By Geoff Fein
One of the biggest issues facing the Navy today isn’t taking place on or below the water’s surface, nor in the air or in space–it’s on the vast myriad networks the service operates and how to keep them secure.
“It is our biggest issue and we are investing a lot of resources into improving the security of our networks,” Vice Adm. Harry Harris, deputy chief of naval operations for communication networks (OPNAV N6), told Defense Daily in a recent interview.
Navy officials think about network security 24 hours a day.
“We recognize that as we do these new things, as we move into open architectures as we employ Service Oriented Architectures and all that, for all the good things that those concepts bring, we have to be mindful of the risk associated with them,” he added. “So that when we build CANES (Consolidate Afloat Network Enterprise Services), and when we build NGEN (Next Generation Enterprise Network), we have a way of increasing our security.”
Harris believes that the Navy Marine Corps Intranet (NMCI) model, which will flow into NGEN, is good as the service is able to push security patches across the entire network. “Where we find our weaknesses today, we find those weaknesses in our legacy networks,” he added.
“We consistently go back and have problems in our legacy networks, so our Cyber Asset Reduction and Security (CARS) program is focused on reducing and eliminating legacy networks to get down to those few we are going to keep and to migrate to an enterprise network, whether it’s NGEN or whatever, so we can improve security across the whole enterprise,” Harris said.
Harris has high praise for Naval Network Warfare Command, whose mission is operational management and defense of the network.
“They have been at this now for seven years. It’s headed up by a three star (Vice Adm. H. Denby Starling II),” Harris said. “The Navy took a whole bunch of disparate commands…there were 26 of them I think, and rolled them all together and called them NETWARCOM. The past seven years that outfit has really grown and, in my view, is the exemplar of a services network defense organization.”
NETWARCOM works as a naval component for U.S. Strategic Command, Harris said. “Which means de facto they work for Joint Task Force Global Network Operations, for security, and that’s all about defense of the network.”
The Navy also has the Naval Cyber Defense Operations Command (NCDOC), which works for NETWARCOM, Harris added.
“You know, we have had some security issues recently. I believe NETWARCOM enabled the Navy to stay ahead of those issues,” he said.
“I have been asked, at different industry venues, if I had an extra dollar to spend what would I spend it on, or what keeps you up at night? The answer is the same–network security…cyber security,” Harris said.
Not only is the effort to defend against cyber threats challenging, the threat is growing, Harris noted.
“We have a threat vector from hackers on one side who are just nuisance people, to nation states, to organized crime and terrorism groups, and they are unconstrained by laws, regulations or policies,” he said. “We, on the other hand, as we build defenses and try to stay ahead of that threat…we are constrained by law, regulation, and policy and for all the right reasons.”
That requires balancing that constraint on the nation’s freedom of maneuver against our adversary’s freedom of maneuver in an unconstrained way, Harris added.
Harris believes that cyber security is being seen as a new domain, a new battlespace.
“I believe that the emphasis on it has only happened in the last several years and, most especially within the last year, and all of this discussion about cyber…NSPD (National Security Presidential Directive) 54…the HSPD (Homeland Security Presidential Directive) 23, and the fact that our national leadership has recognized the cyber domain, and the cyber threat, and all things cyber, are important,” he said. “At the national level, we are investing a lot of resources into getting at the problem.”
The Department of Defense is reorganizing to meet cyber threats. In addition, the White House is currently reviewing a report on government-wide cyber efforts.
“I think it is a new domain. We have air, sea, land and undersea, that we have been dealing with for the longest time,” Harris said. “Then we have this new area…special operations. And now I believe we have the newest new area–cyber,” he said.