Critical Cyber Needs Include People
Critical Cyber Needs Include People,
Partners, General Says
By Cheryl Pellerin, American
Forces Press Service.
Washington D.C. -- (AFPS)
-- July 2, 2013 - Despite the inherent technical "geekiness" of cyberspace and
urgent Defense Department efforts in that area, people and partners are among
DOD's most critical cyber needs, the senior military advisor for cyber to the
undersecretary of defense for policy said last week.
Navy Lt. John Knolla mans the tactical
action officer watch in the combat direction center aboard the Nimitz-class
aircraft carrier USS Ronald Reagan during Exercise Valiant Shield 2006 in the
Philippine Sea. Valiant Shield focuses on integrated joint training among U.S.
military forces, enabling real-world proficiency in sustaining joint forces and
in detecting, locating, tracking and engaging units at sea, in the air, on land
and in cyberspace in response to a range of mission areas.
U.S. Navy photo by Airman
Army Maj. Gen. John A. Davis spoke to
a large audience at the June 25-27 Armed Forces Communications and Electronics
Association International Cyber Symposium in Baltimore.
Cyber partnerships such as those with the National Security
Agency and the Defense Intelligence Agency and external partnerships such as
those with industry, international allies and academia represent a
transformation in the way DOD approaches cyber, Davis said.
For more than two years, he said, "DOD has been fundamentally
and deliberately transforming the way we think, the way we organize, the way we
train and equip, the way we provide forces and capabilities, the way we command
and control those forces, the way we operate and the way we insure leadership
and accountability for cyberspace operations."
Even the general's job as military advisor for cyber, a new
position formally approved in August in an environment of reduced resources, "is
an indication of how seriously senior department leaders are taking this subject,"
The standup of U.S. Cyber Command in 2010 was part of this
transformation, he said.
"It brought together disparate cyber functions of operating
our networks, defending our networks and applying offensive capabilities against
adversary networks," said Davis, adding that Cybercom's collocation with the
National Security Agency at Fort Meade, Md., greatly improved DOD cyber
"There's a much better integration of intelligence through
NSA's hard work," the general said. "From shared situational awareness to a
common operational picture, NSA is doing some really great work. Leveraging
their skills and expertise is not only an operational advantage, it's a
Beyond NSA's technical focus, Davis said, DOD needs broad
strategic context for intelligence to fulfill its cyber mission and that DIA,
along with other intelligence community organizations, plays a critical role.
Ultimately, people and organizations who work against the
United States and its allies in cyberspace are behind the development of
malicious code and software, he said.
"This is where DIA is helping us refine and improve our
indications and warning so it's not limited to actions taking place at the speed
of light, but actions by humans and organizations and processes that might help
us ... act with more options for leadership decisions," the general added.
As it does with interagency partners at the Department of
Justice's FBI and the Department of Homeland Security, DOD builds capabilities
in cyberspace by working with industry, international partners and academia.
In its work with the defense industrial base, or DIB, DOD is
the sector-specific agency under Homeland Security for interacting with the DIB.
In 2010, the voluntary DIB Cybersecurity Information
Assurance, or CS/IA, effort opened as a permanent program after a pilot period
with 34 companies. Activities under the program enhance cybersecurity
capabilities to safeguard sensitive DOD information on company unclassified
With the publication of a federal rule in 2012, DOD expanded
the program, and nearly 100 companies now participate. At the same time, the
optional DIB Enhanced Cybersecurity Services, or DECS, became part of the
expanded DIB program.
Homeland Security officials said DECS is a voluntary program
based on sharing indicators of malicious cyber activity between DHS and owners
and operators of critical infrastructure. The program covers 18 critical
infrastructure sectors, including banking and finance, energy, information
technology, transportation systems, food and agriculture, government facilities,
emergency services, water, and nuclear reactors, materials and waste.
"DOD relies heavily on critical infrastructure, which is in
part why the department has a role to play in providing support to defend these
commercial systems," Davis said. More than 99 percent of electricity and 90
percent of voice and communication services the military relies on come from
civilian sources, he noted.
"Defending our networks is a challenge that's not getting any
easier because of our reliance on key networks and systems that are not directly
under DOD's control," the general observed.
Davis said the DIB CS/IA program and DECS "are part of a
whole-of-government approach to improve the nation's cybersecurity posture. It's
a holistic approach, because that's what's required in order to achieve this
DOD international engagement supports the U.S. International
Strategy for Cyberspace and President Barack Obama's commitment to fundamental
freedoms, privacy and the free flow of information, and the right of
self-defense, Davis said.
DOD's ongoing cyber engagement with allies and close partners
takes many forms, he added, including sharing information about capabilities and
processes, warning each other about potential threats, sharing situational
awareness and fielding more interoperable capability.
Such engagement includes joint training venues and exercises,
he said -- "everything from tabletop exercises to more sophisticated exercises,
and we're doing joint training and putting cyber into our bilateral exercises on
a more regular basis."
With the State Department and other interagency partners, the
general added, DOD participates on cyber matters in bilateral, multilateral and
international forums, such as the United Nations and NATO.
"As an example of a critical bilateral relationship," he said,
"I've had the great honor twice in the past year to engage as part of a U.S.
academic and government interagency forum with counterpart Chinese academic and
The last meeting was in Washington in December, Davis said.
"We recognize China as a rising power and one of the world's
leading voices in this discussion, so senior government officials across the
interagency have actively engaged their Chinese government counterparts,
including their military [counterparts] ... in a number of ways already and we
would like to see those engagements expand," Davis said.
On July 8, DOD officials and several interagency partners "will
hold a working group meeting on cyber with our Chinese counterparts to talk
about this directly and to strive for concrete solutions with actionable steps
for progress," he added.
DOD's partnership with academia addresses what Davis
describes as the department's biggest challenge going forward: building the
"DOD is looking at ways to fundamentally change the way it
recruits, trains, educates, advances and retains both military and civilians
within the cyberspace workforce," he said. "The vision is to build a system that
sustains the cyberspace operations' viability over time, increases the depth of
military cyberspace operations experience, develops capable leaders to guide
these professional experts ... and ensures that we build real cyberspace
operational capability from within our human resources into the future."
The department is looking to partner in new ways with other
federal, academic and private institutions, he said, to attract and retain
skilled professionals in cyberspace.
cyber is always viewed as a technical area," Davis said, "the fact is it's
always about people. People are going to make the difference in cyber, just as
they have in every other dimension of DOD operations. So we must get the people
part right to guarantee success for the future.
Special Report: Cybersecurity
DOD at Work on New Cyber Strategy, Senior Military Advisor Says
Nation Must Defend Cyber Infrastructure, Alexander Says
DOD Must Stay Ahead of Cyber Threat, Dempsey Says