Senate Confirms Military Cybersecurity Chief
Gen. Keith Alexander will head the U.S. Cyber Command, created to protect U.S. military networks from cyberattacks.
After a weeks-long delay to have questions answered about the Department of Defense's cybersecurity role, the Senate Friday unanimously confirmed National Security Agency director Keith Alexander as head of a new DoD command tasked with defending military networks from cyber attacks.
When it becomes fully operational in October, the U.S. Cyber Command will be headquartered at Fort George G. Meade in Maryland alongside NSA, and will report through the U.S. Strategic Command. Cyber Command will absorb two of the organizations currently leading much of the military's cyber-defense capabilities -- the Joint Functional Component Command for Network Warfare and the Joint Task Force for Network Operations.
More Government Insights
- The Untapped Potential of Mobile Apps for Commercial Customers
- Strengthening Security Protocols for Teleworking Employees
- The Cloud - Inevitable, But Not Ambiguous
- Mobile Data Center Brings the Mobile Cloud to Life: Portable, Mobile Data Centers Aligned with Army Operations
- Strategy: FISMA Lifts All Compliance Boats
- Strategy: Cybersecurity: Continuous Monitoring Action Plan
Some final details of Cyber Command remain to be worked out, such as force size, which is currently being analyzed in a study due to be finished by the end of the summer.
"The Department of Defense requires a focused approach to secure its own networks, given our military's dependence on them for command and control, logistics, and military operations," Alexander said at his confirmation hearing last month. "If confirmed, my main focus will be on building the capacity, the capability, and the critical partnerships required to secure our military's operational networks."
In his confirmation hearing, Alexander brushed aside any suggestions that Cyber Command would militarize cyberspace, repeatedly saying that the new organization would focus on defense rather than offense. He said he would be working closely with the DoD's policy undersecretary to develop a comprehensive strategy, and with the Department of Homeland Security to develop a strategy that would be put in place to offer DoD support to protect federal civilian and critical infrastructure networks in the event of a national security crisis.
Some of the key challenges Alexander pointed to at the hearing included attribution of attackers and their intent, improving the security of DoD networks, partnering with the DHS and private industry in the event of major crisis, ensuring the protection of civil liberties, and navigating rules of war in situations where, unlike in traditional warfare, attackers can launch attacks from computers located in neutral third countries or route attacks through American-owned computers here in the United States.
While Alexander focused more on cyber-defense, he did say in written answers to Senators' questions that "under the right circumstances," Cyber Command would have the authority to use offensive cyber weapons against military command and control networks, weapons, power grids, transportation-related networks, national telecommunications networks, and even enemies' financial institutions.
In addition to the new job, Alexander, a graduate of the U.S. Military Academy at West Point, will stay on as director of NSA. However, NSA will remain distinct from Cyber Command in identity and mission.
President Obama nominated Alexander in October. Throughout his career, Alexander has held numerous military leadership roles, including deputy chief of staff for the Army, director of intelligence for the U.S. Central Command, and deputy director for requirements, capabilities, assessments, and doctrine for the Joint Chiefs of Staff. As part of the shift, Alexander also received a fourth star and has been promoted from Lt. General to General.
InformationWeek has published an in-depth report on staying FISMA compliant and secure. Download the report here (registration required).