Uniting Cyber Defenses
The U.S. military’s struggle to carry out effective cybersecurity measures sets the stage for a massive cultural shift that leaders say will better protect critical networks against cyber adversaries who are only getting better and smarter.
The U.S. Army is at the helm of a major operational change that leaders dubbed a “convergence” to connect several fragmented military responsibilities, paving the way for a future in which the intelligence community will work more closely with signal commands, electronic warfighters, cyber and information operations.“Unlike any other time in our history, you’re watching our strategic and tactical world collapse into one, and it really is unprecedented,” Maj. Gen. John Morrison Jr., USA, commanding general, U.S. Army Network Enterprise Technology Command and deputy commanding general for the 2nd Army, told attendees at AFCEA’s TechNet Augusta conference.
“We haven’t made the mental leap to break down the stovepipes that exist within the information environment and between the information environment and the operational environment,” added Lt. Gen. Edward Cardon, USA, commanding general of the U.S. Army Cyber Command/2nd Army.
Cyber operations have to be “deconflicted and interoperated” between intelligence, signal, cyber, electronic warfare and other operations, said Maj. Gen. Stephen Fogarty, USA, commanding general of the U.S. Army Cyber Center of Excellence at Fort Gordon, Georgia. Leading the charge is the U.S. Army’s newly created cyber school, a historic first toward building the service’s fledgling cyber branch. Additionally, the Army Cyber Command will move to Fort Gordon in 2019, significantly expanding the base and co-locating cyber efforts, Gen. Cardon added.
Cyberwarriors will be trained to protect Department of Defense Information Network (DODIN) operations, among the most critical the Defense Department conducts, Gen. Fogarty assessed. “It’s the foundational capability for the joint force in the way that America fights wars,” he said.
Without the DODIN, there would be no mission command, no intelligence, no surveillance and reconnaissance, and no logistics or telemedicine, the general listed. “What I’m telling you is, the things we’ve taken for granted over the last 14 years [of conflict] are increasingly at risk,” he warned. “The environment is much more congested. It’s much more contested, and there are a lot of unknowns out there. We will not be able to accurately predict where we are going to deploy. We will not be able to accurately predict what the environment is going to be once we get there. It’s the network that gives us tremendous capabilities. And I think it’s at risk.”
In addition, skilled cyber professionals are in high demand but short supply. The government and private sector will jockey for talent for the foreseeable future because of the dearth of qualified workers, said panelist John Klebonis, vice president of federal government customer service for AT&T. Government officials should begin cultivating the next-generation cadre of scientists, programmers and security experts when students are in elementary or middle school, added Gary Wang, deputy chief information officer/G-6 for the U.S. Army.
Recent intrusions into private and federal networks indicate adversaries are more adept at launching cyber attacks, despite automation and control systems, said Michael Assante, the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security and co-founder of NexDefense. In the private sector, efforts to streamline network protections are not new, offered Tom Patterson, vice president and general manager for Unisys Global Security Solutions. “A lot of us have been talking about convergence for years,” he said. “But if it was easy, we would have done it by now.”
Patterson cautioned military leaders against changing their culture too quickly. “Before you converge them, you have to secure them,” he added.
Next year’s event will be held August 2-4 in Augusta, Georgia.
