Department of Defense Mission Statement
The mission of the Department of Defense is to provide the military forces needed to deter war, win should deterrence fail, and to protect the security of our country at all times from all threats. The department’s headquarters is at the Pentagon.
DoD has now publicly articulated a strategy for cyber operations. The strategy appeared in an article published in Foreign Affairs under the title “Defending a new domain.” Reviewing the strategy in the light of current mission needs and with an understanding of current mission capabilities leads to a better understanding of the overall situation regarding cyber and also informs estimates on what the department will need from industry in the near term.
The five pillars of DoD’s new cyber strategy are:
- Recognizing cyberspace as a new domain for warfare.
- Adopting “active defense” to extend current defenses beyond “hygiene” measures, such as anti-virus software and intrusion detection.
- Extending protection for critical infrastructure such as power grids, banking and telecommunications networks.
- Seeking “collective” cyber defenses with foreign countries.
- Maintaining and exploiting U.S. technological dominance.
- The DoD has an Information Assurance (IA) plan led by OSD. It aims to provide a holistic comprehensive IA plan to better protect the Global Information Grid.
- When it comes to IA, most of the money spent on that is from the IT budget. However, increasingly operational military budgets are also being spent on IA.
- Pentagon officials claim to be boosting cybersecurity funding by a planned $8 B to $12 B over the next 5-6 years.
- DOD is participating in numerous study groups and NATO/UN efforts. They are providing policy guidance to other US agencies via International Sub-IPC
It is critically important to understand how DoD views IA. After years of hard learned lessons they have established policies that the department must follow. Anyone seeking to interact with the department should be familiar with the key policies, most important of which are: CJCSM 6510.01, DoD Directive 8570.1 And DoD Instruction 8510.01. These and many others can be found at:http://iase.dia.mil
To track more urgent DoD actions in Cyber Security we recommend following US Cyber Command, NSA and DISA. Those will be three key pace-setters. The Defense Cyber Crime Center is also a key indicator of DoD direction.
Items of Interest
Sharing Intelligence Helps Contractors Strengthen Cyber Defenses
A new pilot program in which the Defense Department shares classified threat intelligence with defense contractors or their commercial Internet service providers is showing promise in increasing their cyber defenses and preventing enemy intrusions into sensitive government networks, Deputy Defense Secretary William J. Lynn III said. This program is pushing data sharing between contractors and DoD operators. The intent is to help contractors improve their cyber defense because they are increasingly targeted. DoD is already seeing gains from this program and expect that to continue.
‘Terabytes’ of data lost to cyber snooping
Deputy Secretary Lynn disclosed that cyber-snooping has cost the US ‘terabytes’ of information over the past few years. He says that this information has been extracted from corporate networks of defense companies, and that in one intrusion, 24k files were taken. He also mentioned that foreign intelligence services have taken military plans and weapons systems designs. US IP is key, and stronger networks necessary to defend that IP.
DoD moves to speed cyber acquisition
DoD has finally launched concerted efforts, and may be realizing accelerated and streamlined rapid cyber acquisitions. This major change in government policy is expected to begin next year, with deployment of capabilities to follow. This change in paradigm will enable rapid acquisition and deployment of cyber defenses needed to keep DoD networks secure. This change would completely re-define the manner in which solutions are sold to the DoD.
DARPA looks to Raytheon to help root out cyber security insider threats
DARPA chose Raytheon scientists to participate in the Anomaly Detection at Multiple Scales (ADAMS) program to create information security computer algorithms to detect and characterize anomalies in large data sets to pinpoint employees or other insiders attempting to steal sensitive information, insert computer viruses or carry out other malicious acts. This program will lead the way for insider threat programs in DoD. It will be important to have your APIs be able to tie-in with the DARPA product once released.
GAO Defense Department Cyber Efforts Budget Estimates
Budget estimates for the component units for cyber from 2012-2016:
|Component||FY 2012||FY 2013||FY 2014||FY 2015||FY 2016|
DoD to Revamp Acquisition with Cyberspace in Mind
Official are intent on making the DoD agile in acquisition to help bolster cyber capabilities. “DoD’s cyberspace acquisition programs will reflect the adaptive nature of cyberspace,” as written in the DoD Strategy for Operating in Cyberspace report. They aspire to cycles as short as 12 to 36 months instead of 7 or 8 years.
DoD Publishes new Strategy for Operations in Cyberspace
DoD released its new Strategy for Operations in Cyberspace.
We have all seen parts of this before, the DoD has done a great job of providing their intention via the speeches and testimony of senior leaders as well as articles published in leading journals. So those who track cyber security strategy will find few surprises in the document.
Overall: I give this document very high marks for capturing the framework of actions that need to be accomplished to enhance DoD security.
Hacker Group Steals more than 90,000 Military Emails
A spin-off of the Anonymous group have published 90k military email and addresses stolen from the servers of Booz Allen Hamilton. The information is publicly available and said to include: “login information of personnel from US CENTCOM, SOCOM, the Marine Corps, Air Force facilities, Department of Homeland Security, Department of State and other private sector contractors.” These attacks are likely to continue — and it is imperative that defense contractors adequately secure their data.
DoD tackles security challenges of mobile computing
As pressures increase for DoD to adopt mobile communications capabilities. There are various guidelines such as STIG to provide guidance to agency adopters and DIACAP to provide accreditation and certification for manufacturers. Manufacturers need to add encryption to their devices in the future — and without encryption they will not be usable devices.
GAO calls Defense ISR programs fragmented, wants tougher management
A GAO study entitled “Intelligence, Surveillance and Reconnaissance: Actions Are Needed to Increase Integration and Efficiencies of DOD’s ISR Enterprise,” warns that the department must improve control over disparate ISR efforts to provide efficient and effective ISR support to military. With different oversight and command and control mechanisms — there is no clear chain of command nor oversight in the ISR realm.
Tight defense budgets could yield better cybersecurity, information sharing
DoD budget struggles could lead to streamlined cybersecurity efforts and shared capabilities. Mark Orndorff of DISA said budget problems are a great motivator for services to work together (instead of replicating each other’s capabilities).
DoD’s Services moving toward Cloud
The DoD is moving the following services to the cloud under Vivek Kundra’s cloud migration reform:
- Multimedia Portal
- Application development and testing environment
- Trip Cost Estimator
Teri Takai’s Initiatives and Focuses for CND
- Insider threats: detecting anomalous behavior to detect threats originating from within organizations;
- A set of pilot programs in the defense / industrial base: “We’re getting fantastic results,” said Takai, noting that the pilot programs are uncovering thousands of incidents;
- A Federal-wide supply chain risk management strategy, including a working agreement signed yesterday between Defense Secretary Gates and Homeland Security Secretary Janet Napolitano in the area of cybersecurity.
Additionally Takai is working to provide mission-oriented focus to the transition to the cloud. Lastly, she is concerned with the prevalence of commercially available products and is looking to integrate them “holistically.”
DoD Releases Open Source Development Guide
The DoD has released a development guide for using open-source and open-standards technology to develop software in the US military. The guide is entitled “Open Technology Development: Lessons Learned and Best Practices for Military Software.” This hopes to “help U.S. government personnel and contractors implement open technology development (OTD) for software within government projects, particularly in defense.”
DARPA seeking more resilient Cloud Infrastructure
DARPA is seeking to develop cloud-computing-based infrastructure that builds resiliency directly into the network to more effectively support military missions. Through a project called Mission-oriented Resilient Clouds (MRC), DARPA intends to build a cloud-based network that will survive cyber attacks.
DoD not ready for total cloud migration, via CIO
DoD CIO Teri Takai cautions against jumping too quickly into the cloud environment with today’s technology because she doesn’t feel it is ready from a security perspective. The move requires help with strategy, infrastructure, and implementation. They are at stage one of cloud roll out — and need industry help to move to more advanced stages.
DoD working with industry on automated network intrusion defense system
The DoD is research capabilities similar to DHS’ Einstein 3. Active defenses are the future of cyber defense, and the results on this 90 day pilot will indicate the direction DoD takes in the future.
Congress asks to Review DoD contracts with HBGary, Palantir and Berico
Just like for NSA, it is important when the regulatory eye is cast upon cyber activities. This will force regulation to occur to really define where DoD operates and where DHS operates in the cyber domain.
Deputy Defense Secretary states Military must be capable within “Cyber” domain
In his keynote Tuesday at RSA Conference 2011, U.S. Deputy Secretary of Defense William Lynn III said the Department Of Defense (DoD) is set to soon complete a new cyber security strategy that will explicitly recognize cyberspace as a new and official warfare domain. Dubbed Cyber 3.0, it charges the military with defending government networks just as it defends land, sea and air. Cyber 3.0 is also an extension of theU.S. Cyber Command Initiative that kicked off in 2009.
“To be successful, I believe we need to pursue several avenues of industry-government cooperation,” Lynn said. Lynn said cyber-attackers have noticeably stepped up their game in recent years, and the military’s concerned not just about military and government networks. “Commercial intellectual property has been stolen from business,” said Lynn. “These attacks blunt our edge, saps our competitiveness in the global economy.”
SECDEF Gates signs “Strategic Communication and Information Operations in the DoD” Memorandum
Signals that Pentagon executives are emphasizing need for reform of interagency strategic communication in the military I/O. This memo has ten substantive paragraphs each with corresponding points. Full memorandum is here.
Pentagon, Industry to swap cybersecurity experts
The Department of Defense (DoD) is launching a pilot program to exchange cybersecurity experts and other IT personnel with private industry to improve information sharing and beef up the nation’s cybersecurity defenses.
The program would involve temporary assignment of DoD cybersecurity experts to companies and private sector experts to the Pentagon. “This Pilot is envisioned to promote the interchange of DoD and private sector IT professionals to enhance skills and competencies”, according to an interim final rule published in the Federal Register.
TCS takes DoD personnel to school for cybersecurity training
TeleCommunication Systems Inc. has won a five-year Defense Department contract worth approximately $49 million for computer training assistance.
Under the terms of the award, TCS will provide the DOD’s military and civilian personnel with on-site computer network operations training in support of the government’s cybersecurity workforce development efforts, a key Obama administration initiative and a priority for White House Cyber Security Coordinator Howard Schmidt, the announcement states.
DoD + DoE to join together on Renewable Energy – Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)
The Pentagon is attempting to create a project that will provide energy sources that are protected from cyber security attacks. The intent is to create an installation level “microgrid” that is separated from the traditional grid (and thus protected from standard attacks). SPIDERS will provide an option for important DoD and other secure facilities.
DHS, DoD work to combat Cyber Threats Together
DHS and DoD recently signed agreement in which they will exchange personnel. DoD will share cyber analysts at the DHS National Cybersecurity and Communications Integration Center (NCCIC), while DHS, will send a senior staffer — as well as a team of DHS privacy, civil liberties and legal personnel — to work at NSA. CYBERCOM is definitely a target for civil liberties concerns, and can use DHS help here.
- A reorg underway on the OSD staff will result in the functions of ASD NII moving to other organizations. ASD NII will go away.
- DOD CIO functions remain at OSD staff, however a major shift of non-core IT capabilities to DISA is underway
- Most IA functions, including staffing of key policy, will go to Cybercom
- “It is DoD policy to establish a comprehensive approach for protecting unclassified DoD information transiting or residing on unclassified [Defense industrial base] systems and networks and create a timely, coordinated, and effective partnership with the [Defense industrial base],”
- All of the DoD agencies are recruiting heavily for cyber. General Alexander believes that instead of the traditional rotation, cyberwarriors need to stay in place and continue operations. Additionally, it is important to ensure that training is the same across the DoD – that USMC/Army/Navy/Air Force all receive the same quality and standard of training. “I am optimistic we will get the force we need,” he said. He has also stated that: “We are pushing on the services to go faster to bring those forces in. If I would tell you my greatest concern is moving fast enough to provide a capability to defend our networks in time if a crisis would occur. We see that as our number one mission: be ready. Right now we have to build that force to get there. That is going to take some time. We have some force structure, the services have leaned forward on that and they are presenting some capabilities. We are moving down that road.”
- Gen Alexander advocating for creation of “secure, protected zone” in which critical infrastructure like the financial industry, the power grid and the defense industrial base would operate on the Internet.
Key issues of priority interest to DoD:
- Day to day cyber defense
- Accountability of actions
- Partnering in government and out of government
- Supply chain protection
- Hygiene of networks and computers
- Network sensors and their architecture
- Active defense conops and technologies
- Hunting in networks
- Gaps in ROE
- Ability to support defense in .gov
- Ability to support defense in .com
- Enhanced work with allies
- Optimization of Enduring Security Framework
- Strategically aligned R&D
- Linkages to Space
- Issues of attack
- Issues of intelligence
- Doing more with decreasing budgets
- Building the cyber thin line
- Modeling and Simulation of the enter capability
- Enhance survivability
- DoD Publishes New Strategy for Operations In Cyberspace (bobgourley.com)
- 3/28/2012: The DoD, the DHS, Losing in Cyberspace, and More (fedcyber.com)
- Office of the DoD Deputy Chief Management Officer and their Agility Forum (ctovision.com)
- CISPA Passes in the House, 3D Modelling of DoD Networks, and More (ctovision.com)
- Avoiding Cyber Threat Amnesia (ctovision.com)
- DOD Announces the Expansion of Defense Industrial Base (DIB) Voluntary Cybersecurity Information Sharing Activities (ctolabs.com)
- Cyber Defense Strategies Expert James Ryan to Speak at U.S. DoD Cyber Crime Conference (prweb.com)
- Congress To Amend NDAA To Give DoD & NSA Greater ‘Cyberwar’ Powers (waronyou.com)