Raising the bar for STEM education comes through practice, competition and a culture shift to help prepare the next generation of defense leaders. It’s less about how many hours of STEM courses or what is the right age to engage kids in STEM and more of a focus on how to create access to opportunities in a way that they can connect with for the long term.
The Cyber Edge
Faced with unending cyber attacks that are increasing in sophistication and coming from all types of adversaries, the U.S. Army Cyber Center of Excellence is preparing its best defense: cyber operators. With a dedicated section of the Army’s force that focuses only on cyberspace operations, the service must continue to fill the ranks and train cyber operators, said Maj. Gen. John Morrison Jr., USA, commanding general, U.S. Army Cyber Center of Excellence (CoE) and Fort Gordon.
If you think of the cyber threat as Godzilla, you can see the need for a framework that optimizes limited resources. As the beast attacks the building, those individuals located on the ground floor—for example the architects and engineers—worry about being stepped on by its feet. Those on the next floor up, the systems engineers, see the knees and want protection from being kicked. The next level, the incident responders, see the claws and worry about what those claws can do. Higher in the building, the operators see the shoulders and are focused on how big the threat might be based on the shoulder size. The customers at the top only see teeth and flames.
As the Department of Defense is working to improve lethality, it is making the transition to fight in the new domain of cyber, according to Anthony Montemarano, executive deputy director, Defense Information Systems Agency (DISA). The key to this evolution is innovation and harnessing emerging technologies to protect and defend the homeland. “We’ve got to get ahead of the adversaries,” he said.
Speaking to a room packed full of industry and government officials on Tuesday at the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore, and in an interview with SIGNAL Magazine, Montemarano called on industry to provide innovation.
In her unique, dual-hatted role as director of the Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters–Department of Defense Information Network (JFHQ-DODIN), Vice Adm. Nancy Norton, USN, is pushing to provide the best communication and information technology capabilities to the Defense Department (DOD).
“Everything we do is to support the warfighter and increase their ability to accomplish their mission,” she said. The admiral was the keynote speaker opening the AFCEA Defensive Cyber Operations Symposium (DCOS) in Baltimore on May 15.
U.S. Navy personnel with advanced skills in information warfare may be ready to hit the decks and deploy across the fleet by year’s end.
Adding those adept information warriors to the fleet is a top priority for the commander of the Naval Information Warfighting Development Center (NIWDC), which was established about a year ago. Similar to other warfighting development centers, the NIWDC mission includes training and assessing forces in advanced tactics, techniques and procedures at the individual, unit, integrated or advanced and joint levels.
The organization tasked with protecting U.S. Defense Department networks is looking to accelerate its ability to detect and respond to enemy cyber attacks. While detection and response are not new, they have assumed greater importance as cyber attacks are combined with kinetic operations throughout the battlespace.
The increased sophistication and unpredictability of adversaries’ cyber capabilities and tactics demands improvements in war-fighting readiness by revolutionizing how information warfare is executed in the U.S. Navy’s fleet. To address this challenge, the service is aligning and synchronizing efforts among its various communities and supporting multiple warfare areas with an information-packed warfighting model.
One does not have to look too far beyond the headlines to see that the battle for world power is playing out in the information space. Free and open democratic societies increasingly are tested by rising autocratic countries employing high technology in information warfare.
For the United States to succeed in this battle, citizens, not just the government, need to be more discerning about information, experts say.
After years of lagging behind competitors in the battle for electromagnetic spectrum dominance, the U.S. Army may be catching up with reinforcement from technology researchers. But it may be the application of technology rather than the systems themselves that truly gives the Army an edge.
Service leaders say they lost focus on electronic warfare and information warfare capabilities while preoccupied with the wars in Iraq and Afghanistan, where cutting-edge technologies were not a necessity. Now, they contend, the next war likely will be against a foe capable of formidable offense and defense in the electromagnetic domain.
Being able to pace technology is the top challenge facing the Defense Information Systems Agency, according to its director. This activity encompasses both positive pacing, in which the agency takes the lead in incorporating innovative capabilities, and negative pacing, where it responds to the constantly evolving technology-based threat.
Industry plays a significant role in both aspects of pacing. The private sector serves as the font of innovation for new information capabilities sought by agency customers. Similarly, industry must be the primary source of related technologies that help counter the growing threat posed by nation-state and independent adversaries.
A bug bounty program worth a total of $10 million aims at acquiring and developing active cyber-defense capabilities for some of the most popular software programs for Windows, MacOS, iOS and Android. The public program is offering payouts focusing on quality over quantity to identify and address some of the toughest problems.
Cybersecurity evolves daily to counter ever-present threats posed by criminals, nation states, insiders and others. To address the changing threat landscape, the National Institute of Standards and Technology (NIST) periodically updates its Risk Management Framework (RMF), a standards-based, security-by-design process that all IT systems within DOD agencies must meet.
Researchers at the National Institute of Standards and Technology (NIST) have developed a method for generating numbers guaranteed to be random by quantum mechanics. Generating truly random numbers is one of the major challenges for quantum-based encryption and could mark a major leap in cybersecurity.
When combatant commanders plan an attack on an enemy stronghold, they know exactly what to do, including which intelligence reports to consider, where to send the ground troops, when to call in an air strike and when to jam the enemy’s radar. But ask those same commanders to attack the enemy in cyberspace and the response will be far less defined.
Amid the political scuffles on Capitol Hill about immigration, health care and budget legislation to keep the federal government open, cybersecurity is not necessarily one of the highest policy-making priorities. This must change, some lawmakers say. Cyber attacks, already plentiful and disastrous, will only increase in frequency and scale over time. The United States needs more protections and measures, especially at the federal level, according to some legislators.
Jack Finney’s science fiction classic Invasion of the Body Snatchers offered a frightening premise. In the novel, aliens in seed vessels descend to Earth, landing in a small California farming community. As the townsfolk sleep, these seeds replicate the earthlings and, by morning, replace them. The only discernible difference between the clones and their host bodies is that the clones lack emotion. In essence, the aliens have stolen the earthlings’ DNA, and the humans never saw it coming.
The idea of this happening is unimaginable—in the case of human bodies at least. However, one company replacing another company’s DNA then killing off the original entity is happening now in the invisible world of cyber.
The Internet of Things (IoT) has security issues. The fundamental weakness is that it adds to the number of devices behind a network firewall that can be compromised. Not only do we need to safeguard our computers and smartphones, now we must worry about protecting our homes, vehicles, appliances, wearables and other IoT devices.
Amid stunning digital attacks that have not only rocked countries around the globe but also targeted alliance forces, NATO is sharpening its resolve to serve as a cyber protector. A forthcoming Cyber Operations Center will incorporate cyber warfare into NATO’s defense operations. In addition, NATO’s Cooperative Cyber Defence Centre of Excellence is boosting the organization’s cybersecurity-related research, exercises and instruction to meet the seemingly unending threats.
The U.S. Defense Department must move aggressively to better understand information warfare and its implications to national security. To propel the necessary next steps, the department must organize information resources not only to meet military cyberspace requirements but also to address how adversaries view U.S. cyber assets.
Although the nation has long dominated the communications and information systems landscape, past success makes it vulnerable in the future. Consequently, forces and the weapons platforms they rely on are increasingly susceptible to information attacks.