Navy looks for layered 'fishing nets' of cyber defense

ONR official also calls for more automated cyber tools that can provide proactive detection and defense.

Acknowledging that there is no magic bullet to defeat all cyber intrusions, the Navy—and the Defense Department in general—are looking for layered cyber technologies that can at least make it hard for enemies to get into networks.

Speaking at a breakout session at the Intelligence and National Security Summit on Sept. 18, Rear Adm. Matthew Klunder, chief of Naval Research and director of Test and Evaluation and Technology requirements at the Office of Naval Research, highlighted the types of cyber tools the Navy is looking for.

For the Navy, future cyber systems will have to increase self-awareness, proactive detection and proactive defense, Klunder said. As adversaries use increasingly asymmetrical attack techniques, Klunder said he believes that a multilayered approach is most effective approach for catching and mitigating intrusions.

Klunder likens cyber defenses to how fishing nets work—despite having holes, or vulnerabilities, the net can still catch intrusions. And increasing the number of nets makes it more likely that the Navy can prevent critical attacks.

“There can be lots of little holes in our cyber domain from a defensive standpoint, but I think if we looked at it properly and built in multilayer approaches with multiple fishnets, I think we can make it exceptionally hard for the adversary to get in and penetrate our systems,” he said.

“The point is, we can build additional layers, we can catch those intrusions,” Klunder added. “It depends on how many we want to catch and which ones we’re willing to accept—potentially through a gateway and then [we can] enclave and sever and do my dynamic reconfiguration.”

Cyber tools will also have to be more autonomous—ships have limited crews and even fewer sailors that are trained in cyber skills. In order to quickly recover from an attack, systems will have to operate with minimal manual input.

“I need to make sure I can rapidly heal and I can rapidly reconnect and dynamically reconfigure. I think most people get that, but you’re talking about warfighting—you're talking about combat systems and command and control systems. I gotta do that pretty quickly—that's not something I can wait about an hour to fix.”

In addition to conducting cyber research and development, the Navy has formed teams that specifically tackle cyber security issues. Formed by Space and Naval Warfare Systems Command earlier this year, the Cyber Readiness Team has been working to keep the fleet up to date on requirements and security.