Trusted intelligence is needed in an era in which the United States is facing growing threats. The military and other entities in the intelligence community rely on the U.S. Defense Intelligence Agency to provide not only actionable intelligence but also the platforms or information technology systems that enable intelligence gathering, processing and analysis. To meet the increasing demand for intelligence, the Defense Intelligence Agency, known as the DIA, has distributed part of its workforce to the various U.S. military commands that it supports. This global deployment has altered the role of the DIA, explains Jean Schaffer, the agency’s chief information security officer (CISO) and chief of Cyber and Enterprise Operations.
From the outer space environment of the moon to the virtual realm of cyberspace, technology challenges have the potential to vex the intelligence community. Many of the tools that the community is counting on to accomplish its future mission can be co-opted or adopted by adversaries well-schooled in basic scientific disciplines. So U.S. intelligence officials must move at warp speed to develop innovations that give them an advantage over adversaries while concurrently denying foes the use of the same innovations against the United States.
Second of a two-part series.
Few if any topics cause more stress across the Defense Department than cybersecurity. As I noted in my last column, department leaders have taken many steps to address the problem. While most of these steps are helpful, we still see a lot of emphasis placed on setting and enforcing cyber standards across the department and its broader ecosystem of stakeholders.
Maj. Gen. Neil Hersey, USA, commander, of the U.S. Army Cyber Center of Excellence and Fort Gordon, said the center could potentially change its name, but that close cooperation among the centers of excellence essentially already provides the benefits of an information warfare center of excellence.
The change—if it happens—would follow the lead of the Army Cyber Command. Lt. Gen. Stephen Fogarty, USA, who leads Army Cyber Command, has been pushing to change the name to Army Information Warfare Operations Command. The service’s centers of excellence fall under the U.S. Army Training and Doctrine Command (TRADOC).
International partners and allies are showing interest in the U.S. Army’s Synthetic Training Environment, or STE, which will combine an array of technologies such as gaming, cloud computing, artificial intelligence and virtual and augmented reality to converge live, virtual and constructive training.
Brig. Gen. Anthony “Tony” Potts, program executive officer (PEO)-soldier, recently signed a new standard for 256-bit encryption for individual soldier systems. That is an increase from 128-bit encryption.
And since beginning the job about 18 months ago, he has stopped the once-common practice in the PEO-Soldier shop of signing cybersecurity waivers for the individual soldier equipment being developed. Furthermore, he is building a “robust capability” Risk Management Framework, which essentially specifies security controls for a system that involves organizational risk.
The Defense Information Systems Agency (DISA) continues to add capabilities available to warfighters and to the broader Defense Department community.
The agency has created a lot of buzz in recent months with a number of initiatives involving cloud capabilities, mobility and biometrics. Officials serving on a DISA panel continued that trend at the AFCEA TechNet Augusta 2019 conference in Augusta, Georgia.
Data is a strategic asset, but the human factor is the greatest unsolved issue in cybersecurity. Much progress has been made in securing technology, but today, it is not just the technology but also how you factor in human behavior. Security is not just about protecting the widget or fixing the algorithm because you must factor in behavior and external sources as well.
A panel of five women, all whom have excelled in cyber-related careers, took on some of cyber’s most pressing issues at TechNet Augusta.
Today’s military operates in a congested and contested cyber environment, and to have the advantage over its adversaries, the military must be able to integrate a variety of cyber-connected elements. Keeping the advantage depends on the ability to balance the level of precision required, to operate with speed, to accept nonconventional means and to tolerate less-than-perfect solutions. In an environment just short of war, there is no place for bureaucracy.
In the cyber realm, organizations need the means to rapidly identify emerging threats, immediately respond to mitigate risk, and systematically learn from these encounters—just as the immune system responds to a virus.
A single tool, process or team cannot deliver true cybersecurity. Collecting, analyzing and disseminating intelligence requires a converged organization that fuses expertise across domains. As adversaries possessing sophisticated expertise and considerable resources target multiple attack vectors—cyber, electromagnetic and physical, for example—cyber leaders must develop teams and systematic processes to rapidly transform analysis into action.
Data Link Solutions LLC, Cedar Rapids, Iowa, is awarded a maximum potential value $75,000,000 modification to a previously awarded indefinite-delivery/indefinite-quantity multiple award contract (N00039-15-D-0042) for the Block Upgrade II retrofit of Multifunctional Information Distribution System (MIDS) low volume terminals. The terminals provide secure, high-capacity, jam-resistant, digital data and voice communications capability for Navy, Air Force and Army platforms, and for Foreign Military Sales customers. Work will be performed in Wayne, New Jersey (50%); and Cedar Rapids, Iowa (50%), and is expected to be completed by December 2026. No funding is being obligated at the time of award. Funds will be obligated as individual deli
There was massive technological growth in 2018; things like artificial intelligence and blockchain have gained much support recently. IT departments often enable improved efficiency and security in their organizations by adopting emerging technologies, but that's only if they have the freedom to do so. A few years ago, IT had very less influence over business decisions, but now times are changing: IT is gaining an increased role in business decisions with implementation of cloud computing, data centres and enterprise mobility.
Speed is of the essence as the U.S. Army works earnestly with industry to equip the force with the latest tools to combat cyber attacks. Yet rapid acquisition must be weighed against wasteful haste as the service aims to deliver combat-effective capabilities without breaking stride.
These capabilities include a revamped tool suite, a portable cyber defense system and advanced cyber situational awareness. At the forefront of these efforts is the project manager, defensive cyber operations (PM DCO), part of the Army’s Program Executive Office Enterprise Information Systems.
The U.S. Indo-Pacific Command is incorporating new cyber technologies and standards as it strives for greater interoperability among a growing number of allies and potential partners. This increased reliance on cyber is viewed by command leadership as essential for maintaining effective military capabilities in the face of a growing kinetic and cyber presence by diverse adversaries.
For more than a decade, the U.S. Army has been improving the Logistics Information Systems Network, which is specifically designed to sustain and maintain warfighters deployed across the globe. However, although the technology has far exceeded the service’s goals, today’s management practices are almost identical to those used when the network was created in 2004. With the increase in cybersecurity policies and advances in capabilities, the need for highly trained, designated network and systems administration personnel has become abundantly clear, and the requirement for better management processes even more evident.
The National Security Agency (NSA) is launching its new Cybersecurity Directorate with a promise of “opening the door to partners and customers on a wide variety of cybersecurity efforts,” according to an agency statement. These partners will include established government allies in the cyber domain such as the U.S. Cyber Command, the Department of Homeland Security and the FBI. The directorate also is promising to share information better with its customers to help them defend against malicious cyber activity.
Frontier Technology Inc., Beavercreek, Ohio, has been awarded a $47,246,679 cost-plus-fixed-fee contract for supporting the enterprise ground system and defensive cyber operations. The contract award provides for cross-domain solutions, design, integration and rapid delivery team services. Work will be performed in Colorado Springs, Colorado; Beverly, Massachusetts; and Los Angeles, California, and is expected to be completed by July 19, 2024. Fiscal year 2019 research and development funds in the amount of $1,876,545 are being obligated at the time of award. The contract was the result of a sole-source acquisition.
Soldiers with the 3rd Brigade Combat Team, 1st Cavalry Division (3/1 CD) recently tried out a cyber-based prototype that complements electronic warfare systems designed to combat enemy drones, the Army has revealed in an online article.
Using the Army's enhanced cyber-enabled Counter-Unmanned Aerial System (C-UAS) capability, soldiers were able to detect and counter common, small drones during their training. The new prototype alerted soldiers to the presence of a drone and provided a means to target it, for protection across the brigade.
The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.
The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry.
This is grossly incorrect.
NCI Information Systems, Reston, Virginia, was awarded a $27,956,232 modification (P00005) to contract W91RUS-18-C-0017 for information technology services for cyber network operations and security support. Work will be performed in Fort Huachuca, Arizona, with an estimated completion date of June 30, 2020. Fiscal year 2018 operations and maintenance, Army funds in the amount of $10,251,101 were obligated at the time of the award. U.S. Army Contracting Command, Aberdeen Proving Ground, Maryland, is the contracting activity.