Éditoriaux Défense Sécurité Terrorisme Zones de conflits Logistique Livres de référence Liens
Terre Air Mer Gendarmerie Renseignement Infoguerre Cyber Recherche

Operationalizing Cyber is New Commander

Operationalizing Cyber is New Commander’s Biggest Challenge

By Cheryl Pellerin, American Forces Press Service.
Washington D.C. – (AFPS) – June 2, 2014 – U.S. Cyber Command’s greatest challenge is to operationalize cyberspace to turn the electro-digital network of networks into a command-and-control environment where warriors can see the adversary and whose operations defense leaders can integrate into options for commanders and policymakers, the new director of the National Security Agency and commander of U.S. Cyber Command said here last week.

Navy Adm. Michael S. Rogers was a keynote speaker May 28 at the Armed Forces Communications and Electronics Association 2014 Cyber Summit. The admiral told a large audience that he and his team are working to develop a set of five capabilities that will enable the teams of Cybercom to fight, if that becomes necessary, in cyberspace, which became a military domain in 2010 with the stand-up of Cybercom as a subunified command under U.S. Strategic Command.

Navy Adm. Michael S. Rogers addresses the audience and the workforces of U.S. Cyber Command, the National Security Agency and the Central Security Service at his assumption of command ceremony, April 3, 2014.

 

National Security Agency photo

Rogers also shared the early stages of an idea his team is working through to make part of the Defense Information Systems Agency, or DISA, a partner with Cybercom in defending DOD networks.

“At U.S. Cyber Command, as the new guy, I’ve said we need to focus on what a subunified command should be doing and not doing. We've got to optimize, focus and prioritize, so let's ask ourselves what we’re doing that we shouldn't be doing,” Rogers said.

The admiral concluded that if Cybercom intimately focuses on tactical-level details of defending the network, it would not accomplish much more, and he turned to DISA. In its current role, he said, DISA is largely an acquisition and engineering organization. “I believe that for DISA to achieve what it needs to do with respect to how it's going to operate and help us defend the networks, a portion of DISA [must] become an operationalized entity focused on maneuvering and defending the networks,” he said. “We have to give DISA the ability to come up with a command-and-control node that can coordinate with others in defending the DOD information networks.”

The Cybercom commander said that in this role, DISA “could enable U.S. Cyber Command to function at the operational level of war. That's our niche and that's where I think we generate the best return and the best outcome.”

Cybercom teammates, including combatant commanders and service chiefs, eventually will discuss a more fleshed-out version of the idea, he added.

On Cybercom’s greatest challenge, Rogers offered five capabilities that must exist if cyberspace is to become viable as a military domain.

The first capability is a truly defensible network.

“Today we are … working with a series of networks in which redundancy, resiliency and defensibility were never core design characteristics,” Rogers explained. “We often treat defensive capability as something that is literally bolted onto a system after we've done everything else.”

The effort to create a defensible architecture is leading Cybercom to reduce its number of networks and to focus on areas where the networks have continuous public interfaces -- a source of particular vulnerability, Rogers added.

OD’s fledgling Joint Information Environment, or JIE, is a framework for modernizing DOD information technology systems and making them more secure. The system includes overarching architectures, standards and specifications; common ways of operating and defending DOD networks; and common engineered-solution designs.

“We've already created a JIE structure in Europe as a test. We're moving into the Pacific arena next and we'll continue to expand around the world,” Rogers said. “We're trying to create a network in which defensibility, redundancy and resiliency are core design characteristics from the ground up.”

The second capability is common, shared situational awareness in cyberspace.

The admiral said that at every level of maritime operations, he’s used to walking into a command center that gives him a common picture of a situation through the use of color, symbology and geography in a visual display that lets him quickly gain situational awareness and make decisions. “We do not have that right now in the cyber arena,” Rogers said. “As I used to kid my teammates, how do you defend something you can't see?”

Cybercom is in the early stages of putting together such a capability, the admiral said, and it has proven to be a hard challenge. “We're certainly not as far along as I would like but it's not because of a lack of effort,” Rogers said, adding that he’s trying to bring together separate efforts to create the capability across the department. “In an era of declining resources we’ve … got to do this together and we've got to divvy up who's going to do what,” he added.

The third capability involves Cybercom’s authorities and responsibilities to act.

Within the Defense Department, Rogers said, he's comfortable with Cybercom’s current authorities, “but when we start to go outside the department, it gets a little more complicated.”

One mission set Cybercom anticipates receiving is in the event of attempts to disrupt critical infrastructure in the United States, the admiral said. “It is our expectation that we are training and working toward the ability to respond,” he added, “and it is my expectation that potentially the president and the secretary of defense will turn to U.S. Cyber Command and say, … ‘We're seeing activity X, and need you to be part of the federal government's response to this.’”

As a department, the admiral said, DOD routinely provides support to civil authorities in a multitude of mission areas, including hurricanes and wildfires. “I don't think cyber is going to be any different in that regard,” Rogers said, “and I look for us to partner incredibly closely with our friends at the Department of Homeland Security, DHS, which is the lead for protecting federal networks” and for responding to cyber concerns outside the federal government.

The FBI also plays an important role, he said.

DOD is measured in what it does within the United States versus what it does overseas, Rogers said, “and we've got to be mindful of [the Posse Comitatus Act] and this thing we call the law. We are not going to violate that.”

Under the Posse Comitatus Act, service members and National Guardsmen who are under federal authority can’t perform in a law-enforcement capacity in the United States, unless the Constitution or Congress specifically authorizes it. “We’ve got to make sure the constructs we build enable us to work within the U.S. legal [system],” Rogers said, so he and his Cybercom team are discussing with officials at U.S. Northern Command, which has a primary mission of homeland defense, how best to work with federal government partners.

“But clearly,” he added, “to work with other federal partners, we’ll need some measure of authority and direction that we don't enjoy day to day.”

The fourth capability for operationalizing cyberspace, Rogers said, is to develop operational concepts and a command-and-control structure that takes operating in cyberspace from dream to reality.

As U.S. Cyber Command generates teams of warfighters to operate in cyberspace, its questions will include: Who will operate in cyberspace? How will command and control work there? How will cyber operations be prioritized? Who will make critical decisions about what Cybercom teams will and won’t do in the cyber environment? What authorities are granted to which individuals? How will Cybercom make the chain of command clear to everyone operating in cyberspace?

None of this is unique to cyber, and for the military services, it's nothing new, but one thing that does make cyber especially challenging is a lack of physical geography, Rogers said. “In the DOD framework, we often use geography as a way to define responsibilities, carving the world up as regional combatant commands, … and yet cyber doesn't recognize the geographic boundary thing,” the admiral explained.

“If I'm looking at potential attack strategies against critical infrastructure or … DOD networks, I’m watching a path that bounces from a nation state, individual or group to infrastructure spread out in countries that aren’t [our] particularly close friends or allies, then bounces into U.S. infrastructure, bounces out again, and then comes back in directly at the final target,” Rogers said.

U.S. Cyber Command must develop operational concepts and a command-and-control structure that recognizes this reality, he added. “Like any other military endeavor,” Rogers said, “we tend to use intellectual thought, exercises and a variety of means in U.S. Cyber Command and among the broader partner teams … to work our way through this.”

The admiral added, “I tell the team, don't fixate on cyber as something unique that nobody understands. Ask yourself how we can translate [into the cyber arena] the operational concepts all of us have spent our lives in uniform learning and understanding as warfighters.”

The fifth area critical to operationalizing cyber is to generate trained and ready forces, Rogers said, adding that generating such forces and deploying them to operational commanders is a service mission.

To accomplish the mission, Rogers has mandated the following three priorities:
-- Train everyone to the same set of standards.
-- Conform to a team structure that divides 6,000 people into 133 teams that range in size from more than 60 individuals to about 20. At U.S. Cyber Command, Rogers said, the goal is to have the 6,000 people trained and certified by the end of 2016.
-- Generate capacities in the teams focused on defending the networks -- combatant commander networks, service networks, DISA networks, DOD enterprise networks, the DOD backbone, and, if needed, critical-infrastructure networks.
“This is hardest in some ways, because to truly defend a network takes a host of partners,” Rogers said, “[and] … synchronizing all areas of defense at one time is master's-level command and control in the cyber environment.”

The admiral said network defense may be Cybercom’s most complicated task, “but I would argue it's the most important in some ways because we’ll be tested every day on our ability to defend the department’s networks and, if directed, defend other networks.”

(Follow Cheryl Pellerin on Twitter: @PellerinAFPS) : Contact Author

Biographies:
Navy Adm. Michael S. Rogers

Related Sites:
U.S. Cyber Command
Special Report: The Cyber Domain

Related Articles:
Rogers Takes Over Top NSA, Cyber Command Posts

 


Derniers articles

Verdun 2016 : La légende de la « tranchée des baïonnettes »
Eyes in the Dark: Navy Dive Helmet Display Emerges as Game-Changer
OIR Official: Captured Info Describes ISIL Operations in Manbij
Cyber, Space, Middle East Join Nuclear Triad Topics at Deterrence Meeting
Carter Opens Second DoD Innovation Hub in Boston
Triomphe de St-Cyr : le Vietnam sur les rangs
Dwight D. Eisenhower Conducts First OIR Missions from Arabian Gulf
L’amiral Prazuck prend la manœuvre de la Marine
Airmen Practice Rescuing Downed Pilots in Pacific Thunder 16-2
On ne lutte pas contre les moustiques avec une Kalachnikov...
Enemy Mine: Underwater Drones Hunt Buried Targets, Save Lives
Daesh Publications Are Translated Into Eleven Languages
Opération Chammal : 10 000 heures de vol en opération pour les Mirage 2000 basés en Jordanie
Le Drian : Daech : une réponse à plusieurs niveaux
Carter: Defense Ministers Agree on Next Steps in Counter-ISIL Fight
Carter Convenes Counter-ISIL Coalition Meeting at Andrews
Carter Welcomes France’s Increased Counter-ISIL Support
100-Plus Aircraft Fly in for Exercise Red Flag 16-3
Growlers Soar With B-1s Around Ellsworth AFB
A-10s Deploy to Slovakia for Cross-Border Training
We Don’t Fight Against Mosquitoes With a Kalashnikov
Bug-Hunting Computers to Compete in DARPA Cyber Grand Challenge
Chiefs of US and Chinese Navies Agree on Need for Cooperation
DoD Cyber Strategy Defines How Officials Discern Cyber Incidents from Armed Attacks
Vice Adm. Tighe Takes Charge of Information Warfare, Naval Intelligence
Truman Strike Group Completes Eight-Month Deployment
KC-46 Completes Milestone by Refueling Fighter Jet, Cargo Plane
Air Dominance and the Critical Role of Fifth Generation Fighters
Une nation est une âme
The Challenges of Ungoverned Spaces
Carter Salutes Iraqi Forces, Announces 560 U.S. Troops to Deploy to Iraq
Obama: U.S. Commitment to European Security is Unwavering in Pivotal Time for NATO
International Court to Decide Sovereignty Issue in South China Sea
La SPA 75 est centenaire !
U.S. to Deploy THAAD Missile Battery to South Korea
Maintien en condition des matériels : reprendre l’initiative
La veste « léopard », premier uniforme militaire de camouflage
Océan Indien 2016 : Opérations & Coopération
Truman Transits Strait of Gibraltar
Navy Unveils National Museum of the American Sailor
New Navy, Old Tar
Marcel Dassault parrain de la nouvelle promotion d’officiers de l’École de l’Air
RIMPAC 2016 : Ravitaillement à la mer pour le Prairial avant l’arrivée à Hawaii
Bataille de la Somme, l’oubliée
U.S., Iceland Sign Security Cooperation Agreement
Cléopatra : la frégate Jean Bart entre dans l’histoire du BPC Gamal Abdel Nasser
Surveiller l’espace maritime français aussi par satellite
America's Navy-Marine Corps Team Fuse for RIMPAC 2016
Stratégie France : Plaidoyer pour une véritable coopération franco-allemande
La lumière du Droit rayonne au bout du chemin





Directeur de la publication : Joël-François Dumont
Comité de rédaction : Jacques de Lestapis, Hugues Dumont, François de Vries (Bruxelles), Hans-Ulrich Helfer (Suisse), Michael Hellerforth (Allemagne).
Comité militaire : VAE Guy Labouérie (†), GAA François Mermet (2S), CF Patrice Théry (Asie).

Contact