Cybercom To Elevate To Combatant Command

Lisa Ferdinando at the DoD News offers the below piece:

WASHINGTON, May 3, 2018 — In response to the changing face of warfare, U.S. Cyber Command will be elevated tomorrow to a combatant command, chief Pentagon spokesperson Dana W. White said today.

“The cyber domain will define the next century of warfare,” White said at a Pentagon news conference.

Army Lt. Gen. Paul M. Nakasone, most recently commander of Army Cyber Command, will receive his fourth star as he succeeds retiring Navy Adm. Michael S. Rogers as Cybercom commander.

“Just as our military must be prepared to defend our nation against hostile acts from land, air and sea,” White said, “we must also be prepared to deter, and if necessary, respond to hostile acts in cyberspace.”

New Warfighting Domain Has ‘Come of Age’

Nakasone will play a critical role in tasks that include training cyber warriors, advocating for more cybersecurity resources, and planning and conducting cyber operations, White said.

Deputy Defense Secretary Patrick M. Shanahan is to preside over the Cybercom portion of ceremony at the Integrated Cyber Center/Joint Operations Center at Fort Meade, Maryland, White said.

“This change of command is noteworthy because it signifies the elevation of Cyber Command as our 10th combatant command,” she said. “Last year, [Defense Secretary James N.] Mattis announced the elevation of Cyber Command, acknowledging that a new warfighting domain has come of age.”

Cyber Command Established in 2009

U.S. Cyber Command, which has been a subunified command under U.S. Strategic Command, was established in 2009 in response to the rapidly evolving threats, with adversaries seeking to exploit the cyber domain to attack the United States and its allies.

The elevation of the command raises the stature of the commander to a peer level with other unified combatant command commanders, allowing the Cybercom commander to report directly to the secretary of defense, Kenneth P. Rapuano, assistant secretary of defense for homeland defense and global security, told reporters at the Pentagon last year. 

President Elevates U.S. Cyber Command To Unified Combatant Command

Jim Garamone and Lisa Ferdinando at the DoD News offer the below piece:

WASHINGTON, Aug. 18, 2017 — At the direction of the president, the Defense Department today initiated the process to elevate U.S. Cyber Command to a unified combatant command.

"This new unified combatant command will strengthen our cyberspace operations and create more opportunities to improve our nation’s defense," President Donald J. Trump said in a written statement.

The elevation of the command demonstrates the increased U.S. resolve against cyberspace threats and will help reassure allies and partners and deter adversaries, the statement said.  The elevation also will help to streamline command and control of time-sensitive cyberspace operations by consolidating them under a single commander with authorities commensurate with the importance of those operations and will ensure that critical cyberspace operations are adequately funded, the statement said.

Defense Secretary Jim Mattis is examining the possibility of separating U.S. Cyber Command from the National Security Agency, and is to announce his recommendations at a later date.

Growing Mission

The decision to elevate U.S. Cyber Command is consistent with Mattis' recommendation and the requirements of the fiscal year 2017 National Defense Authorization Act, Kenneth P. Rapuano, assistant secretary of defense for homeland defense and global security, told reporters at the Pentagon today.

"The decision is a welcome and necessary one that ensures that the nation is best positioned to address the increasing threats in cyberspace," he added.

Cybercom's elevation from its previous subunified command status demonstrates the growing centrality of cyberspace to U.S. national security, Rapuano said, adding that the move signals the U.S. resolve to "embrace the changing nature of warfare and maintain U.S. military superiority across all domains and phases of conflict."

Cybercom was established in 2009 in response to a clear need to match and exceed enemies seeking to use the cyber realm to attack the United States and its allies. The command is based at Fort George G. Meade, Maryland, with the National Security Agency. Navy Adm. Michael S. Rogers is the commander of U.S. Cyber Command and the National Security Agency director. The president has directed Mattis to recommend a commander for U.S. Cyber Command, and Rogers for now remains in the dual-hatted role, Rapuano said.

More Strategic Role

Since its establishment, Cybercom has grown significantly, consistent with DoD's cyber strategy and reflective of major increases in investments in capabilities and infrastructure, Rapuano said. The command reached full operational capability Oct. 31, 2010, but it is still growing and evolving. The command is concentrating on building its Cyber Mission Force, which should be complete by the end of fiscal year 2018, he said.

The force is expected to consist of almost 6,200 personnel organized into 133 teams. All of the teams have already reached initial operational capability, and many are actively conducting operations. The force incorporates reserve component personnel and leverages key cyber talent from the civilian sector.

"This decision means that Cyber Command will play an even more strategic role in synchronizing cyber forces and training,  conducting and coordinating military cyberspace operations, and advocating for and prioritizing cyber investments within the department,"  Rapuano said.

Cybercom already has been performing many responsibilities of a unified combatant command. The elevation also raises the stature of the commander of Cyber Command to a peer level with the other unified combatant command commanders, allowing the Cybercom commander to report directly to the secretary of defense, Rapuano pointed out.

The new command will be the central point of contact for resources for the department's operations in the cyber domain and will serve to synchronize cyber forces under a single manager. The commander will also ensure U.S. forces will be interoperable.

"This decision is a significant step in the department's continued efforts to build its cyber capabilities, enabling Cyber Command to provide real, meaningful capabilities as a command on par with the other geographic and functional combat commands," Rapuano said. 

Cyber Domain Presents Profound Challenges, Says Defense Secretary Carter At The U.S. Cyber Command

Claudette Roulo at the DoD News offers the below report:

WASHINGTON, March 13, 2015 - Defense Secretary Ash Carter gave his first domestic troop talk as secretary to the cyber warriors assigned to U.S. Cyber Command at Fort Meade, Maryland, today.

The mission of Cybercom is vital to the economic and physical security of not just the nation, but to Americans in their individual lives, Carter said.

"With all that's going on in the world, from Iraq to Ukraine, to the Asia-Pacific, the domain that you protect -- cyberspace -- is presenting us with some of the most profound challenges, both from a security perspective and from an economic perspective," he told the troops.

National leaders at every level are "seized with the need to get on top of this problem," the defense secretary said.

Building Bridges to Society

The Defense Department must be open to sources of good people and new technology to better position itself to defend the nation in cyberspace, he said.

"And that means we need to build bridges to society. Bridges that aren't as necessary in other fields of warfare that don't have a civilian or a commercial counterpart to the extent that this field does," Carter said.

Transparency is a difficult goal in cyber defense, the secretary acknowledged, but added that the department must always be open to new ideas and people.

"We can't always tell them what we are doing," the defense secretary said, "but we need to be open enough with our government so that it knows what it's doing."

The department must also be open to the ideas of new generations, he said.

"We need people who grew up with technology that was not available when I was growing up, and therefore have a sixth sense about it which I can never have," Carter said.

Nontraditional Warriors

The development of the cyber workforce can be a model for DoD, he told the troops.

"The freshness of approach, the constant effort to stay up [and] reinvent, that your field demands is actually something we can use everywhere in the department," the defense secretary said.

The cyber skill set and professional orientation doesn't have a good analog in the traditional armed services, Carter said.

"For the institutions that you join, be they military services or field agencies or new commands, they are trying to figure out how to welcome this new breed of warrior to their ranks," he said.

"We have to figure out how to get it to fit in, so that you all have a full opportunity to bring to bear on your careers the expertise that you gained here and that sense of mission that you felt here," the defense secretary said.

Challenges always accompany doing something new and exciting, Carter said, adding that he is determined to create a place where cyber warriors fit. "We'll find the path together," he said.

The relationship between Cybercom and the National Security Agency is also a work in progress, Carter said.

"My view is that we're doing the right thing in having the leadership of those two organizations in the same place," he said. "And one way of thinking about that is that we just don't have enough good people like you to spread around, and we need to cluster our hits."

Ensuring that cyber troops have the training, equipment and resources they need is a high priority for the department, he said.

Sequester 'Terrible, Stupid'

"If you read about sequester, which is a terrible, stupid thing that we are doing to ourselves -- I have nothing good to say about it," Carter said, referring to the across-the board government spending cuts the Budget Control Act of 2011 is set to impose in October. "But I think that even in the era of sequester, we understand that this mission area is one we cannot afford not to keep investing in."

The cyber mission force represents American ideals in cyberspace, he said. Keeping cyberspace open and free for everyone is its central focus, the defense secretary said.

"We're the ones who stand with those who create and innovate against those who would steal and destroy. That's the kind of country we are, and that's the kind of cyber force we are," he said.

"We're going to execute our mission while being as transparent as possible, because that's also who we are," Carter said.

"And that's why I wanted my remarks to you to be public," he told the troops. "That's an unusual thing for you, and I know that some of you can't be seen on television because of the nature of your work. And [that] it's rare that media come into the premises of this organization, but I wanted not only you to know how important we know what you do is for the country, but everyone else to hear that as well."

Admiral Rogers Discusses Cyber Operations, ISIL, Deterrence

Cheryl Pellerin at the DoD News offers the below piece:

WASHINGTON, March 2, 2015 - Navy Adm. Michael S. Rogers, commander of U.S. Cyber Command, took questions here recently on many topics -- cyber defense and offense, finding the Islamic State of Iraq and the Levant on the dark Web and cyber deterrence -- during a New America Foundation cybersecurity conference.

Rogers, who's also director of the National Security Agency, spoke with CNN national security correspondent Jim Sciutto and took questions from the audience and from Twitter and other social media outlets.

Rogers often says, as he did at this conference, that he believes in appearing publicly and putting no restrictions on questions asked of him.

"You can ask me anything," he said, "because we have got to be willing as a nation to have a dialogue" on cyber issues.

Cyberspace as a Domain of War

On a question about whether the United States is positioned effectively to address cyberspace as a domain of warfare, Rogers said the nation is in a better position in many ways than most of its counterparts around the world.

"We've put a lot of thought into this as a department," he added. "U.S. Cyber Command, for example, will celebrate our fifth anniversary this year. This is a topic the department has been thinking about for some time."

But the admiral said he doesn't think Cybercom is where it should be yet in preparation for fully engaging in cyberspace.

"Part of that is just my culture," he explained. "My culture as a military guy always is about striving for the best, striving to achieve objectives. You push yourself."

Defending the Networks

From a defensive standpoint it's difficult to defend a network infrastructure that has been built over decades, Rogers said, noting that most of it was created at a time when there was no critical cyberthreat.

"We're trying to defend infrastructure in which redundancy, resiliency and defensibility were never design characteristics," he said. "It was all about 'build me a network that connects me in the most efficient and effective way with a host of people and lets me do my job.'" Rogers noted that concerns about an adversary's ability to penetrate the network and manipulate or steal data was not a primary factor at the time.

The department is working to change its network structure to incorporate core security characteristics, the admiral said.

On the offensive side, Cybercom is "working its way," Rogers said, and doing this within a broader structure that dovetails with the law of armed conflict.

Cyber as an Offensive Tool

"Remember," he said, "when you look at the application of cyber as an offensive tool, it must fit within a broader legal framework -- the law of armed conflict, international law, the norms we have come to take for granted in some ways in the application of kinetic force."

Cybercom must do the same thing in the offensive world, the admiral said, "and we're clearly not there yet."

Like many nations around the world, the United States has capabilities in cyber.

"The key for us is to ensure that such capabilities are employed in a very lawful, very formulated, very regimented manner," Rogers said.

Legal Framework for Cyberspace

In January 2014, in Presidential Policy Directive 28, Rogers said President Barack Obama laid out the framework he wanted used in the conduct of signals intelligence.

Today, the admiral said, "all that remains applicable."

Another question from the audience referenced ISIL's use of the dark Web to raise money through Bitcoin, a form of digital currency.

The questioner described the dark Web as "a bunch of anonymous computers -- a bunch of anonymous users -- that are still able to find each other" using a browser that protects users' anonymity, no matter what a user is doing there.

Nature of the Business

On collecting intelligence from the dark Web, Rogers said, "We spend a lot of time looking for people who don't want to be found."

In some ways, he added, that is the nature of the business, particularly involving terrorists or individuals engaged in espionage against the United States or against its allies and friends.

Such activities, the admiral said, are a national concern.

"ISIL's ability to generate resources, to generate funding, is something that we're paying attention to," Rogers said.

Focusing on ISIL

"It's something of concern to us," he noted, "because it talks about ISIL's ability to sustain themselves over time [and] about their ability to empower the activity we're watching on the ground in Iraq, in Syria, in Libya [and] in other places."

Such activities also are of concern to a host of nations, the admiral said, adding, "I won't get into the specifics of exactly what we're doing, other than to say this is an area that we are focusing attention on."

When asked about deterring America's adversaries from carrying out cyberattacks, Rogers said the concept of deterrence in the cyber domain is relatively immature.

"This is still the early stages of cyber in many ways," he said, "so we're going to have to work our way through this" by developing and accepting norms of behavior in cyberspace that will underlie and support the notion of deterrence.

Cyber Command Investment Ensures Hackers Targeting U.S. Face Retribution

Maggie Ybarra at the Washington Times offers a piece on the U.S. Cyber Command's ability to fight back against hackers like the group that attacked Sony.

In the shadows of the Sony hacking incident and North Korea’s massive Internet outage, the Pentagon has quietly built a multibillion-dollar cyberwarfare capability and trained its commanders to integrate these weapons into their battlefield plans.

U.S. Cyber Command was officially stood up in 2010, based at Fort Meade in the Maryland suburbs of the nation’s capital, consolidating intelligence and cyberwarfare capabilities of the Army, Air Force, Navy and Marines under one house. Soon, billions of dollars were being invested in the concept that cyberattackers targeting America should be prepared to sustain their own damage.

Little has been discussed in public about U.S. Cyber Command’s specific capabilities since, though budget documents detail a growing commitment to this form of warfare. The Pentagon’s cyberwarfare budget has grown from $3.9 billion in 2013 to $4.7 billion in 2014 and an estimated $5.1 billion in 2015.

You can read the rest of the piece via the below link:

http://www.washingtontimes.com/news/2014/dec/22/us-cyber-command-investment-ensures-hackers-target/?page=all

Admiral Rogers: Cybercom Defending Networks, Nation

Cheryl Pellerin at the DoD News offers the below piece:

FORT MEADE, Md., Aug. 18, 2014 - U.S. Cyber Command continues to expand its capabilities and capacity, Navy Adm. Mike Rogers said Aug. 14.

The U.S. Cyber Command commander and director of the National Security Agency was speaking during an interview at the NSA headquarters building here.

"The decision to create [U.S. Cyber Command] was a ... recognition of a couple things. No. 1, the increasing importance of the cyber domain and the cyber mission set in Department of Defense operations in the 21st century," Rogers said.

Such a command would add to the department's ability to protect and defend its networks, and give policymakers and operational commanders a broader range of options, he said.

The second consideration involved DoD's mission to defend the nation, coupled with the potential of nation-states, groups and individuals to conduct offensive cyber activities against critical U.S. infrastructure.

In that scenario, the admiral said, defense officials thought it was likely the president would "turn to the secretary of defense and say, 'In your mission to defend the nation, I need you to do the same thing here in the cyber arena against this mission set critical to U.S. infrastructure, and I need an organization capable of doing that.'"

These conditions led the department to realize the need to create a traditional warfighting organization capable of executing a spectrum of cyberspace missions, Rogers said.

And, he added, they knew they needed to do so "with a dedicated professionalized workforce. This is not a pickup game where you just come casually to it."

Rogers said he focuses on five priorities for Cybercom.

These are to build a trained and ready cyber force, put tools in place that create true situational awareness in cyberspace, create command-and-control and operational concepts to execute the mission, build a joint defensible network, and ensure Cybercom has the right policies and authorities that allow it to execute full-spectrum operations in cyberspace.

Making progress is important to Rogers, who characterized his ultimate goal as bringing U.S. Cyber Command to a level where it's every bit as trained and ready as any carrier strike group in the U.S. Central Command area of responsibility or any brigade combat team on the ground in Afghanistan.

"My objective during my time as the commander, first and foremost," the admiral said, "is to ensure that we have brought to fruition the operational vision in cyber ... [to make sure] it's something real, it's something tangible, and it is operationally ready to execute its assigned missions."

That is happening as Cybercom brings its warfighting capability online, with the services generating a total cyber mission force of about 6,000 people by 2016, all trained to the same high standard and aligned in 133 teams with three core missions:

-- The Cyber National Mission Force, when directed, is responsible for defending the nation's critical infrastructure and key resources.

-- The Cyber Combat Mission Force provides cyber support to combatant commanders across the globe; and

-- The Cyber Protection Force operates and defends the DoD information network, or DoDIN.

Defending the DoDIN is the focus of a partnership in progress with the Defense Information Systems Agency, or DISA.

The agency provides command and control and information-sharing capabilities and a globally accessible enterprise information infrastructure to warfighters, the president and national leaders, and other mission and coalition partners. DISA, Rogers points out, is also a combat support agency.

The agency reports to acting DoD Chief Information Officer Terry Halvorsen, and its director is Air Force Lt. Gen. Ronnie D. Hawkins Jr. "I have always believed ... that we need to integrate operations and networks and our defensive workforce into one team," Rogers said, "and that you are more effective in operating a network and in defending a network when you do it with one integrated approach."

As a result, Rogers' team decided they needed to create a relationship with DISA, he said, adding, "At the moment there's no formal [command and control] line between us, but we're in the process of creating one." As part of that process Rogers collaborates with Halvorsen and Hawkins. "What I think we need to do," he said during their meeting, "is create an operational construct that creates a direct linkage [between] U.S. Cyber Command, DISA and U.S. Cyber Command service components." It's critical that the relationship includes the service components, Rogers said,

"Because, under the current network structure today, those networks are largely run by [the] services. So we've got to create a relationship between DISA and the services that is very operational because you've got to maneuver networks, you've got to react to changes, and you can't do that in a static kind of environment." He added,

"We're in the process of doing that and I expect to roll it out in the fall. ... You'll hear it referred to as JFHQ DoDIN," he said, or Joint Force Headquarters DoD Information Networks. Rogers said that he, Halvorsen and Hawkins agree, this is the future of DISA. "[DISA] will operate on the networks.

They'll be part of our defensive effort so they will be out operating on the networks just like us," he added. "One of the core missions is the defense of the DoDIN," Rogers said. "The forces associated with that mission will be assigned to DISA, to the services [and] to the combatant commanders." So, he added, DISA will have some operational control over the cyber mission force to help execute their mission. Another of Rogers' priorities for Cybercom is to help develop a common situational awareness of "what's happening in DoD networks," he said.

The commander highlighted the need for speed and agility in the cyber arena, adding, "If you can't visualize what you're doing ... you're not going to be fast or as agile, and thus arguably not as effective as you need to be." Rogers said, "As an operational commander I am used to the idea of walking into a command center, looking at a visual depiction that through symbology, color and geography enables me to very quickly come to a sense of what's happening in this space. We are not there yet in the cyber arena."

Establishing situational awareness in the cyber realm is a combination of technology and capability, the admiral said, and determining what knowledge is needed and what elements contribute to that. "Is what U.S. Cyber Command needs to know about what's going on in the network world the same thing as a strike group commander needs in the Western Pacific?

The same thing an Air Force air wing needs in Minot, North Dakota? The same thing a brigade combat team needs in Afghanistan? It will vary, so we've got to create a system that you can tailor to the needs of each commander," he said. Rogers noted there are many ongoing efforts to improve situational awareness, pointing out the need to work collaboratively to fix the problem. "We do have some tools right now," he added. "They're just not as mature and comprehensive as I'd like them to be."

Cyber is foundational to the future, the admiral said, and he often comments to his fellow operational commanders that cyber is a mission they have to own. "The wars of the 20th century taught most warfighting professionals that, no matter what you do, a good foundational knowledge of logistics is probably going to stand you in good stead," Rogers explained.

In the 21st century, he added, operational commanders may find that, regardless of their mission, they will need a sense of what's going on in their networks, where they're taking risk, and the impact of network structure and activities on their ability to execute the mission. "It's not something you turn to your communications officer ... or your CIO and say, 'I don't really understand this. Go out and do some of that for me.' That isn't going to get us where we need to go," the admiral said.

Rogers elaborated on the need for Cybercom to be ready. During his time as Cybercom commander, he said he expects that a nation-state, group or individual will attempt to engage in offensive, destructive capability against critical U.S. infrastructure, from the power grid to the financial sector.

The Presidential Policy Directive for Critical Infrastructure Security and Resilience outlines 16 designated U.S. Critical Infrastructure sectors. Rogers says he tells his team they have to be ready to respond to such a call. But for an attack on the United States, Cybercom will support the Department of Homeland Security, which is the lead agency for broader security protections associated with critical infrastructure, and partner with the FBI, which is the lead agency for domestic attacks and law enforcement.

"Our biggest focus really is going to be bringing our capabilities to bear to attempt to interdict the attack before it ever gets to us," the admiral said. "Failing that," he continued, "we'll probably also have some measure of capability that we can provide to work directly with those critical infrastructure networks to help address the critical vulnerabilities and where the networks could use stronger defensive capability."

To prepare for such interagency collaboration in the event of a domestic cyberattack, the command trains as it will fight, Rogers said. "In the military I'm used to the idea that you train like you fight. So we exercise [and] we replicate the things we think are going to occur in a combat scenario," the admiral said. "I want to do the exact same thing with the same set of teammates I'm going to operate with if we get the order to do so." The department and Cybercom already do internal exercises, he said, as well as ongoing interagency exercises such as Cyber Guard, in which elements of the National Guard, reserves, NSA and Cybercom exercise their support to DHS and FBI responses to foreign-based attacks on simulated critical infrastructure networks.

The whole-of-government exercise, completed June 17, was designed to test operational and interagency coordination and tactical-level operations to prevent, mitigate and recover from a domestic cyber incident.

Cyber Guard is a good example, Rogers said, "but I want to build on that. DHS and FBI were there but I think we can do even more." Information sharing and partnerships with the critical infrastructure sectors is an important aspect of enabling Cybercom to more effectively interdict and stop an attack, if directed to do so by the president and defense secretary, he added. The cyber threat is growing increasingly complex, the Cybercom commander said, and a more diverse set of actors is involved in the mission set, "from nation-states that continue to increase their capabilities, to groups, to individuals." In broad terms, he added, "you don't see a crisis in the world today that doesn't have a cyber aspect to it." For that reason and others, the ultimate construct of U.S. Cyber Command must be flexible, the admiral said.

"If you want to develop full-range capabilities and generate the maximum flexibility for their application, you've got to build a construct that recognizes we're going to be supported sometimes, we're going to be supporting other times, and sometimes we're going to be doing both simultaneously," Rogers said.

In one scenario Cybercom might be helping the commander in the Pacific, he said, and "at the same time we might be driving efforts to secure the U.S. financial infrastructure ... and trying to support U.S. Central Command. "It's just the nature of things," Rogers said, "because cyber is so global and so foundational." 

Cybercom Chief: Cyberspace Operations Key to Future Warfare

 

Cheryl Pellerin at the American Forces Press Service offers the below link:

 

WASHINGTON, June 16, 2014 - In the cyber domain of 2025, the ability of military formations to operate offensively and defensively will be a core mission set, and commanders will maneuver the capability much as they maneuver ground forces today, the commander of U.S. Cyber Command said recently.

Cybercom Commander Navy Adm. Michael S. Rogers, who also is director of the National Security Agency, was the keynote speaker at a June 12 meeting here at a cyber seminar hosted by the Association of the U.S. Army's Institute of Land Warfare.

The theme was Army Networks and Cybersecurity in 2025. "In the world of 2025, I believe the ability of Army formations to operate within the cyber domain, offensively and defensively, will be a core mission set for the U.S. Army and its operational forces," Rogers told the audience.

The Cybercom commander said that by 2025 the military services will have ingrained into their culture the reality that networks and cyber are a commander's business. The admiral, who most recently served as commander of the U.S. Fleet Cyber Command and the U.S. 10th Fleet, said this has been a major cultural challenge in the Navy. "In the year 2025, I believe ... Army commanders will maneuver offensive and defensive capability much today as they maneuver ground forces," Rogers said, adding that command and control, key terrain, commander's intent, synchronization with the broader commander's intent, and a broader commander's operational concept of operations will be cornerstones of Army cyber operations by then.

"In 2025," he said, "the ability to integrate cyber into a broader operational concept is going to be key. Treating cyber as something so specialized, ... so unique -- something that resides outside the broader operational framework -- I think that is a very flawed concept." Between now and 2025, Rogers said, a primary challenge will be integrating cyber and its defensive and offensive capabilities into a broader operational construct that enables commanders to apply another broader set of tools in achieving their operational missions.

When he thinks about how Cybercom and the services will get to 2025, Rogers said, he tries to keep three points in mind. The first, he said, is that cyber is operations. Commanders must own the cyber mission set, the admiral said, integrating it into the operational vision and becoming knowledgeable about the broad capabilities of a unit, formation or organization and its potential vulnerabilities.

"I think it's going to be foundational to the warfighting construct of the future," Rogers said, adding that the challenge is as much cultural as technical. "To make this work, in the end, it's about our ability to synchronize the capabilities of a team," he added, "from our junior-most individuals to our senior-most individuals, from capabilities resident within [the services] and as a department, to the [external] partnerships we're going to have to form."

The second point Rogers said he keeps in mind is that requirements of the future include a joint network backbone for all of the Defense Department. "I never understood why Army, Navy, Air Force, Marine Corps and, arguably, our Coast Guard teammates ... were spending a lot of time and money [to independently] create, maintain, build and operate a global communications backbone," Rogers said.

Instead, he added, "make the services responsible for the last tactical mile of [a DOD-wide backbone that spans the globe], down to mobile and tactical users, whether they're in a garrison scenario or whether they're out maneuvering in the field, on an aircraft, on a ship or in a squadron."

The third point, Rogers said, is that people and partnerships are key. "Don't ever forget that, in the end, [operationalizing cyberspace by 2025] is all about people and partnerships," the admiral said.

"It's about our ability to create a workforce that understands the vision, has the tools and capabilities they need to execute this vision, and is integrated into the broader effort." The partnership piece is a key area, he added, "because we, the Department of Defense, are not the cutting edge when it comes to networks, [communications] or information technology." "We are a user of technology that is largely generated by individuals and organizations that reside outside the DOD. ... I don't see that trend changing between now and 2025," he added.

As Cybercom commander and operational commander for the cyberspace mission set, the admiral said, focusing on five Cyber Command priorities will help military commanders build the joint force for 2025. The priorities are: -- Building a trained and ready operational cyber force; --

Building a joint defensible network whose architecture has core design characteristics of defensibility, redundancy and resilience; -- Creating shared situational awareness in cyberspace; -- Creating command and control and operational concepts for use in cyberspace; and -- Being mindful of policy and administrative changes needed to operate in cyberspace.

Addressing the department's ability to compete on the open market for exceptional cyber talent, Rogers said, cyber is no different from any other DOD mission in terms of going after talented individuals. "If the view is that pay is the primary criteria to get people with cyber expertise to join the department, I don't think that's going to work for us," he added. "We'll compete because of what makes us different. We will appeal to men and women who have an ethos of service [and] who believe in the idea of being part of something bigger than themselves."

"We're going to compete for the same people because, quite frankly, we're going to give them the opportunity to apply their knowledge in a way that you can't legally do on the outside," he added, prompting chuckles from the audience. "I think we're going to do well," the admiral said. "[Over the past 10 years], we have exceeded my wildest expectations in terms of our abilities to recruit and retain a high-end cyber workforce, because we've been able to focus on why they want to be with us as opposed to why they don't want to be with us."

Operationalizing Cyber is New Commander's Biggest Challenge

Cheryl Pellerin at the American Forces Press Service officers the below piece:

WASHINGTON, June 2, 2014 - U.S. Cyber Command's greatest challenge is to operationalize cyberspace to turn the electro-digital network of networks into a command-and-control environment where warriors can see the adversary and whose operations defense leaders can integrate into options for commanders and policymakers, the new director of the National Security Agency and commander of U.S. Cyber Command said here last week.

Navy Adm. Michael S. Rogers was a keynote speaker May 28 at the Armed Forces Communications and Electronics Association 2014 Cyber Summit. The admiral told a large audience that he and his team are working to develop a set of five capabilities that will enable the teams of Cybercom to fight, if that becomes necessary, in cyberspace, which became a military domain in 2010 with the stand-up of Cybercom as a subunified command under U.S. Strategic Command.

Rogers also shared the early stages of an idea his team is working through to make part of the Defense Information Systems Agency, or DISA, a partner with Cybercom in defending DOD networks. "At U.S. Cyber Command, as the new guy, I've said we need to focus on what a subunified command should be doing and not doing. We've got to optimize, focus and prioritize, so let's ask ourselves what we're doing that we shouldn't be doing," Rogers said.

The admiral concluded that if Cybercom intimately focuses on tactical-level details of defending the network, it would not accomplish much more, and he turned to DISA. In its current role, he said, DISA is largely an acquisition and engineering organization. "I believe that for DISA to achieve what it needs to do with respect to how it's going to operate and help us defend the networks, a portion of DISA [must] become an operationalized entity focused on maneuvering and defending the networks," he said. "We have to give DISA the ability to come up with a command-and-control node that can coordinate with others in defending the DOD information networks."

The Cybercom commander said that in this role, DISA "could enable U.S. Cyber Command to function at the operational level of war. That's our niche and that's where I think we generate the best return and the best outcome." Cybercom teammates, including combatant commanders and service chiefs, eventually will discuss a more fleshed-out version of the idea, he added.

On Cybercom's greatest challenge, Rogers offered five capabilities that must exist if cyberspace is to become viable as a military domain. The first capability is a truly defensible network. "Today we are ... working with a series of networks in which redundancy, resiliency and defensibility were never core design characteristics," Rogers explained. "We often treat defensive capability as something that is literally bolted onto a system after we've done everything else."

The effort to create a defensible architecture is leading Cybercom to reduce its number of networks and to focus on areas where the networks have continuous public interfaces -- a source of particular vulnerability, Rogers added. OD's fledgling Joint Information Environment, or JIE, is a framework for modernizing DOD information technology systems and making them more secure. The system includes overarching architectures, standards and specifications; common ways of operating and defending DOD networks; and common engineered-solution designs.

"We've already created a JIE structure in Europe as a test. We're moving into the Pacific arena next and we'll continue to expand around the world," Rogers said. "We're trying to create a network in which defensibility, redundancy and resiliency are core design characteristics from the ground up." The second capability is common, shared situational awareness in cyberspace.

The admiral said that at every level of maritime operations, he's used to walking into a command center that gives him a common picture of a situation through the use of color, symbology and geography in a visual display that lets him quickly gain situational awareness and make decisions.

"We do not have that right now in the cyber arena," Rogers said. "As I used to kid my teammates, how do you defend something you can't see?" Cybercom is in the early stages of putting together such a capability, the admiral said, and it has proven to be a hard challenge. "We're certainly not as far along as I would like but it's not because of a lack of effort," Rogers said, adding that he's trying to bring together separate efforts to create the capability across the department. "In an era of declining resources we've ... got to do this together and we've got to divvy up who's going to do what," he added.

The third capability involves Cybercom's authorities and responsibilities to act. Within the Defense Department, Rogers said, he's comfortable with Cybercom's current authorities, "but when we start to go outside the department, it gets a little more complicated."

One mission set Cybercom anticipates receiving is in the event of attempts to disrupt critical infrastructure in the United States, the admiral said. "It is our expectation that we are training and working toward the ability to respond," he added, "and it is my expectation that potentially the president and the secretary of defense will turn to U.S. Cyber Command and say, ... 'We're seeing activity X, and need you to be part of the federal government's response to this.'" As a department, the admiral said, DOD routinely provides support to civil authorities in a multitude of mission areas, including hurricanes and wildfires. "I don't think cyber is going to be any different in that regard," Rogers said, "and I look for us to partner incredibly closely with our friends at the Department of Homeland Security, DHS, which is the lead for protecting federal networks" and for responding to cyber concerns outside the federal government. The FBI also plays an important role, he said.

DOD is measured in what it does within the United States versus what it does overseas, Rogers said, "and we've got to be mindful of [the Posse Comitatus Act] and this thing we call the law. We are not going to violate that." Under the Posse Comitatus Act, service members and National Guardsmen who are under federal authority can't perform in a law-enforcement capacity in the United States, unless the Constitution or Congress specifically authorizes it. "We've got to make sure the constructs we build enable us to work within the U.S. legal [system]," Rogers said, so he and his Cybercom team are discussing with officials at U.S. Northern Command, which has a primary mission of homeland defense, how best to work with federal government partners.

"But clearly," he added, "to work with other federal partners, we'll need some measure of authority and direction that we don't enjoy day to day." The fourth capability for operationalizing cyberspace, Rogers said, is to develop operational concepts and a command-and-control structure that takes operating in cyberspace from dream to reality.

As U.S. Cyber Command generates teams of warfighters to operate in cyberspace, its questions will include: Who will operate in cyberspace? How will command and control work there? How will cyber operations be prioritized? Who will make critical decisions about what Cybercom teams will and won't do in the cyber environment? What authorities are granted to which individuals? How will Cybercom make the chain of command clear to everyone operating in cyberspace?

None of this is unique to cyber, and for the military services, it's nothing new, but one thing that does make cyber especially challenging is a lack of physical geography, Rogers said. "In the DOD framework, we often use geography as a way to define responsibilities, carving the world up as regional combatant commands, ... and yet cyber doesn't recognize the geographic boundary thing," the admiral explained. "If I'm looking at potential attack strategies against critical infrastructure or ... DOD networks, I'm watching a path that bounces from a nation state, individual or group to infrastructure spread out in countries that aren't [our] particularly close friends or allies, then bounces into U.S. infrastructure, bounces out again, and then comes back in directly at the final target," Rogers said. U.S. Cyber Command must develop operational concepts and a command-and-control structure that recognizes this reality, he added. "Like any other military endeavor," Rogers said, "we tend to use intellectual thought, exercises and a variety of means in U.S. Cyber Command and among the broader partner teams ... to work our way through this."

The admiral added, "I tell the team, don't fixate on cyber as something unique that nobody understands. Ask yourself how we can translate [into the cyber arena] the operational concepts all of us have spent our lives in uniform learning and understanding as warfighters."

The fifth area critical to operationalizing cyber is to generate trained and ready forces, Rogers said, adding that generating such forces and deploying them to operational commanders is a service mission.

To accomplish the mission, Rogers has mandated the following three priorities:

-- Train everyone to the same set of standards. -- Conform to a team structure that divides 6,000 people into 133 teams that range in size from more than 60 individuals to about 20.

At U.S. Cyber Command, Rogers said, the goal is to have the 6,000 people trained and certified by the end of 2016. -- Generate capacities in the teams focused on defending the networks -- combatant commander networks, service networks, DISA networks, DOD enterprise networks, the DOD backbone, and, if needed, critical-infrastructure networks.

"This is hardest in some ways, because to truly defend a network takes a host of partners," Rogers said, "[and] ... synchronizing all areas of defense at one time is master's-level command and control in the cyber environment." The admiral said network defense may be Cybercom's most complicated task, "but I would argue it's the most important in some ways because we'll be tested every day on our ability to defend the department's networks and, if directed, defend other networks." 

Admiral Rogers Takes Over Top NSA, Cyber Command Posts

Jim Garamone at the American Forces Press Service offers the below piece:

FORT MEADE, Md., April 3, 2014 - Navy Adm. Michael S. Rogers assumed command of U.S. Cyber Command and became director of the National Security Agency and the Central Security Service during a ceremony here today.

He succeeds Army Gen. Keith B. Alexander, who retired last week, in all three posts. Previously, Rogers was commander of the Navy's 10th Fleet, the service's cyber arm. He has already been confirmed by the Senate.

Michael G. Vickers, undersecretary of defense for intelligence, said Rogers is the right man for the job during a challenging time, and that the NSA has been central to America's national security.

"The work is not done," he said. "The security challenges we face today are complex and growing, our adversaries are determined. And when the lives of our nation's citizens are at stake, failure is not an option."

Rogers called for a moment of silence during today's ceremony for "our Army teammates who are facing a great tragedy at Fort Hood."

The admiral takes the reins at a time of tremendous turmoil in the intelligence community, as thousands of documents published on Wikileaks and others released by former NSA contractor Edward Snowden detailing highly classified NSA surveillance operations have caused an uproar. Rogers alluded to that when he said friends told him, "Congratulations, I guess," when they heard of his new job.

But the still youthful-looking admiral said he had no compunction about taking the posts, "because I believe in the mission of the National Security Agency and I believe in the mission of the United States Cyber Command."

The admiral noted that for his entire naval career, he has been associated with cyber warriors and he stressed his faith in the men and women of NSA and Cybercom.

"I believe in you," he said. "I've had the honor of working with many of you for almost my entire adult life. I love the people I've had the pleasure of serving with and I am honored to be a member of your team."

Rogers said he has known for a long time that he was being groomed for the jobs he assumed today.

"I'm aware of what the department has invested in me," he said. That, he added, led him to his final reason for wanting the job.

He said he told his wife, Dana, "Now it's payback time. What kind of leader, what kind of teammate would I be if I turned my back? I don't pretend for a minute that I'm the only person who could do this job. But this is the time for payback, I am not going to owe them."

Rogers stressed that the key to success in the future will be about partnerships.

"The most important partnership for all of us will be that between U.S. Cyber Command and the National Security Agency," he said. "We need each other to execute our missions. That's why we're together the way we are, that's why we have the structure, and I believe in that structure."

Partnership must extend beyond DOD, the admiral said. The organizations must strengthen partnerships with the FBI, the Homeland Security and Justice departments and the director of national intelligence, "but even more broadly than that," he said.

Rogers also said he wants greater cooperation with partner nations. The organizations work closely with Great Britain, Canada, Australia and New Zealand, he noted, but he said he wants to work with a broader world of partner and allied nations. "The key to success, I believe, in the [signals intelligence] and cyber worlds of the 21st century is all about building strong collaboration and being good partners," he said.

He noted that these are challenging times for the organizations. "I love challenges," he said, "because I believe that challenge and change represents opportunity, and I love opportunity."

The organizations have the opportunity to create "something even better, that's focused not only on the challenges of today, but what people will need in five to 10 years to succeed," the admiral said.

Rogers said he will squarely accept the challenge of regaining the trust of some Americans "who don't believe us," and he pledged to "engage in a dialogue with the citizens of our nation about what we do and why we do it."

There has not been a discussion about the role of NSA with the public, he acknowledged. "We live in a world of great risk," he said. "There are individuals, groups out there who, if they had their way, we would not longer exist as a nation. The very values and ideals that we represent are offensive to them and stand against everything they believe in. We need to be mindful of that, and we can't forget."

Rogers said there will be strict adherence to law and policy in the cyber world. "There are no shortcuts here, teammates," he said. "The nation places its trust in us. It has given us great resources and it counts on us to do the right thing, the right way to defend them."

Americans don't know the specifics of what the organizations do, "but they want to trust us," Rogers said. "If we make mistakes we will stand up and hold ourselves accountable and responsible," he added.

Navy Admiral Tabbed As Next Cyber Command Chief And NSA Director

The American Forces Press Service offers the below piece:

WASHINGTON, Jan. 30, 2014 - Navy Vice Adm. Michael S. Rogers (seen in the above U.S. Navy photo) is President Barack Obama's nominee to become the next commander of U.S. Cyber Command, Defense Secretary Chuck Hagel said in a DOD news release issued today.

Hagel also announced that he has designated Rogers to serve as director of the National Security Agency, and chief of the Central Security Service, according to the release.

"I am pleased that President Obama has accepted my recommendation to nominate Vice Adm. Michael Rogers as Commander of U.S. Cyber Command. And I am delighted to designate him also as Director of the National Security Agency," Hagel said in a statement issued today. "This is a critical time for the NSA, and Vice Adm. Rogers would bring extraordinary and unique qualifications to this position as the agency continues its vital mission and implements President Obama's reforms."

In his statement, Hagel noted that Rogers is "a trained cryptologist" with a Navy career spanning 30 years.

Rogers currently serves as the U.S. Fleet Cyber Command commander and commander of the U.S. 10th Fleet. If confirmed by the U.S. Senate, he will replace Army Gen. Keith B. Alexander, who has served as the NSA director since 2005, and the Cyber Command commander since 2010, the DOD release said.

"As commander of the Navy's 10th Fleet and U.S. Fleet Cyber Command, he has already demonstrated his leadership and deep expertise in this critical domain," Hagel said of Rogers. "I am also confident that Adm. Rogers has the wisdom to help balance the demands of security, privacy, and liberty in our digital age."

Additionally, the release said, Richard Ledgett has been selected to serve as the NSA deputy director. In his new role as the senior civilian at NSA, Ledgett acts at the agency's chief operating officer. He replaces J. Chris Inglis, who retired from the position in January.

"If confirmed, Vice Adm. Rogers will be joined by an exceptionally able Deputy Director and senior civilian leader, Rick Ledgett, whom I congratulate on his appointment today," Hagel said in his statement. "Rick brings outstanding qualifications to the job. And I know that both he and Vice Adm. Rogers join me in thanking Gen. Keith Alexander for his remarkable leadership of the NSA and Cyber Command for nearly a decade."

Defending Against Catastrophic Cyberattacks Requires Collaboration, Says Director Of U.S. Cyber Command

Cheryl Pellerin at the American Forces Press Service offers the below piece:

WASHINGTON, Oct. 30, 2013 - Catastrophic cyberattacks loom in the nation's future, and only collaboration among government agencies, Internet service providers and U.S. allies worldwide can help citizens prepare for them, the commander of U.S. Cyber Command said this afternoon.

Army Gen. Keith B. Alexander (seen in the above DoD photo), who also serves as director of the National Security Agency, delivered the keynote address to senior government security officials and industry executives attending a cybersecurity conference.

"Over the last 14 months, we've seen over 350 distributed-denial-of-service attacks on Wall Street, with varying levels of success. In August 2012, the whole world saw a destructive attack on Saudi Aramco's computer systems that ... wiped out the data on over 30,000 systems," Alexander said.

The general asked the audience to imagine if that attack had hit Wall Street and to consider the impact it would have on the nation's finances and the global financial structure.

"Those types of catastrophic attacks are in our future," the general said. "We have to prepare for them. This is something the government cannot do by itself -- this is something government, industry and our allies have to work [on] together."

Alexander said the partnership must start with legislation that allows Internet service providers such as those who have large financial industry clients on Wall Street to tell government law enforcement agencies exactly when a cyberattack is happening so it can be stopped.

"We need a way for industry to tell us when there's an attack going on," he said. "The chances of us seeing it in time to do something about it are very small, especially for a destructive attack."

Alexander likened the way such a process would work to the way the E-ZPass electronic toll collection system scans cars on the highway to collect tolls. In the case of Internet traffic, the Internet service provider would scan network packets to see if they are good or bad, he explained.

If a bad packet is coming into Wall Street, Internet service providers would see that, he said, and could tip off the FBI, the Department of Homeland Security, the National Security Agency or U.S. Cyber Command about the bad packet, including where it's going and where it's coming from, at network speed.

"That's the key," Alexander said. "In order to respond to these types of threats, we need that information at network speed, and we've got to come up with the rules and the operational concepts to actually work at network speed if we're going to stop some of these attacks."

Some questions remain about how the process would work, he added.

"How do we scan traffic to know that it's good to go in such a way that we protect our civil liberties and privacy and insure it's not something that's going to destroy our financial networks?" he asked. Our thoughts are that this is where government and industry can work together.

"We don't need the contents of the packet," he continued. "We don't need to know anything more than it's a bad packet and it came from Point A and it's going to Point B. But for industry to provide us that information, we need legislation."

Five areas are most important to the Cyber Command and NSA missions, the general told the audience. First, and perhaps most important, is to have a trained and ready force, he said.

"If you don't have that and if [the cyber warriors] aren't trained to the right level," Alexander said, "they will never detect the threats that are going on in our networks."

Second is to have operational concepts and command and control, the general said, defining that as Team Cyber, or the integration of NSA and Cyber Command as a team alongside the Department of Homeland Security and the FBI.

"We have a team and a concept that says if an attack is happening on Wall Street, we have to know how we're going to work it," he said. "NSA and Cyber Command do not respond inside the United States; that's the role of the FBI. Outside, we work with our allies; that's where NSA and Cyber Command come in. The operational concept says how we stop an attack and how we tell the right authorities what's coming."

Third is to have a defensible architecture, he said, using the Defense Department's networks to explain the problem.

"Within the Defense Department we have 15,000 enclaves, each with different system administrators, each with their own firewalls, and each presenting a potential vulnerability if they're not patched at the same time," Alexander explained.

Having 15,000 groups of people trying to patch a network at the same time is problematic, he said.

"Somebody's going to make a mistake, and ... in cyberspace that means an adversary has a good probability of getting access to our network," he said. "It's the same thing for industry. How are we going to fix it? This is where the thin virtual cloud comes in."

Such problems must be addressed at network speed "if we're ever going to get out in front of this," he added.

The fourth area is shared situational awareness in cyberspace, or how cyberspace is seen.

"Today, when somebody talks about an attack into your network, ask them to draw you a picture," Alexander said. The issue, he added, is that if someone can't describe what's happening in cyberspace so that every decision maker understands it, how can they respond?

"We need shared situational awareness in cyberspace. We're working that -- we call it the cyber common operational picture -- but we also have to have that shared space with industry," Alexander said. "That's one of the key things that industry and government have to work on together. How do we see the threats?"

Seeing good airplanes and bad airplanes coming in requires that they be sorted out, Alexander said. "We do that for air defense," he added. "How do we do it for cyber defense, and how do we share it with our allies? That's a key issue we have to address in solving some of the problems coming up."

The fifth area is authorities, he said.

"The secretary of defense and the president are the policymakers, and it's their decision on when we act and when we don't act," Alexander said. "But we have to set up some of the authorities -- what we'll call the rules of the road."

From a military perspective, these are the rules of engagement, he said, "and we are actually working that with the Defense Department, the White House and others. ... But those, I think, absolutely should be on the table, and they should be transparent."

Cybercom Commander Calls Cybersecurity Order First Step

U.S. Army Sgt. 1st Class Tyrone C. Marshall at the American Forces Press Service offers the below piece:

WASHINGTON, Feb. 13, 2013 - The cybersecurity policy President Barack Obama announced during his annual State of the Union address is a step toward protecting the nation's critical infrastructure, the commander of U.S. Cyber Command said here today.

Army Gen. Keith B. Alexander (seen in the above official photo), also director of the National Security Agency, joined senior U.S. officials from the White House and the Commerce and Homeland Security departments to discuss strengthening the cybersecurity of the country's critical infrastructure.

"We need a way of sharing information between government and industry -- both for information sharing and hardening our networks," he said. "I think what we're doing in the executive order tackles, perhaps, the most difficult issue facing our country: How do we harden these networks when, across all of industry and government, those networks are in various states of array? We've got to have a way of reaching out with industry and with government to solve that kind of problem."

The general said the new cybersecurity policy is important to strengthening the country's defenses against cyberattacks. "The systems and assets that our nation depends on for our economy, for our government, even for our national defense, are overwhelmingly owned and operated by industry," he explained. "We have pushed hard for information sharing."

Private-sector companies have the information they need to defend their own networks in a timely manner, he said. "However, information sharing alone will not solve this problem," he added. "Our infrastructure is fragile." The executive order Obama signed to put the new cybersecurity policy into effect sets up a process for government and industry to start to address the problem, the general said.

But although the president's new executive order helps to bring about some solutions, Alexander said, it isn't comprehensive.

"This executive order is only a down payment on what we need to address the threat," he said. "This executive order can only move us so far, and it's not a substitute for legislation. We need legislation, and we need it quickly, to defend our nation. Agreeing on the right legislation actions for much-needed cybersecurity standards is challenging."

The executive order is a step forward, though, because it creates a voluntary process for industry and government to establish that framework, Alexander said.

"In particular, with so much of the critical infrastructure owned and operated by the private sector, the government is often unaware of the malicious activity targeting our critical infrastructure," he said. "These blind spots prevent us from being positioned to help the critical infrastructure defend itself, and it prevents us from knowing when we need to defend the nation."

The general noted government can share threat information with the private sector under this executive order and existing laws, but a "real-time" defensive posture for the military's critical networks will require legislation removing barriers to private-to-public sharing of attacks and intrusions into private-sector networks.

"Legislation is also necessary to create incentives for better voluntary cooperation in cyber standards, developments and implementation," he said, "and to update and modernize government authorities to address these new cyber threats."

Alexander warned that potential cyber threats to the United States are very real, pointing to recent examples.

"You only have to look at the distributed denial-of-service attacks that we've seen on Wall Street, the destructive attacks we've seen against Saudi Aramco and RasGas, to see what's coming at our nation," Alexander said. Now is the time for action, he said, and the new executive order takes a step in implementing that action.

In his role as director of the NSA, Alexander said, he is fully committed to the development of the cybersecurity framework.

"We do play a vital role in all of this, and in protecting DOD networks and supporting our combatant commands and defending the nation from cyber-attacks," he said. "But we can't do it all. No one agency here can do it all. It takes a team in the government."

And the government cannot do it by itself, either, he added. "We have to have government and industry working together as a team," he said.

U.S. Cyber Command Chief Says U.S. Unprepared For Serious Cyber Attacks

By Claudette Roulo
American Forces Press Service

ASPEN, Colo., July 26, 2012 - The United States is not adequately prepared for a serious cyber attack, the commander of U.S. Cyber Command told the audience at the Aspen Institute's annual security forum today.

Army Gen. Keith Alexander, who also serves as the director of the National Security Agency and the chief of the Central Security Service, said that, in terms of preparation for a cyber attack on a critical part of its network infrastructure, the U.S. is at a three on a scale of one to ten.

The problem of defending the nation from a cyber attack is complicated, Alexander said. It's not just a question of preparing the Department of Defense or federal networks. Private industry also has to be defended.

"Industry has a variety of capabilities," Alexander said. While networks serving the financial community are well-defended, others sectors need help.

Key to developing a strong cyber security infrastructure is educating its users, Alexander said.

"We have a great program, it's jointly run by [the National Security Agency] and [the Department of Homeland Security] working with over 100 different colleges and universities to set up an information assurance/cyber security portfolio," he said.

Ensuring people who didn't grow up in the Internet age are security-aware is one of the major challenges facing those who secure the network, Alexander said.

The number of exploits of mobile technology has almost doubled over the past year, he said, and many people don't realize that phones are tied into the same digital network infrastructure as computers.

Alexander defined exploits as the means that a hacker uses to penetrate a system, including mobile phones or tablets, to potentially steal files and credentials or jump to another computer.

"The attack surfaces for adversaries to get on the internet now include all those mobile devices," Alexander said. And mobile security lags behind that of cyber security for landline devices like desktop computers.

Alexander said the Department of Defense, in concert with agencies like the Department of Homeland Security and the Federal Bureau of Investigation, works together with industry to secure network devices.

"If we identify a problem, we jointly give that back to industry and say 'Here's a problem we found,'" Alexander said.

Using the nuclear model, or concentrating solely on major nation-states, to analyze the cyber threat is wrong, he said. Several nations are capable of serious cyber attacks, he explained, but anyone who finds vulnerabilities in the network infrastructure could cause tremendous problems.

Industry and government must work as a team to combat these threats, Alexander said.

"There are great folks in industry who have some great insights," he said. "That's the only way that we can prevent those several states from mounting a real attack on this nation's cyber."

In addition, deterrence theory worked for nuclear weapons in part because the decision time was much slower than it is for cyber threats.

"A piece of information can circumnavigate the globe in about 133-134 milliseconds," he said. "Your decision space in cyber [is] half that—60 seconds."

"My concern is...you've seen disruptions like in Estonia in 2007, in Georgia, Latvia, Lithuania, Azerbaijan, Kyrgyzstan, you could go on," he said. "We've seen them here in the United States... What I'm concerned about is the shift to destructive [attacks]. Those are the things that will hurt our nation."

Disruptive attacks, like distributed denial-of-service attacks, are aimed at interrupting the flow communication or finance, but aren't designed to cause long-term damage.

In contrast, destructive attacks are designed to destroy parts of the network infrastructure, like routers or servers, which would have to be replaced in order to resume normal operations, Alexander said. In some cases this could take weeks or months.

Congress is considering bills that would give the Department of Homeland Security a greater role in setting performance requirements for network industries. Alexander said this legislation is important to assist in setting network infrastructure standards.

Both parties have something to bring to the table, he said. Industry knows things that government doesn't, and government knows things that industry doesn't.

"If we were to be completely candid here, the reality is that industry is getting hacked [and] government is getting hacked," he said. "What we need to do is come together and form best practices."

Government-civil partnerships open up the possibility that the U.S. can accomplish things in cyber space that no other nation has the capability to accomplish, Alexander said.

"When we put together this ability for our nation to work as a team in cyber space, what that allows us to do now is do things that other countries aren't capable of doing in defending the nation," Alexander said.

Because attributing the source of a cyber attack is difficult, the focus is currently on defense rather than offense, Alexander said.

"Today, the offense clearly has the advantage," he said. "Get cyber legislation in there, bring industry and government together, and now we have the capability to say 'You don't want to attack us. We can stop it and there are other things that we can do to really make this hurt.'"

"The key is having a defensible capability that can survive that first onslaught," Alexander said.

Cyber Defense Is A Team Sport: DoD Needs Industry's Help To Catch Cyber Attacks, Says U.S. Cyber Command General

By Lisa Daniel, American Forces Press Service

*

WASHINGTON, March 27, 2012 - The Defense Department needs private-sector cooperation in reporting computer network attacks in real time to stop what has been the "greatest transfer of wealth in history" that U.S. companies lose to foreign hackers, the head of U.S. Cyber Command told a Senate committee today.

*

Army Gen. Keith B. Alexander (seen in his official DoD photo), who also is the National Security Agency director, told the Senate Armed Services Committee that he supports legislation that would require private companies to report attacks, and added that such reporting needs to happen before an attack is complete.

*

"We need to see the attack," he said. "If we can't see the attack, we can't stop it. We have to have the ability to work with industry -- our partners -- so that when they are attacked, they can share that with us immediately."

*

Many cyber defense bills have stalled in Congress over concerns about privacy, overregulation and the military's role in cyber protection, Alexander and the senators noted.

*

The general compared the current situation, where DOD computers receive some 6 million threatening probes each day, to a missile being fired into U.S. airspace with no radars to see it. "Today, we're in the forensics mode," he said. "When an attack occurs, we're told about it after the fact."

*

Alexander added, though, that industry should be monitoring their own systems with help from Cyber Command and the Department of Homeland Security. "I do not believe we want the NSA or Cyber Command or the military in our networks, watching it," he said.

*

Alexander explained the federal partnership of U.S. cyber security as one in which Homeland Security leads in creating the infrastructure to protect U.S. interests, Cyber Command defends against attacks, FBI conducts criminal investigations, and the intelligence community gathers overseas information that could indicate attacks.

*

"Cyber is a team sport," he said. "It is increasingly critical to our national and economic security. ... The theft of intellectual property is astounding."

*

The Defense Department's request of $3.4 billion for Cyber Command in fiscal 2013 is one of the few areas of growth in the DOD budget, senators noted. The command has made progress toward its goals of making cyber space safer, maintaining freedom of movement there, and defending the vital interests of the United States and its allies, Alexander said. The command also is working toward paring down the department's 15,000 separate networks, he said.

*

Cyber threats from nations -- with the most originating in China -- and non-state actors is growing, Alexander said.

*

"It is increasingly likely, as we move forward, that any attack on the U.S. will include a cyber attack," he said. "These are threats the nation cannot ignore. What we see ... underscores the imperative to act now."

U.S. Strategic Command General Cites Cyber Domain Challenges

By Cheryl Pellerin, American Forces Press Service

WASHINGTON, Oct. 19, 2011 - Space and cyberspace are growing in strategic importance as other nations increase their capabilities, the chief of U.S. Strategic Command told defense reporters here yesterday.

A recent example of cyber threats facing the Defense Department is a computer virus that affected a stand-alone ground control system for the nation's drone fleet based at Nevada's Creech Air Force Base, according to Stratcom commander Air Force Gen. C. Robert "Bob" Kehler.

The virus was not targeted at the drone fleet but entered "from the wild," Kehler said, adding the precise means of infection is still under investigation.

Stratcom systems detected the virus, quarantined it, and it had little to no impact on operations, he noted.

Both accidental and targeted attacks on DOD networks are on the rise, the general said.

"The trend is that we see multiple, deliberate attempts to try to get into our networks almost daily," he said.

Based at Offutt Air Force Base near Omaha, Neb., Stratcom serves as U.S. Cyber Command's headquarters, and also oversees the nation's missile defense, and global strike and space operations, as well as combating weapons of mass destruction.

The Stratcom mission set touches that of every other combatant command, Kehler said, noting that there are vital linkages between military and commercial information networks in areas like transportation and logistics.

"The Internet is mostly in the commercial and civil domains ... but we use it," he said.

Perfect defense of all networks is probably not achievable, but "mission assurance is something that we must achieve," Kehler said.

The Defense Department has made great progress in cyber defense, but "sometimes ... the more you know, the worse you look," he said.

In the past, some attacks may have gone undetected, the general explained, but defense officials are "far more aware today of the things that are happening to us, and we are taking strides to deal with the realities of operating in cyberspace."

Robust protections are in place on the "dot mil" domain and defense officials have begun a pilot program that extends some of those safeguards to defense industries, he noted.

A fundamental issue in cyber domain operations is defining what an attack is, and developing a legal framework, doctrine and rules of engagement for those operations, Kehler said.

"In other domains ... rules of engagement are based on things like hostile intent," he said. "Much of what we see on our networks or at our boundaries, at our firewalls, I'm not sure you could describe as an attack."

Cyberspace threats include predators, vandals and spies, not all of whom are attackers by national security terms, Kehler said.

He noted much of the hostile activity on DOD's networks involves attempts to steal industrial or military secrets.

"The word 'attack' makes it sound as though people are trying to take our systems down every day, and that's not the case," the general said.

Attempts to exploit military information or disrupt network activities could evolve into destructive attacks, Kehler said.

The United States has a military edge in cyberspace, but other nations possess "very sophisticated" capabilities in that domain, he said.

An important question being asked inside the Defense Department, Kehler said, is how to retain that edge as the global population gets smarter in cyberspace.

"I think there's a great question for us that goes all the way into our education system [and] our university system," the general said. "Can we, as a nation, provide the wherewithal in the information age to maintain a national security advantage, like we did in the industrial age?"

"I don't know that we quite have the answer yet," he added.