Priorities in the Cyber Domain
First, I have to apologize for promising, via blog, to get to the real tech on the WEST conference this afternoon. Truth is, first I had some tech problems of my own (thanks to the SIGNAL New Media Editor for being patient with me!), but, more importantly, I was engrossed in this afternoon's panel session of top leaders talking up the most important issues in the cyber domain. Led by Vice Adm. Nancy Brown, USN (Ret.), former J-6, JCS, panelists agreed that IT ownership-and responsibility for its security-belongs to every level of command, from staff members to CEOs, from privates to generals. "Ignorance is our biggest vulnerability [in the cyber domain]," stated Vice Adm. Carl Mauney, USN, deputy CO, STRATCOM. In addition to Adm. Mauney, panel members represent the top in their field: Robert Carey, CIO, USN; Norman Friedman, author of Network-Centric Warfare: How Navies Learned to Fight Smarter Through Three World Wars; and Terry Roberts, an executive director with the Carnegie Mellon Software Engineering Institute and former deputy director of naval intelligence. This star-studded group agreed that the cyber domain and, even more importantly, the security of this domain, gives the United States freedom of action in all domains, but that vigilance is a key word because C2 now relies on cyber, and networks must be optimized. "We can never secure it all, so what's important?" is the question that Adm. Brown challenged panelists to answer. And answer they did-from training to momentum, from resilience to access control. By far, training was a priority heard time and again. Because the military adopted IT so quickly and in a somewhat patchwork manner, cyber was considered the domain of the geeks in computer shops. Not so today. As a result, training must be a priority, and there is not enough of it, the panelists agreed. "There is an executive leadership team at the Pentagon and part of the members 'get it,' and part don't. Everyone has GOT to get it," Carey stated. Many experts believe that it will take the cyber bombshell before people begin to take cybersecurity seriously. Not so, Roberts said. "We finally have enough momentum that we may not need to have a 'cyber 9/11' to wake us up," she stated. But the lack of system resiliency worries Roberts. "Communications systems are the most vulnerable of all time, and we have no back-up," she pointed out.