Defense Department Cyber Requires Speed, Precision and Agility
Defense Department network defenders are under persistent engagement and constantly look for quicker, more agile ways to preempt and respond to cyber attacks. The challenge to secure, operate and defend the Department of Defense Information Network (DODIN) is the scope, scale and complexity of the DODIN. Its daily operations are conducted in an operational environment of continuous competition against determined adversaries. The Defense Department’s mission assurance depends on the success of this mission area.
The essential first step for the Joint Force Headquarters–Department of Defense Information Network’s (JFHQ-DODIN’s) operations and defensive cyberspace mission is an operational command framework. The JFHQ-DODIN, a component command of the U.S. Cyber Command (USCYBERCOM), leads unified actions for DODIN operations; reduces vulnerabilities and threats; and defeats, denies and disrupts attacks against the DODIN.
This operational command framework establishes lineage for authorities from the Unified Command Plan, to the assigned combatant commander, through the JFHQ-DODIN at the operational level of warfare, to DODIN area of operations commanders and directors, down to the approximate 240,000 DODIN cyberspace forces. This framework organizes the totality of the DODIN in terms of cyber forces and terrain with clear delineation of command authorities at all echelons of warfare.
Unlike the other operational domains, there is no military department assigned to cyberspace operations. This creates a process gap, such as an operational capability developer role to set the current and future environment. On behalf of USCYBERCOM, the JFHQ-DODIN fills this role in the DODIN operations and defensive cyberspace operations–internal defensive measures (DCO-IDM) mission areas.
By being involved in the process continuum of cyber-related requirements identification through the employment of capabilities, the JFHQ-DODIN is able to evaluate the extent to which a capability meets defensive cyber needs. Joint capabilities requirements involves identifying warfighting needs, as well as authoring and implementing concepts of operations while optimizing current capabilities and operationalizing the employment of modernization efforts and new technologies for the entire DODIN. Being part of the process strengthens the command’s ability to proactively protect and defend the DODIN as a warfighting platform, supporting the National Defense Strategy and the DOD Cyber Strategy.
The DODIN is the Defense Department’s classified and unclassified complex federation of thousands of networks, information technology equipment, tools and applications, weapon system technologies and data. This includes mobile devices, Internet access points and connections with nonmilitary entities, platform information technology, programs of record, industrial control systems/supervisory control and data acquisition, and the cloud environment. It is composed of service, agency and combatant command constructed networks. It encompasses the enterprise, and the base, post, camp and station levels. The Defense Information Systems Network (DISN), managed by the Defense Information Systems Agency (DISA), serves as the DODIN backbone.
The JFHQ-DODIN bridges requirements and resourcing mechanisms to address both operational effectiveness and efficiency opportunities. From the JFHQ-DODIN perspective, sustainable defense hinges on defining process and technology performance standards and requirements.
“We don’t tell organizations what tools to use,” says Vice Adm. Nancy A. Norton, USN, commander, JFHQ-DODIN. “We focus on defining the desired outcome for sound, proactive defense of the DODIN. This includes looking at DOD-wide defense related cyber capabilities along with our own capabilities as a headquarters and what is needed to fulfill our responsibilities.”
Since reaching full operational capability in January 2018, The JFHQ-DODIN has made significant progress in establishing a unified joint force approach for defensive cyberspace operations. Adm. Norton explains that with JFHQ-DODIN involved in the requirements process, the Defense Department’s 43 components—10 combatant commands, five services, 28 agencies and field activities—that have DODIN area of operations responsibilities can maintain more confidence in the layered defense of the DODIN.
The JFHQ-DODIN’s assertive stance to protect the DODIN is integral to USCYBERCOM’s persistent engagement and defend forward efforts. By ensuring a strong and consistent defensive posture, the JFHQ-DODIN forces adversaries away from Defense Department networks.
In this era of persistent engagement, the scope, scale and complexity of the JFHQ-DODIN’s mission to operate and defend cyberspace warfighting terrain constantly changes. “To succeed, we must have interoperable tools, technologies and processes that easily integrate the various networks and security tools used by DOD components,” says Rear Adm. Kathleen M. Creighton, USN, deputy commander, JFHQ-DODIN. This enables the JFHQ-DODIN to share more relevant and timely information and directives with the components. “We work across the DOD enterprise to identify operational requirements, optimize current capabilities and operationalize new technology solutions,” she adds.
JFHQ-DODIN’s involvement centers on helping to define cyber requirements, explore solutions or suites of tools for the DODIN operational area, and then integrating across these capabilities to continually improve speed, precision and agility for cyberspace forces and for the mission success of defense operations. A few of the areas of high interest to the JFHQ-DODIN are endpoint security, perimeter security, cloud security, data governance and data analytics. The overarching desired outcome is to help Defense Department commanders and directors make informed decisions and manage operational risks to their own mission priorities and interdependencies with other organizations, as well as monitor how their cyberspace condition impacts others on the DODIN.
With this in mind, Fight the DODIN—a 26-point strategic approach to network operations, cybersecurity and defensive cyber actions at all levels—strengthens the Defense Department’s ability to have competitive advantage over adversaries. This warfighter ethos and mindset reflects an essential shift to leveraging information technology for operational gains across all core department functions—combatant command warfighting; the services’ organize/man/train/equip functions; intelligence functions and business operations—rather than viewing information technology through an administrative lens.
Developing and advocating DODIN operational standards are a central piece to the JFHQ-DODIN’s responsibility in the cyber requirements arena. In addition to influencing technology decisions, the efforts touch on changes in policy and acquisition processes. Key partners include USCYBERCOM, the 43 components with DODIN area of operations, the Office of the Defense Department Chief Information Officer and the Office of the Secretary of Defense Principal Deputy Cyber Advisor.
Jeffrey R. Jones is the executive director, JFHQ-DODIN.
The work undertaken by JFHQ–DODIN will be among the topics discussed at TechNet Cyber 2019, being held at the Baltimore Convention Center May 14-16.