Report from Headquarters
Cyber 1.1 Covers New Ground
Written by: developer
The Space Foundation’s second cyberspace conference, Cyber 1.1, was held immediately before the 27th National Space Symposium last month in Colorado Springs. Featured speakers and panels discussed a broad range of topics, including: budgets and vulnerability. Here’s a brief synopsis of some of the remarks:
Basla Discusses Warfighter Support
Air Force Space Command Vice Commander Lt. Gen. Michael J. Basla, USAF, said the Air Force is building cyberspace from an organizational, equipment and training perspective to provide cyberspace support to the joint warfighter. He said that AFCYBER (24th Air Force), created last year, has already passed a number of milestones:
- On an educational level: graduation of the first cyber undergrads, 200, 300-level professionals
- On an operational level: the 689th Combat Communications Wing has already deployed a warfighter support capability, establishing secure communications at four bare bases in hostile areas
Basla said that, unlike the air and space domains that are governed by immutable and unchanging laws of physics, cyberspace changes regularly as a product of human ingenuity. He said this makes constant evolution of situational awareness capability both a top priority and a difficult task, adding that that spectrum is a limited natural resource that links different operational domains and different activities, from sensors to command and decision making.
Basla outlined three elements to the Air Forces’s approach to defense in cyberspace:
- Stability in processes and people – not just technology – because technology moves too quickly and too aggressively to maintain dominance.
- Human capital, including development of a fundamental underlying conceptual understanding of cyberspace, employing continual education and effectively utilizing Guard and Reserve components to take advantage of private sector expertise.
- Cooperative efforts through stable partnerships with industry, including interoperability and embedded security of the products developed.
Cressey Talks about Interagency Approaches to Cyberspace
Roger Cressey, senior vice president, Booz Allen Hamilton, said that since 9/11 threat analysis focus has shifted from capabilities to intent, noting that cyber threats are now being exploited at an “unprecedented scale” in all sectors, including commercial and military, by actors from all around the globe. He said that there are three main foci for the interagency approach to cybersecurity:
- Cybercrime, which provides the most ready store of lessons learned and details about emerging threats before they are picked up on by other actors
- Cyberespionage (theft of secure information from the government or military or of intellectual property from the private sector); Cressey said there are more than 100 intelligence agencies looking to penetrate DoD networks and that in addition to threatening national security, cyberespionage can also erode the economic effectiveness of the defense industrial base
- Cyberwarfare, which has a low likelihood occurrence, but potentially severe consequences; Cressey questioned how to deal with state-supported, state-facilitated or state-tolerated actors, how to craft a broader deterrent response involving the full spectrum of cyber, kinetic and other capabilities, and how to respond to lower-tier threats, such as Stuxnet, which could rapidly escalate to much more dramatic and dangerous activities.
“Generally speaking,” Cressey said, “the threat of data manipulation is more significant than the threat of data deletion or theft. So much of modern decision-making and analysis is predicated on the assumption of ‘accurate, consistent and accepted.’ If these assumptions are no longer valid, it will inhibit decision-making and command at all levels.”
Looking forward, Cressey said that progress on the Comprehensive National Cybersecurity Initiative is insufficient. He cited “must do” activities:
- Improve our doctrine
- Focus on more effective prioritization of weaknesses
- Address supply-chain security
- Improving workforce cultivation and management
Pace Asked if We’re Beyond Ready to be Ready
Gen. Peter Pace, USMC (Retired), president & chief executive officer, SM&A Strategic Advisors, and former chairman of the Joint Chiefs of Staff, said the U.S. possesses no particularly strong cyber edge compared to other nations. “The basic problem is that each time we create a new, more effective and more efficient system, we rely more heavily on computers and data, and are therefore increasingly vulnerable to cyber threats,” he said.
He said that cyber threats and conflict will change the relationship between have- and have-not states as profoundly as the development of nuclear weapons once did, adding that within 10 years, other actors, such as state-condoned players, will develop a significant capability, the likes of which are only available to national actors today.
Pace said that, because there are a limited number of brilliant minds in any country, the U.S. should not dilute capacity through repetition of efforts, such as creating a domestic NSA. “We may find it necessary to repurpose exceptional talent in new ways, such as applying military capabilities to domestic issues,” he said. Then, he continued, “Policy tools can be used to prompt the private sector to improve its capabilities and to require companies to implement more robust basic security measures.”
On a strategic level, Pace said we need to develop better forensic tools to detect when an unauthorized change has been made, and allow us to roll back data to “clean” status. “From there, we can start to act more proactively in preventing threats, and eventually develop the tools for effective attribution of cyber attacks.”
Pace closed by remarking that the U.S. is “quite capable in carrying out cyber attacks,” but “hugely vulnerable.”
Panel Explores Where Technology is Leading
The Industry Solutions: Where is the Technology Leading? panel, moderated by Christian C. Daehnick, senior associate, Toffler Associates, looked at a wide variety of hardware and software issues. The panel included:
- Jerry Edgerton, president, Government Group, Blue Ridge Networks
- Maj. Gen. Dale W. Meyerrose, USAF (Retired), vice president & general manager, Cyber Integrated Solutions, Harris Corporation,
- Robert Rodriquez, chairman & managing principal, Security Innovation
- Keith Uebele, principal strategist, Intel Corporation
- Kathy J. Warden, sector vice president & general manager, Cyber Intelligence Division, Northrop Grumman Information Systems
Each panelist provided a brief viewpoint:
Edgerton: We’ve moved from the early evolution of government data loss – lost PCs, email hacking, etc. – to breaches of most secure networks. The world of cybercrime has become very industrialized and very specific. Government and commercial enterprises have the same issues. But who’s responsible for cybersecurity? The manufacturer? Network equipment suppliers? The systems integrator? Cyber Command? Telecommunications providers? There is no single point of accountability. The solutions to these issues will ultimately be economically driven.
Meyerrose: There is a perfect storm causing us to move out of networks and into the cloud. This is driven by the need for universal access as well as investment in infrastructure, future development and legacy systems. The cloud can decrease costs by 25-50 percent. Adding to this is the dwindling IT talent in America; it is harder to find talent needed. Industry ought to be pressing to integrate functions in the cloud rather than the network. One of the things we should start seeing in the march to the cloud is SCAP – Secure Content Automated Protocol.
Rodriquez: The time is now to move from “me” to “we” to “us against them” – the adversary. We need to reinvigorate importance of public/private partnerships both domestically and globally. When it comes to innovation, our country can’t afford to leave any stone unturned. We need to take the opportunity to balance risk with being risk averse – consider the Pentagon vs. Google – rewarding taking risk vs. mission readiness. Twitter has been used in Iran, Egypt and Tunisia to allow a mass and rapid mobilization of humanity. The Lieberman bill with its “kill switch” may have had a chance of being passed two years ago, but now it will be challenged. Other drivers of change include the advanced persistent threat, mobile devices, consumerization of IT and social cultural behavior. Trust is most critical component – built small and then outward.
Uebele: Intel Corporation has a stake in the game in cyber. There is a distinct difference with what you can do in hardware and what you can do in software. We want to create new capabilities with hardware – adapt hardware to better meet the needs of software that runs on our platforms. It takes billions of dollars across the industry to maintain Moore’s Law. Security is the fourth pillar across all of our COTS platforms. When you leave standard platforms, you lose benefits of Moore’s Law. Our aim as a manufacturer is to enable collaboration and ad hoc access to information – to move away from paradigm of protection by isolation. We are on the cusp of a curve which will connect machines to the Internet the way we connect information-users to the Internet, and this will create more challenges for cybersecurity.
Warden: Our adversaries are using cyber operations. Situational awareness will help to yield early warnings to protect environment. We need to be able to surveil, detect, collect, assess and share information, and we need to visualize information in a way that gives us knowledge – not just what’s happening, but why. Each of us needs to work within our own domains to identify vulnerabilities. A combination of instrumentation, analytics and verification through test are all necessary for achieving situational awareness. We need to think of operating within contested space – not just keeping enemies out altogether. Cyber intelligence is not just SIGINT – includes other forms of intelligence of information outside the intelligence domain. Situational awareness is relevant to different users at different levels of the command structure – not one system for all users
How Germany Approaches Cyberspace
Colonel (GS) Carsten Breuer, branch chief, Strategy & Policy Branch, Armed Forces Staff, German Ministry of Defence, provided Cyber 1.1. attendees with an overview of the German perspective on cyberspace. According to Breuer, the Ministry of the Interior and the Ministry of Defence developed a cyber strategy for Germany within three months.
Because both the German armed forces and adversaries are dependent on cyberspace, he said, the country needs to be prepared for disruption by enemies and make systems resilient. “Guaranteeing the utility of cyberspace is complex,” he said. “We need comprehensive risk management and constant monitoring of systems, software and hardware. Threats range from individual activists to organizations
and states, but all rely on the anonymity of the Internet.”
Breuer said that cyberspace is definitely a new warfare domain that provides access to other strategic domains, such as space. “Security of national networks remains a national responsibility – NATO could not and should not relieve nations of this burden,” he said. “We do not believe you can deter in cyberspace – at least not retaliatory or punishing deterrence. Effective cyber security relies on an effective all-of-nation approach; national cyber security strategy relies on this network approach.”
Additional coverage of Cyber 1.1 will be featured in the June issue of Space Watch.
Pictured: Air Force Space Command Vice Commander Lt. Gen. Michael J. Basla, USAF
This article is part of Space Watch: May 2011 (Volume: 10, Issue: 5).
Posted in Report from Headquarters