Éditoriaux Défense Sécurité Terrorisme Zones de conflits Logistique Livres de référence Liens
Terre Air Mer Gendarmerie Renseignement Infoguerre Cyber Recherche

Carter Unveils New DoD Cyber Strategy in Silicon Valley

Carter Unveils New DoD Cyber Strategy in Silicon Valley

By Cheryl Pellerin, DoD News, Defense Media Activity.
Washington D.C. — (DoD News) — April 23, 2015 — Defense Secretary Ash Carter today unveiled the Defense Department’s second cyber strategy to guide the development of DoD's cyber forces and to strengthen its cyber defenses and its posture on cyber deterrence. Carter discussed the new strategy -- an update to the original strategy released in 2011 -- before an audience at Stanford University on the first day of a two-day trip to Silicon Valley in California.

Defense Secretary Ash Carter presenting the Pentagon's new cyber strategy and innovation initiatives

At Stanford, he delivered the annual Drell Lecture, and afterward he was scheduled to visit the Facebook campus in Menlo Park. Tomorrow, the secretary will meet with executives at the $4 billon venture-capital firm Andreessen Horowitz.

A Complex Challenge

“While we in DoD are an attractive target, the cyber threat is one we all face as institutions and as individuals,” Carter said at Stanford.

In response to one of the world’s most complex challenges, the Defense Department has three missions in the cyber domain, he added.

The first is to defend DoD networks, systems and information. The second is to defend the U.S. homeland and U.S. national interests against cyberattacks of significant consequence, and the third is to provide integrated cyber capabilities to support military operations and contingency plans.

“In some ways, what we’re doing about this threat is similar to what we do about more conventional threats,” Carter said.

Deterrence is Key

“We like to deter malicious action before it happens and we like to be able to defend against incoming attacks as well as pinpoint where an attack came from,” the secretary said. Stronger partnerships throughout the government and stronger private-sector security researchers such as FireEye, Crowdstrike, HP and others have improved the department’s ability to respond, he added.

Deterrence is a key part of the new cyber strategy, which describes the department’s contributions to a broader national set of capabilities to deter adversaries from conducting cyberattacks, according to a fact sheet about the strategy.

The department assumes that the totality of U.S. actions -- including declaratory policy, substantial indications and warning capabilities, defensive posture, response procedures and resilient U.S. networks and systems –- will deter cyberattacks on U.S. interests, the fact sheet added.

Action, Defensive or Otherwise

“Still,” Carter said, “adversaries should know that our preference for deterrence and our defensive posture don’t diminish our willingness to use cyber options if necessary.”

When the nation does take action, defensive or otherwise, conventionally or in cyberspace, he added, it operates under rules of engagement that comply with international and domestic law.

The approach reflects two goals, the secretary said: “keeping the Internet open, secure and prosperous, and assuring that the nation continues to respect and protect the freedoms of expression, association and privacy that reflect who we are as a nation.”

Dozens of militaries are developing cyber forces, Carter said, and because stability depends on avoiding miscalculation that could lead to escalation, militaries must talk to each other and understand each other’s abilities.

Shedding Light on Cyber

DoD must do its part, the secretary said, to shed more light on cyber capabilities that historically have been developed in the shadows.

Carter shared with the audience an incident that was recently declassified to help illustrate the cyber threat facing the department and how it responds.

The incident “has never been publicly reported,” he said, “and it shows how rapidly DoD can detect, attribute and expel an intruder” from its military networks.

Earlier this year, he said, the sensors that guard DoD’s unclassified networks detected Russian hackers accessing one of DoD’s networks who had discovered an unpatched vulnerability in a legacy network.

Hunting Down Intruders

“While it’s worrisome they achieved some unauthorized access to our unclassified network, we quickly identified the compromise and had a team of incident responders hunting down the intruders within 24 hours,” Carter explained.

After discerning valuable information about the hackers’ tactics, experts analyzed the network activity, associated it with Russia, then kicked them off the network in a way that minimized their chances of returning, he added.

The episode illustrates a step in the right direction, Carter said, and he told the audience about the department’s new cyber strategy, which he said begins with the department’s people.

The strategy’s first strategic goal is building and training the department’s Cyber Mission Forces, he said.

Keeping Systems Secure

“These are talented individuals who hunt down intruders, red-team our networks and perform the forensics that help keep our systems secure,” Carter added, noting that their skill and knowledge makes them more valuable than the technology they use.

Another goal, the secretary said, is to be better prepared to build and defend DoD information networks, secure data and mitigate risks to military missions.

“We do this in part through deterrence by denial, in line with today’s best-in-class cybersecurity practices, building a single security architecture that’s more easily defendable and able to adapt and evolve to mitigate current and future cyber threats,” Carter said.

Consolidating DoD IT

DoD also will strengthen network defense command and control to synchronize across thousands of DoD networks, and conduct exercises in resilience, he said, so that if a cyberattack degrades capabilities, the department still can mobilize, deploy and operate forces in all other domains.

“Just this week I directed that we consolidate DoD’s IT services in the Pentagon and throughout the capital region,” Carter said, noting that this will help improve cybersecurity and save millions of dollars.

A primary aspect of the strategy is working with partners in the private sector, across the government and around the world, the secretary said. And because U.S. businesses own, operate and see about 90 percent of national networks, the private sector must be a key partner, he added.

“The U.S. government has a unique suite of cyber tools and capabilities, but we need the private sector to take its own steps to protect its data and networks,” Carter said.

Helping When Possible

“We want to help where we can,” the secretary added, “but if companies themselves don’t invest, our country’s collective cybersecurity posture is weakened and our ability to augment that protection is limited.”

To build the cyber force, Carter said, “we’re going to need to use new ways to attract talent through new private-sector exchange programs, … and to ensure that our people have the right tools to execute their missions, we’re going to [increase] our fundamental research and development … with established and emerging private-sector partners in cyber.”

With these partners, he added, cyber capabilities can be created that can both help DoD and then spin off into the wider U.S. marketplace.

To ensure that the department’s cyber operations are appropriate and effective, Carter said, “we’re going to work more closely with our law-enforcement partners at FBI, with Homeland Security, and elsewhere.”

Clear lines of authority dictate who can work where, the secretary said, so as adversaries jump from foreign to U.S. networks, defenders must coordinate with the government to operate seamlessly.

Serious Business

“I’m determined that the Department of Defense be a cooperative partner with law enforcement and with Homeland Security,” Carter said.

The department has already begun practicing with its FBI partners, he added, “and we’re going to be exercising much more going forward. It’s important that we work together and that we all behave in a way that is lawful and appropriate.”

This is serious business, Carter told the audience, and it requires collaboration.

“But in addition to the dangers there are great opportunities to be seized through a new level of partnership between the Pentagon and Silicon Valley,” he added, “opportunities that we can only realize together.”

(Follow Cheryl Pellerin on Twitter: @PellerinDoDNews)

Related Videos :
Cyber Strategy Aims to Unleash Promise, Mitigate Risk
Secretary Discusses Cyber Strategy at Stanford

Related Stories :
Department of Defense Cyber Strategy
Cyber Strategy Fact Sheet
Carter Visits Silicon Valley Companies to Enhance DoD Technology Innovation
Carter Seeks Tech-sector Partnerships for Innovation
Carter’s Silicon Valley Trip to Boost DoD Innovation

Related Biographies :
Ashton B. Carter

Related Sites :
Special Report: The Department of Defense Cyber Strategy

Derniers articles

Verdun 2016 : La légende de la « tranchée des baïonnettes »
Eyes in the Dark: Navy Dive Helmet Display Emerges as Game-Changer
OIR Official: Captured Info Describes ISIL Operations in Manbij
Cyber, Space, Middle East Join Nuclear Triad Topics at Deterrence Meeting
Carter Opens Second DoD Innovation Hub in Boston
Triomphe de St-Cyr : le Vietnam sur les rangs
Dwight D. Eisenhower Conducts First OIR Missions from Arabian Gulf
L’amiral Prazuck prend la manœuvre de la Marine
Airmen Practice Rescuing Downed Pilots in Pacific Thunder 16-2
On ne lutte pas contre les moustiques avec une Kalachnikov...
Enemy Mine: Underwater Drones Hunt Buried Targets, Save Lives
Daesh Publications Are Translated Into Eleven Languages
Opération Chammal : 10 000 heures de vol en opération pour les Mirage 2000 basés en Jordanie
Le Drian : Daech : une réponse à plusieurs niveaux
Carter: Defense Ministers Agree on Next Steps in Counter-ISIL Fight
Carter Convenes Counter-ISIL Coalition Meeting at Andrews
Carter Welcomes France’s Increased Counter-ISIL Support
100-Plus Aircraft Fly in for Exercise Red Flag 16-3
Growlers Soar With B-1s Around Ellsworth AFB
A-10s Deploy to Slovakia for Cross-Border Training
We Don’t Fight Against Mosquitoes With a Kalashnikov
Bug-Hunting Computers to Compete in DARPA Cyber Grand Challenge
Chiefs of US and Chinese Navies Agree on Need for Cooperation
DoD Cyber Strategy Defines How Officials Discern Cyber Incidents from Armed Attacks
Vice Adm. Tighe Takes Charge of Information Warfare, Naval Intelligence
Truman Strike Group Completes Eight-Month Deployment
KC-46 Completes Milestone by Refueling Fighter Jet, Cargo Plane
Air Dominance and the Critical Role of Fifth Generation Fighters
Une nation est une âme
The Challenges of Ungoverned Spaces
Carter Salutes Iraqi Forces, Announces 560 U.S. Troops to Deploy to Iraq
Obama: U.S. Commitment to European Security is Unwavering in Pivotal Time for NATO
International Court to Decide Sovereignty Issue in South China Sea
La SPA 75 est centenaire !
U.S. to Deploy THAAD Missile Battery to South Korea
Maintien en condition des matériels : reprendre l’initiative
La veste « léopard », premier uniforme militaire de camouflage
Océan Indien 2016 : Opérations & Coopération
Truman Transits Strait of Gibraltar
Navy Unveils National Museum of the American Sailor
New Navy, Old Tar
Marcel Dassault parrain de la nouvelle promotion d’officiers de l’École de l’Air
RIMPAC 2016 : Ravitaillement à la mer pour le Prairial avant l’arrivée à Hawaii
Bataille de la Somme, l’oubliée
U.S., Iceland Sign Security Cooperation Agreement
Cléopatra : la frégate Jean Bart entre dans l’histoire du BPC Gamal Abdel Nasser
Surveiller l’espace maritime français aussi par satellite
America's Navy-Marine Corps Team Fuse for RIMPAC 2016
Stratégie France : Plaidoyer pour une véritable coopération franco-allemande
La lumière du Droit rayonne au bout du chemin

Directeur de la publication : Joël-François Dumont
Comité de rédaction : Jacques de Lestapis, Hugues Dumont, François de Vries (Bruxelles), Hans-Ulrich Helfer (Suisse), Michael Hellerforth (Allemagne).
Comité militaire : VAE Guy Labouérie (†), GAA François Mermet (2S), CF Patrice Théry (Asie).