyond its cyber roots. Beginning next year, when it will be held in the Indo-Pacific region, the exercise will be known as Multi-Domain Operations (MDO) Live.
The Defense Information Systems Agency is searching for talented personnel in a broad array of career fields, including information technology, science and engineering, program and project management, contracting and acquisition and human resources—and the effort to recruit those personnel virtually is gaining steam.
Less than a year old, the San Antonio-based LevelUp Code Works Software Factory is succeeding in starting to “break the mold” of Defense Department software development. The factory, which had its grand opening last December, is providing key cyber-related products to U.S. military cyber organizations, says Lt. Col. John Priestly, program manager and materiel leader, Unified Platform Program; and director, LevelUp Code Works Software Factory.
The state of the U.S. cybersecurity industrial base is robust, including for numerous start-up companies exploring new and, in some cases, pioneering cybersecurity technologies. Members of the AFCEA International Cyber Committee say the infusion of cybersecurity technologies and innovations originating in friendly countries and allies such as Israel, the United Kingdom and Australia certainly support this strength.
The U.S. Army is attacking defensive cyber operations from the laboratory. It is focusing new research efforts, including autonomous network agents, on ensuring cyber resiliency in the battlespace.
Some of this work builds on related efforts long underway at the Combat Capabilities Development Command Army Research Laboratory (ARL). Other thrusts aim at exploiting capabilities that are within reach but not yet ready to field. Still more are areas of research that have been given greater emphasis reflecting the more urgent need for cyber resilience.
The U.S. Army has spent the last two years pursuing a modernized integrated tactical network, or ITN, that supports increased mobility, resiliency and capabilities. Now, the service has a focus toward making sure that the modernization of that network can enable joint all-domain command and control, or the concept of JADC2. The service is preparing to fight seamlessly across the sea, land, air, space and cyberspace, or multidomain operations, by 2028.
When the first Solarium Commission convened in 1953, it had the task of helping Former President Dwight D. Eisenhower and his cabinet colleagues assess the threat from the Soviet Union after the death of Joseph Stalin and agree on a strategic U.S. response. Three teams of policy experts put together three competing policy models: containment, confrontation and roll-back. Former President Eisenhower famously chose containment, a strategy based on the deterrence of Soviet military power and a norms-based alliance with Western Europe.
For many, the issue of cyber resilience conjures up thoughts of conducting military operations in a denied environment. But the COVID-19 pandemic has added another dimension. The importance of cyber resilience to everyday activities has been illustrated through the changes wrought by the coronavirus. As the need for online telework and related efforts continues to expand, so do the attack vectors leveraged by cyber marauders.
The COVID-19 pandemic brings with it a new set of cyber vulnerabilities built around lifestyle changes throughout society, and these vulnerabilities cry out for new means of cyber resiliency. “It’s quite possible that historians will remember COVID-19 as one of the very important civilizational turning points,” says Alexander Kott, chief scientist of the Army Research Laboratory and Army ST for cyber resilience. “COVID-19 is acting as a forcing function. It forces us to accelerate the transition to a more virtual society than we were before, and it is accelerating the trend that was occurring before COVID-19 but was happening more slowly and less noticeably.”
Although the world is still in the midst of the coronavirus disease 2019 pandemic, technology experts agree lessons the infection teaches about cybersecurity and resilience are emerging. As people don masks to decrease the likelihood of germs entering their bodies, they also must put barriers in place to protect their networks. And, just as they prepare for how they will rebound from the illness or economic downturns, they must examine their options for life after the pandemic.
Enterprise modernization of the Navy's networks and systems is finally underway. Set to impact hundreds of thousands of uniformed and civilian users, it will consolidate many outsourced network service delivery mechanisms across the entire Department of the Navy (DON). The initiative aims to transform how services are delivered, provide a dramatically improved end user experience, and enable critical innovations long needed to accelerate the DON’s mission.
In response to the pandemic, the Defense Information Systems Agency (DISA) has incorporated changes into its operations that are likely to remain in place after the virus has passed into memory. The COVID-19 pandemic forced the agency to adopt new procedures that have shown their worth for efficiency and employee quality of life.
Some of these measures, such as telework, already were in place to a limited degree. Others, such as virtual meetings, became the rule rather than the exception that they were originally. Other changes made of necessity have been adopted for regular use.
The U.S. Defense Department by the end of the calendar year will release an initial zero trust architecture to improve cybersecurity across the department, says Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency, and commander, Joint Force Headquarters-Department of Defense Information Network.
Norton’s agency, commonly known as DISA, is working with the National Security Agency, the Department of Defense (DOD) chief information officer and others on what she calls an initial “reference” architecture for zero trust, which essentially ensures every person wanting to use the DOD Information Network, or DODIN, is identified and every device trying to connect is authenticated.
Protecting critical data is paramount to the Army’s vision for command-centric network operations, which will allow commanders to more easily understand what is happening on the operational network and more rapidly make decisions for the network’s defense, says Lt. Gen. Stephen Fogarty, USA, commander, U.S. Army Cyber Command.
Gen. Fogarty made the comments in a pre-recorded address as part of the virtual Army’s 2020 Signal Conference, which is hosted by AFCEA.
The U.S. Air Force is experimenting with a zero trust strategy to provide additional digital protections. Zero trust architecture offers a higher level of cybersecurity, through limited per-session access, continuous monitoring, endpoint security and monitoring of network conversations, explained Col. James Lotspeich, USAF, chief technology officer, Air Combat Command (ACC), Directorate of Cyberspace and Information Dominance (A6).
Col. Lotspeich spoke about the ACC’s zero trust architecture efforts during AFCEA Tidewater’s July 2 virtual luncheon.
Last of a multipart series.
The success of China’s foray into Internet control ultimately may be determined by the growth of the Internet itself, according to an Internet expert. While China seeks economic benefit from having its prime technology companies become the providers of choice for Internet customers, it also looks forward to being able to control Internet use outside of its borders. The ongoing evolution of the Internet, particularly its spread into a growing number of devices, may be China’s best asset for realizing its aims.