Navy sets course on new cyber strategy

The five-year plan maps out a vision for protecting fleet networks from internal and external threats.

On the heels of the Defense Department’s recent release of its updated cyber vision, the Navy is following suit. This week, Vice Adm. Jan Tighe, commander of the U.S. Fleet Cyber Command/U.S. 10th Fleet, released the Navy’s Strategic Plan for guiding the service for the next five years in the cyber domain.  

The document echoes sentiments that many DOD officials have shared recently with members of Congress – that the Navy’s “longstanding technology advantages (superior intelligence and network technologies) are eroding steadily” and that most adversaries are exploiting “information-based capabilities and technologies for their own use.” 

The strategy addresses both internal and external threats. Notably, the plan says that “our users don’t yet fully appreciate how their online behavior can compromise network security if they’re not careful. Meanwhile, our adversaries are rapidly acquiring sophisticated tools, plus the knowhow to use them. Success for us means winning every day; success for adversaries can result from a single score.”

Cultural changes such as greater education and better “cyber hygiene,” something the 2011 DOD cybersecurity strategy touched upon, can help reduce risks. Poor hygiene can lead to breaches such as a group of Russians gaining access to a White House network in an attack that started when a State Department employee opened a phishing email. 

The strategy also places greater importance on all-source intelligence in protecting networks. It compares network defense to the intelligence, surveillance, and reconnaissance (ISR) used in protecting a carrier strike group. “In like manner, we leverage all-source intelligence to arm our network defenses and inform network maneuvers,” and use “layers of sensors, analysts, hunters, and other countermeasures to achieve an active, maneuverable defense,” it says. The strategy makes a special note of identifying the important role of signals intelligence (SIGINT) in online and cyber operations.  In concert with the National Security Agency, the Navy’s 10th Fleet will partner to collect and share SIGINT to support joint commanders and support of maritime operations, which has received a great deal more attention recently.    

The new strategic plan also hits on the importance of providing options for both kinetic and non-kinetic responses. “We must deliver warfighting effects, as well as the capabilities to achieve those effects, across a full spectrum of operations, including cyber, electromagnetic maneuver warfare, and information operations,” the strategy states. As the cyber realm becomes a fully operational domain, nonkinetic options could become more common. This can include cyber retaliation or deterrent diplomatic and economic options such as sanctions.

The document contained five strategic goals the Navy’s cyberspace, electromagnetic spectrum and space command division in achieving information dominance in the next five years: operate the network as a warfighting platform; conduct tailored signals intelligence; deliver warfighting effects through cyberspace; create shared cyber situational awareness and; establish and mature Navy’s Cyber Mission Forces. Each strategic goal was accompanied by an 18 month progress indicator to help keep track of short-term achievements. As such, the document also includes a section devoted to execution management because, the strategy states, “Many organizations struggle with executing their strategic plans. We intend not to be one of them.”