U.S. Cyber Command Goes Academic
For the last eleven years, the U.S. Cyber Command, which conducts cyber operations in defense of the nation, has partnered closely with government organizations and private industry to advance is mission. Now, the command, known as USCYBERCOM, is working to bolster its activities with academia as part of its comprehensive engagement plan. It recently launched a new academic engagement strategy that will broaden its communications with more U.S. universities; harness cyber research; promote cyber careers; and add analytical capabilities.
“It is really about bringing together all forms of national power across the interagency to achieve a new level of deterrence against our adversaries,” said David Frederick, the command’s executive director and highest ranking civilian. Frederick presented the lunchtime keynote on October 27 at AFCEA International’s TechNet Cyber in Baltimore. The conference, which is being held on October 27-28, is followed by the Defense Information Systems Agency’s (DISA’s) Forecast to Industry presentation on Friday, October 29, also at the Baltimore Convention Center.
The work the command performed alongside the NSA and the unique information sharing it conducted with the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the FBI about adversary activities leading up to last year’s presidential election was a key example of its successful and necessary federal partnerships. “We also conducted over two dozen operations to get ahead of foreign threats to our election systems and threats of misinformation before they could occur,” Frederick stated. “But none of this would have been possible without really close partnerships.”
To perform its daily operations in cyberspace, USCYBERCOM already works closely with CISA and the FBI, as well as the U.S. Northern Command and the U.S. Indo-Pacific Command, the Department of Energy and other government agencies. Going forward, the command will also partner more with the new Joint Cyber Defense Collaborative at CISA, Frederick noted. In addition, USCYBERCOM will continue to foster its relationships with private sector entities, the defense industrial base, telecommunications providers and other key cybersecurity players.
“Our role of course is to be out forward and conduct operations,” Frederick stated. “And I can't emphasize enough the importance of private sector partnerships in this defense of the nation mission. We cannot defend the United States using government capabilities alone. It absolutely requires close partnerships. Our collective defense relies on us working together to where we can understand what an adversary is doing in attacking the United States and take action quickly. What we've found in the last few years is that we have to have a model of collaboration, and that's not always an easy thing to do between the public and the private sectors.”
David E. Frederick, Jr., Executive Director @USCYBERCOM: We can’t defend the United States with government capabilities alone. We need industry. Some of our most critical tips have come from the private sector. #AFCEACyber pic.twitter.com/gzwJsvSOEf— Kimberly Underwood (@Kunderwood_SGNL) October 27, 2021
The USCYBERCOM used to pursue a more “transactional” model with its private sector partners, but has shifted that design for the better, Frederick pointed out.
“The idea was that we could share indicators of compromise back and forth, and kind of defend our areas independently,” he explained. “What we really found is that doesn't work. Without going into the details, I'll note that now we receive critically important tips from the private sector that enable us to conduct our operations. But these types of partnerships require trust and building a relationship before any crisis begins.”
The added focus on building partnerships with academia will only further strengthen its efforts, Frederick suggested.
Under the new academic engagement strategy, USCYBERCOM is establishing an academic engagement network designed to improve the command’s communications “with a broader set” of U.S. universities. “Our number one goal in the academic engagement network is to inspire students to consider cyber careers in the Department of Defense,” Frederick stated. “What I've learned is that oftentimes students don't even understand that there are options to work as a civilian in the DoD. And we also want to encourage them to pursue military commissions.”
To that end, USCYBERCOM will soon be launching several academia-focused efforts, including guest lecturing opportunities for universities, mentorship of capstone projects and student outreach. To harness cyber innovation and analytic capabilities, the command will increase its scope of college-based analytic partnerships.
“We've learned that university faculty and students have some great ideas and unique research about cyber adversaries,” Frederick emphasized. “Not everything is coming from the intelligence community in terms of new insights into how our adversaries behave and the direction they're going and so we're going to be expanding the number of analytic partnerships we have with universities.”
In addition, the command will advance its partnership with the National Defense University (NDU) as well as with the military service academies. With NDU, the command will assist with that school’s new University Consortium for Cybersecurity effort expected to begin in December. “We're going to be working very closely with them,” Frederick added.
In the meantime, the command remains centered on integrated deterrence as it daily contests adversaries in cyberspace. “We're ready to impose costs as we conduct operations in cyberspace,” he said.