Across the Armed Forces, a widespread cultural change from an information technology (IT)-focused to a more operational-based approach is needed to effectively handle increasing threats in the cyber domain, according to a panel of cyber commanders speaking at an Association of the United States Army event on July 20.
Leaders from the Army, Navy and Air Force spoke on their push to fundamentally change the approach to protecting their networks and build on their “cyber synergy,” especially in light of the recent WannaCry and NotPetya malware attacks. Changes are being made to create a more precise, synchronized effort as the Armed Forces look for interoperable help in the cyber domain from partners and industry.
“We know that we have to build our network with cyber security in mind from the beginning, not as an afterthought,” said panel chair and Military Deputy of Cyber Security for the Office of the Chief Information Officer/G-6 Maj. Gen. Garrett S. Yee.
While cyber is not officially considered a domain, the Department of Defense’s (DoD) Cyber Security Culture Compliance Initiative in 2015 effectively secured the effort to ensure that the Armed Forces understood that an operational aspect to protecting the networks was necessary, according to Yee.
“I can’t think of a time in history where the threats that pose themselves against not just DoD assets but the whole government and all the nation and on the international front with this level of speed, complexity, proliferation and sophistication. Its unprecedented,” said Air Force Maj. Gen. Burke “Ed” Wilson, deputy principal Cyber Advisor to the Secretary of Defense and Senior Military Advisor for Cyber. “Precision in this space is especially important. We need to be able to have speed of decision and execution. If you sit and try to overthink problems, especially in the operational arena, you will lose very quickly. We need to make sure we’ve given commanders in the field the right authorities and the right training and knowledge.”
Much of the focus from the panel was on the increasing frequency of major cyber attacks forcing leaders throughout the Armed Forces to shore up capabilities and move towards a threat-based approach. Several of the cyber leaders mentioned solving the effort to phase out legacy systems that invite vulnerabilities and figuring how to scale the rate of innovation from industry as key components for cyber goals.
Working to integrate capabilities from the DoD’s Defense Innovation Unit Experimental (DIUx) has played an increasing role in finding new capabilities to keep up with increasing efforts to protect Armed Forces networks, according to Brig. Gen. Maria Barrett, deputy director of Current Operations for J3 Army Cyber Command. Leaders are seeking building on cooperative efforts with the National Security Agency (NSA) and finding new ways to work within the Department of Defense Information Network (DoDIN).
“By this time next year, we’ll be operating out of the Integrated Cyber Center on the NSA campus. That will be purpose built for NSA and CYBERCOM to have a joint operations center. It will also include key partners from the U.S. government and also our foreign partners,” said Barrett. “The ability to see the network is absolutely vital. You can manipulate the DODIN. You can maneuver it, and using intelligence, see what adversaries were doing in a very short time period of when a vulnerability is known they can operationalize that.”
The panel reached out to the industry representatives at the event with goals in mind to help in the cyber synergy effort across the forces. Cyber commanders are looking for capabilities that can be fielded quickly, are interoperable and standards-based so they can support the move toward a more resilient, predictive network, according to Navy Cyber Security Division Director Rear. Adm. Danielle Barrett.
“In the future we have to look towards artificial intelligence and big data analytics to be predictive in this environment,” Rear Adm. Barrett said. “And from industry, the Navy is not just looking for technology solutions but also for GrayMatter solutions as well.”
For the panel, in order to protect each of their networks and synchronize their goals for the cyber domain the key is to be able to leverage capabilities for warfighters. New capabilities from industry and tools implemented by the Armed Forces must be interoperable with all operational forces, according to Yee.
“We find that we have a capability that we want to bring in and it’s not interoperable with the other capabilities on our network that’s a problem,” said Yee.