Despite years of development, the Defense Department's cyber warfare/defense systems are still a work in progress. The major concern for the department and the individual services is the ability to coordinate both physical and cyber operations securely, while protecting their own networks from attack, officials said.
One of the Defense Department's, and by extension the government's, key cyber security goals is creating truly defensible and resilient networks, explained Navy Admiral Michael Rogers, commander of US Cyber Command and director of the National Security Agency. Speaking at a recent government-industry symposium, he noted that current DOD networks and the civilian Internet were originally designed to move data across long distances between trusted, assured users. This fundamental piece of the architecture is one of the strengths and challenges of the Internet, he said.
But building a defensible architecture on this existing infrastructure presents a challenge, he explained, because it is "hard to defend something where defense is a secondary characteristic."
[Agencies face challenges in hiring top security talent. Read Government Hiring Practices Hamper Cybersecurity Efforts.]
The DOD's key effort to get around this issue and create a secure work space is the Joint Information Environment. When it is complete, the JIE will allow the individual military services to share information seamlessly and conduct operations in a way that cannot be done efficiently in the DOD's current IT architecture. The initial phases of the program are already underway, with US military commands in Europe and Asia shifting their computer networks to the JIE, he said.
Besides creating a new, secure environment, the DOD also needs to know what's going on in its networks in real time. The military is working on creating a situational awareness capability that will allow human and automated defenders to react immediately to intrusions and attacks on military systems.
Things that also need to be worked out are the military's mission roles and responsibilities for cyberspace operations and where they overlap with civilian organizations such as the Department of Homeland Security, he said. Such cross-jurisdictional operations would be necessary if an attack on US national infrastructure were carried out. In such an event, any military actions would be part of a broader response by the US government, he added.
Just as US Cyber Command is working on larger questions of operating authority, the individual military services are wrestling with how best to integrate cyber operations into their mission roles and fitting into the larger national cyber stance. Lieutenant General Edward Cardon, commander of US Army Cyber Command, explained his organization faces issues such as procurement and operational authorization, the disruptive pace of change, dealing with new embedded technologies, and retaining quality personnel. The Army's cyber branch is only about three years old, so it is still working out its role and organizing its capabilities, he said.
To protect its networks better, the Army is deploying a defensive system to detect anomalies in real time. Smart monitoring and mitigation software also goes a long way in providing the service with a degree of situational awareness on its networks. Reiterating some of the issues faced by US Cyber Command, the Army -- like the other services -- can't see all the way into its networks. Cardon noted that the JIE will help the Army more efficiently keep track of what's happening on its networks.
One step that will help the Army and the other services with more situational awareness in cyberspace is to give the Defense Information Systems Agency a more operational role, Rogers said. DISA is already responsible for running and managing the DOD's computer and communications networks, but with the imminent full deployment of the JIE, the agency needs to take a more active role in network operations. To meet this goal, DISA with working with US Cyber Command to create an operational component to run the JIE and its networks.
Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.