New northern cyber division has threefold mission

A new cyber division, jointly managed by the North American Aerospace Defense Command (NORAD) and U.S. Northern Command’s (Northcom) Operations Division, is up and running after approval by Defense Secretary Leon Panetta earlier in May.

The U.S. Northern Command Joint Cyber Center (JCC) has three main missions: improving cyber domain situational awareness, improving the defense of the commands’ networks, and providing cyber consequence response and recovery support to civil authorities upon request, according to an announcement from the joint center.

Related coverage:

3 factors inhibit DOD cyber infrastructure defense

US combatant commands to receive offensive cyber capabilities

The division includes members from the intelligence, operations, and command and control systems divisions as well as a four- to 12-person Cyber Support Element from U.S. Cyber Command. It also will work closely with action officers from the plans, training and resources divisions as well as the Homeland Security Department and other agencies.

JCC will be fully operational within 10 months, said Air Force Col. Bob Wright, NORAD and Northcom JCC chief. “Once established, we’ll identify possible threats in the cyber domain and address each of these threats in close collaboration with our mission partners,” Wright said.

The U.S. Cyber Command centralizes command of cyberspace operations, organizes existing cyber resources and synchronizes defense of U.S. military networks. NORAD is a United States and Canada binational organization for aerospace and maritime warning and aerospace control for North America. Northcom plans, organizes and executes homeland defense and civil support missions.

The joint operation is one of several ongoing efforts to shore up the nation’s cyber defense.

Earlier this month, the Defense Department expanded a public-private partnership program to share cyber threat “Secret” classified information it has saved on private computer networks with all of its eligible contractors. 

Also, late last month the House of Representatives passed several cybersecurity bills: The Cybersecurity Enhancement Act of 2011, H.R. 2096; the Advancing America’s Networking and Information Technology Research and Development Act of 2012, H.R. 3834; Cyber Intelligence Sharing and Protection Act; and the Federal Information Security Amendments Act, GCN reported.

The Senate, meanwhile, is considering several cybersecurity bills that differ on who would have primary responsibility for protecting the nation’s critical infrastructure. The Cybersecurity Act of 2012 introduced by Sen. Joseph Lieberman (I-Conn.) would give responsibility to the Homeland Security Department while also setting some requirements for private industry.

Sen. John McCain (R-Ariz.), however, has argued that DOD should be in charge of infrastructure protection, and a Republican task force has recommended a more piecemeal approach to cybersecurity, with an emphasis on information sharing, rather than regulation, and no oversight role for DHS.

None of the bills in Congress seem likely to become law anytime soon, however.

In March 2011, Gregory Wilshusen, the Government Accountability Office’s director of information security issues, told a subcommittee of the House Homeland Security Committee that the federal government continues to face significant challenges in protecting the nation’s critical cyber infrastructure and federal information systems.