Operationalizing Cyber is New Commander
Operationalizing Cyber is
New Commander’s Biggest Challenge
By Cheryl Pellerin, American Forces Press Service.
Washington D.C. – (AFPS)
– June 2, 2014 – U.S. Cyber Command’s greatest challenge is to operationalize
cyberspace to turn the electro-digital network of networks into a
command-and-control environment where warriors can see the adversary and whose
operations defense leaders can integrate into options for commanders and
policymakers, the new director of the National Security Agency and commander of
U.S. Cyber Command said here last week.
Navy Adm. Michael S. Rogers was a keynote speaker May 28 at
the Armed Forces Communications and Electronics Association 2014 Cyber Summit.
The admiral told a large audience that he and his team are working to develop a
set of five capabilities that will enable the teams of Cybercom to fight, if
that becomes necessary, in cyberspace, which became a military domain in 2010
with the stand-up of Cybercom as a subunified command under U.S. Strategic
Navy Adm. Michael S. Rogers addresses the audience and the
workforces of U.S. Cyber Command, the National Security Agency and the Central
Security Service at his assumption of command ceremony, April 3, 2014.
National Security Agency
Rogers also shared the early stages of an idea his team is
working through to make part of the Defense Information Systems Agency, or DISA,
a partner with Cybercom in defending DOD networks.
“At U.S. Cyber Command, as the new guy, I’ve said we need to focus on what a
subunified command should be doing and not doing. We've got to optimize, focus
and prioritize, so let's ask ourselves what we’re doing that we shouldn't be
doing,” Rogers said.
The admiral concluded that if Cybercom intimately focuses on tactical-level
details of defending the network, it would not accomplish much more, and he
turned to DISA. In its current role, he said, DISA is largely an acquisition and
“I believe that for DISA to achieve what it needs to do with respect to how it's
going to operate and help us defend the networks, a portion of DISA [must]
become an operationalized entity focused on maneuvering and defending the
networks,” he said. “We have to give DISA the ability to come up with a
command-and-control node that can coordinate with others in defending the DOD
The Cybercom commander said that in this role, DISA “could enable U.S. Cyber
Command to function at the operational level of war. That's our niche and that's
where I think we generate the best return and the best outcome.”
Cybercom teammates, including combatant commanders and service chiefs,
eventually will discuss a more fleshed-out version of the idea, he added.
On Cybercom’s greatest challenge, Rogers offered five capabilities that must
exist if cyberspace is to become viable as a military domain.
The first capability is a truly defensible network.
“Today we are … working with a series of networks in which redundancy,
resiliency and defensibility were never core design characteristics,” Rogers
explained. “We often treat defensive capability as something that is literally
bolted onto a system after we've done everything else.”
The effort to create a defensible architecture is leading Cybercom to reduce its
number of networks and to focus on areas where the networks have continuous
public interfaces -- a source of particular vulnerability, Rogers added.
OD’s fledgling Joint Information Environment, or JIE, is a framework for
modernizing DOD information technology systems and making them more secure. The
system includes overarching architectures, standards and specifications; common
ways of operating and defending DOD networks; and common engineered-solution
“We've already created a JIE structure in Europe as a test. We're moving into
the Pacific arena next and we'll continue to expand around the world,” Rogers
said. “We're trying to create a network in which defensibility, redundancy and
resiliency are core design characteristics from the ground up.”
The second capability is common, shared situational awareness in cyberspace.
The admiral said that at every level of maritime operations, he’s used to
walking into a command center that gives him a common picture of a situation
through the use of color, symbology and geography in a visual display that lets
him quickly gain situational awareness and make decisions.
“We do not have that right now in the cyber arena,” Rogers said. “As I used to
kid my teammates, how do you defend something you can't see?”
Cybercom is in the early stages of putting together such a capability, the
admiral said, and it has proven to be a hard challenge.
“We're certainly not as far along as I would like but it's not because of a lack
of effort,” Rogers said, adding that he’s trying to bring together separate
efforts to create the capability across the department.
“In an era of declining resources we’ve … got to do this together and we've got
to divvy up who's going to do what,” he added.
The third capability involves Cybercom’s authorities and responsibilities to act.
Within the Defense Department, Rogers said, he's comfortable with Cybercom’s
current authorities, “but when we start to go outside the department, it gets a
little more complicated.”
One mission set Cybercom anticipates receiving is in the event of attempts to
disrupt critical infrastructure in the United States, the admiral said.
“It is our expectation that we are training and working toward the ability to
respond,” he added, “and it is my expectation that potentially the president and
the secretary of defense will turn to U.S. Cyber Command and say, … ‘We're
seeing activity X, and need you to be part of the federal government's response
As a department, the admiral said, DOD routinely provides support to civil
authorities in a multitude of mission areas, including hurricanes and wildfires.
“I don't think cyber is going to be any different in that regard,” Rogers said,
“and I look for us to partner incredibly closely with our friends at the
Department of Homeland Security, DHS, which is the lead for protecting federal
networks” and for responding to cyber concerns outside the federal government.
The FBI also plays an important role, he said.
DOD is measured in what it does within the United States versus what it does
overseas, Rogers said, “and we've got to be mindful of [the Posse Comitatus Act]
and this thing we call the law. We are not going to violate that.”
Under the Posse Comitatus Act, service members and National Guardsmen who are
under federal authority can’t perform in a law-enforcement capacity in the
United States, unless the Constitution or Congress specifically authorizes it.
“We’ve got to make sure the constructs we build enable us to work within the
U.S. legal [system],” Rogers said, so he and his Cybercom team are discussing
with officials at U.S. Northern Command, which has a primary mission of homeland
defense, how best to work with federal government partners.
“But clearly,” he added, “to work with other federal partners, we’ll need some
measure of authority and direction that we don't enjoy day to day.”
The fourth capability for operationalizing cyberspace, Rogers said, is to
develop operational concepts and a command-and-control structure that takes
operating in cyberspace from dream to reality.
As U.S. Cyber Command generates teams of warfighters to operate in cyberspace,
its questions will include: Who will operate in cyberspace? How will command and
control work there? How will cyber operations be prioritized? Who will make
critical decisions about what Cybercom teams will and won’t do in the cyber
environment? What authorities are granted to which individuals? How will
Cybercom make the chain of command clear to everyone operating in cyberspace?
None of this is unique to cyber, and for the military services, it's nothing
new, but one thing that does make cyber especially challenging is a lack of
physical geography, Rogers said.
“In the DOD framework, we often use geography as a way to define
responsibilities, carving the world up as regional combatant commands, … and yet
cyber doesn't recognize the geographic boundary thing,” the admiral explained.
“If I'm looking at potential attack strategies against critical infrastructure
or … DOD networks, I’m watching a path that bounces from a nation state,
individual or group to infrastructure spread out in countries that aren’t [our]
particularly close friends or allies, then bounces into U.S. infrastructure,
bounces out again, and then comes back in directly at the final target,” Rogers
U.S. Cyber Command must develop operational concepts and a command-and-control
structure that recognizes this reality, he added.
“Like any other military endeavor,” Rogers said, “we tend to use intellectual
thought, exercises and a variety of means in U.S. Cyber Command and among the
broader partner teams … to work our way through this.”
The admiral added, “I tell the team, don't fixate on cyber as something unique
that nobody understands. Ask yourself how we can translate [into the cyber arena]
the operational concepts all of us have spent our lives in uniform learning and
understanding as warfighters.”
The fifth area critical to operationalizing cyber is to generate trained and
ready forces, Rogers said, adding that generating such forces and deploying them
to operational commanders is a service mission.
To accomplish the mission, Rogers has mandated the following three priorities:
-- Train everyone to the same set of standards.
-- Conform to a team structure that divides 6,000 people into 133 teams that
range in size from more than 60 individuals to about 20. At U.S. Cyber Command,
Rogers said, the goal is to have the 6,000 people trained and certified by the
end of 2016.
-- Generate capacities in the teams focused on defending the networks --
combatant commander networks, service networks, DISA networks, DOD enterprise
networks, the DOD backbone, and, if needed, critical-infrastructure networks.
“This is hardest in some ways, because to truly defend a network takes a host of
partners,” Rogers said, “[and] … synchronizing all areas of defense at one time
is master's-level command and control in the cyber environment.”
The admiral said network defense may be Cybercom’s most
complicated task, “but I would argue it's the most important in some ways
because we’ll be tested every day on our ability to defend the department’s
networks and, if directed, defend other networks.”
(Follow Cheryl Pellerin on
Twitter: @PellerinAFPS) :
Navy Adm. Michael S. Rogers
U.S. Cyber Command
Special Report: The Cyber Domain
Rogers Takes Over Top NSA, Cyber Command Posts