Less than two months after the Trump administration and Defense Department released new cyber strategies that enable more offensive operations, the results so far are positive, a Pentagon official said on Tuesday.
The administration’s new strategy allows the government to “balance and assess risks” and make decisions faster and to “do so at the speed of relevance,” Ed Wilson, the deputy assistant secretary of defense for Cyber Policy, said at a government cyber conference hosted by Symantec [SYMC]. “We have already been through the process a couple of times now and are undertaking cyber effects operations really with the mindset of deterring nation-state behavior in this arena by taking actions necessary to make it very clear that the cost of doing business in this space will never be achieved in terms of the benefits.”
The goal with the shift in strategy to allow for more “proactive” or “assertive” cyber effects operations isn’t to “create hostilities in cyberspace” but rather “we’re trying to reinforce the norms of behavior “ and “when those norms are violated, we can impose some consequences as a result of that so that we have a more stable environment,” said Wilson, who retired from the Air Force earlier this year as a major general and previously commanded the service’s cyber command.
“I would report that by all accounts it’s been very successful,” Wilson said of the new approach. “We’ve been able to make decisions. We’ve actually looked at certain activities and said ‘not this time,” adding that the new processes have allowed decision makers to be “very clear eyed” when assessing risk.
In a brief gaggle with reporters afterward, Wilson provided an example of the type of success the DoD is having with its new strategy. He said U.S. cyber forces have partnered with the governments of Macedonia and Montenegro at their request for combined operations, which are ongoing.
The cyber forces are training and exercising and these countries have found the partnership “to be effective,” Wilson said.
Montenegro is member of NATO and Macedonia is a NATO partner country,
The strategy shift is going from reacting to cyber threats to enabling more proactive approaches and is driven by the fact that “the homeland is no longer a sanctuary when it comes to cyber threats,” Wilson said. It recognizes that nation-states and rogue states are persistently using cyber means against the U.S., including the private sector, and “that has created strategic risk to the nation,” he said.
DoD is working more closely across the federal government to help inform about emerging cyber threats, Wilson said. He mentioned that DoD recently entered into a memorandum of understanding with the Department of Homeland Security to strengthen information sharing around cyber threats and to enhance cooperation with roles and responsibilities in responding to significant cyber incidents in the U.S. so that critical infrastructure sectors are more secure and resilient.
The Defense Department is focused externally and its expertise allow it to understand and “characterize” threats from outside the country and with its new emphasis on “defending forward” it works to “disrupt, deter, and if needed, be able to compete with those on a day to day,” he said. Those threats may include attacks on critical infrastructure, cyber espionage, or influence operations such as those seen in the 2016 presidential elections, he said.
In line with the National Defense Strategy released earlier this year, the new DoD cyber strategy also emphasizes lethality.
“Really what we’re describing is the ability to bring cyber effects operations, both defensive and offensive, to bear as part of our joint force,” Wilson said, adding that cyber effects operations go “alongside” traditional kinetic capabilities so they can be “more effective as well as become more resilient in a cyber contested environment.”
DoD is also concerned about cyber espionage against information on its networks and in the defense industrial base, which houses “intellectual capital” that provides current and future capabilities for the department, he said. DoD is working to “upgrade, if you will, the resiliency of the defense industrial base,” he said, and has recently established a task force to strengthen the cyber security of the industry.
“That’s a very important theme in DoD cyber security,” Wilson said.