Greater cooperation needed to defeat cyber enemies

Vice Adm. Carl Mauney, deputy commander for the U.S. Strategic Command, makes few bones about it. Given the alarming growth of advanced intrusion efforts, cyber warriors must cooperate and focus more clearly on information assurance.

Mauney was in Washington, D.C. last week addressing the Network Centric Warfare 2009 conference. Attendees included U.S. and foreign military officers, government officials and industry executives.

STRATCOM directs the operation and defense of the military’s gigantic Global Information Grid. The grid executes cyberspace operations and strives to “identify new technologies and capability gaps,” Mauney said. Information assurance is a large part of its work and is dauntingly complex as the GIG interweaves among of the combatant commands, service branches and defense agencies, he said.

Also complicating cyber sleuths’ lives is the world’s billions of eye-blink-fast interconnected computers. But keeping up is vital. “Cyberspace has become a warfighting domain like land, sea, air, space,” Mauney told attendees. “And in light of growingly astute cyber enemies, it’s in our interest to maintain freedom of action,” he said.

However, he cautioned, “It can’t be done in isolation.” There’s a “compelling need to integrate all elements of cyberspace operation and to [move] at net speed.” This is because the DOD on a daily basis faces millions of denial-of-service attacks, hacking, malware, bot-nets, viruses and other ruinous intrusions, some of which are associated with nations and nation-states, he said.

Recent hostile penetrations in Estonia and Georgia, for example, require changed thinking, he said. While championing STRATCOM’s aggressive monitoring for intrusions and its dynamic posture, Mauney said, “We must take action.”

What is needed is “a focus on accountability, from leadership to the user level. Our mindset needs to reflect the way we treat other military systems,” he said. “We don’t accept substandard performance in maritime, air and ground ops — and this is no different.”

Another important step is to establish an unambiguous and clear command and control structure, Mauney said. “The GIG’s complexity only makes it more important that command structure be precise to allow unity of effort and unity of command,” he said.

STRATCOM “cannot do it alone,” Mauney said. “[We] will depend on the support of the other combatant commanders and all the services.” Thus, resources and priorities have to shift and synchronize, he said. “To operate at net speed, our technology must develop and implement dynamically.” Another must is “visibility across the network,” because it permits speedier responses, Mauney said.

To keep the edge in net-centric operations requires “cooperation across the government: the DOD, Homeland Security and our interagency partners,” he said. Cyberwork is a team sport; it takes close synchronization of actions and capabilities.”

The nation urgently needs “a robust and enduring network security posture where defense complements and is complemented by diplomacy, homeland security and law enforcement just to name a few,” Mauney said.

STRATCOM, though, seeks not just interagency cooperation, but additional personnel. Mauney concedes there are too few adequately trained members of the cyberforce. They need planners, software developers, intelligence pros and network operators, he said, “personnel who will perform their primary mission and interface with all the other combat commands,” Mauney said. “It’s demanding but fulfilling work,” he added.

After all, he concluded, “cybersecurity is a national security problem for the United States.”