[ISN] Defense domain, civilian awareness

From: InfoSec News (alerts@private)
Date: Thu Jan 25 2007 - 22:30:52 PST


By Patience Wait
GCN Staff
01/22/07 issue

The world of combat has expanded to include cyberspace as a battlefield. 
Two men are now responsible for protecting the United States in 
cyberspaceAir Force Lt. Gen. Robert Elder, who heads the Pentagons 
strategic efforts in waging cyberwar, and Gregory Garcia, who handles 
the defense of the nations cyberassets.

Garcia is the first assistant secretary for cybersecurity and 
telecommunications at the Homeland Security Department. It is he who 
worries about how to prepare American societygovernment, commercial 
interests and individual citizensto protect themselves from assaults on 
their electronic assets, whether home computers or nationwide networks.

The White House appointed Garcia, a former vice president for 
information security programs at the Information Technology Association 
of America trade association in Arlington, Va., in September. His former 
colleagues were pleased with the pick, but did not hesitate to suggest 
his priorities.

I think the first thing is to do the job of making the department more 
aware of cyber issues and of being a champion for cybersecurity, said 
Joe Tasker, ITAAs senior vice president of government affairs. Were now 
at a place where 90 percent of American businesses are on the Internet 
... The ubiquity and power of the networks is becoming inescapable.

On the offensive side of the equation, Air Force secretary Michael Wynne 
made it clear when he approved the creation of a Cyber Command that 
combat already is taking place in cyberspace.

[T]he cyberspace domain contains the same seeds for criminal, private, 
transnational and government-sponsored mischief as we have contended 
with in the domains of land, sea, air and now contemplate as space 
continues to mature, Wynne said in November. In cyberspace, our 
military, America and indeed all of world commerce face the challenge of 
modern-day pirates, of many stripes and kinds, stealing money, harassing 
our families and threatening our ability to fight on ground, air, land 
and in space.

Elder, commander of the 8th Air Force, based at Barksdale Air Force 
Base, La., is the first head of the Cyber Command. The 8th Air Force 
already had many cyberspace capabilities, including intelligence, 
surveillance, reconnaissance and electronic warfare, and the creation of 
this major command gives Elder the responsibility for creating 
cyberspace warriors, who can react to any threats 24/7, he said.


GCN: What are your two or three top priorities for establishing this new 
ELDER: Our first priority is to establish cyberspace as a warfighting 
domain, characterized by the use of electronics and the electromagnetic 

Today, cyberspace operations are generally viewed as network operations, 
information operations, or use of the Internet as an enabler for 
military operations in physical domains. The Air Force now recognizes 
that cyberspace ops is a potential center of gravity for the United 
States and, much like air and space superiority, cyberspace superiority 
is a prerequisite for effective operations in all warfighting domains.

Our second priority is to present Air Force cyberspace forces and 
capabilities to U.S. Strategic Command for their global missions, and to 
other combatant commanders through their Air Force component commanders 
for theater operations. This includes establishment of a 24/7-air 
operations center.

Our third priority is to develop a plan to organize, train and equip the 
Air Force to effectively conduct cyberspace operations. We intend to 
build capacity to conduct cyberspace operations across all aspects of 
[doctrine, organization, training, materiel, leadership and education, 
personnel and facilities]. We must develop a robust capability to manage 
risk for operations in cyberspace.

GCN: Can you elaborate on the role the Air Force will play in providing 
cybersecurity, and how it relates to the roles of other governmental 
offices (civilian and DOD)?
ELDER: There are many government agencies involved in cybersecurity. Air 
Force Network Operations is the service component to the Joint Task 
Force-Global Network Operations and will continue in that role.

However, as a warfighting domain, cyberspace is much more than computer 
networks, it is a domain characterized by the use of electronics and the 
electromagnetic spectrum. Although we didnt call it cyberspace before, 
weve been operating in this domain at least since World War II, with 
radar, chaff curtains and telephone networks. ... Superiority in 
cyberspace will be defined in much the same way as we define air or 
space superioritymaintaining freedom of action for the United States and 
its allies, while denying freedom of action to our adversaries.

Our Air Force command-and-control networks and other cyberspace 
capabilities must be capable of operating in a contested environment, 
and we will seek to deny the advantages cyberspace provides to our 
adversaries. Air Force Cyberspace Command will focus its efforts on 
military operations in and through cyberspace, but in support of 
JTF-GNO, will work closely with other government agencies. ... [We] will 
be postured to support homeland security, critical infrastructure 
protection and civil support operations using cyberspace.

GCN: Establishing this command implies there are real threats in 
cyberspace. Can you describe whats happening on this frontier?
ELDER: Our adversaries operated in cyberspace in the past, are doing so 
today, and will do so even more in the future. Your readers are well 
aware of the attacks they experience with their networked computers 
every day. The Air Force cant afford to disconnect a 
[command-and-control] system to purge itself of malware; as a result, we 
are very aggressive in our efforts to protect and defend these networks.

Al-Qaida coordinated the 9/11 strike with international and cellular 
communications, and they trained their pilots on simulators. 
Additionally, there are now hundreds of anti-U.S. Web sites, including 
ones actively used for planning and coordinating attacks on U.S. 
interests, and our adversaries can communicate freely via text messaging 
and e-mail. If we can establish cybersuperiority, we can inhibit the 
adversarys ability to use cyberspace as an enabler.

We have very few peer competitors or entities with similar capabilities, 
in air, on the ground or at sea. However, we have many potential peer 
competitors in cyberspace due to its low entry costs. And the 
cyberdomain is also very attractive to both state and nonstate rogue 
actors because of its potential to achieve high-impact effects with low 
probability of detection or retribution. We cant afford to lose the 
initiative in this area.

Our dependence on cyberspace demands an even greater emphasis on our 
ability to ensure freedom of maneuver in the domain. This will entail 
more than just sitting guard at workstations. It will mean approaching 
the problem just like we approach defending other physical domains. We 
need to be prepared to operate in cyberspace while our dominance is 
being contested.


GCN: As the first assistant secretary for cybersecurity at Homeland 
Security, a lot of folks in the business community have high 
expectations for you. What are your immediate priorities?
GARCIA: The first is that this function, cybersecurity and 
telecommunications, is going to lead in the national effort to prepare 
... our networks, our information and communications systems, [to] make 
them more robust against cyberattacks.

Second, when incidents do happen, we need to have a strong, national 
coordinated response capability ... in partnership with the private 
sector, a strong level of incident response that links over to state and 
local first responders. Over time, the next year or so, Ill be working 
toward really integrating cyber and communications functions to better 
reflect the convergence thats taking place in the marketplace. Were 
looking to secure both the pipesthe transportand the contentthe info.

Finally, the third strategic priority is to build awareness. This 
function is a bully pulpit. I want to help develop a well-informed 
public at both the enterprise level and individual consumer level. ... 
Thats a matter of getting out and talking, doing a lot of talking.

GCN: Does it really make a difference whether this is done at the 
assistant-secretary level or lower in the DHS organizational chart?
GARCIA: It has made a difference already, just simply by virtue of there 
being somebody at this level. It sends a clear [message] of the priority 
that this administration places on cybersecurity, communications 
security. I have briefed the secretary a couple of times now; he is 
engaged and considers this a priority.

GCN: How have you been working on these priorities?
GARCIA: One of the first things that I pushed for, and that were close 
to having done now, is co-locating the U.S.- Computer Emergency 
Readiness Team (CERT) and the National Coordination Center, the 
communications industry/government partnership for watch and warning. 
Thats going to facilitate the information sharing we need between 
industry and government [and] build our incident response capability. 
... That is one of the reasons I was brought on to DHS, in recognition 
of my strong ties with industry.

A couple of the high-level things we really need to do [are] work with 
[the Office of Management and Budget] to raise the bar for federal 
agencies, to strengthen all of our security.

Secondly, [we need to] really work with the private sector to get that 
coordinated incident response capability that we need to be able to move 
quickly and decisively. [And] we need a mature, real-time information 
sharing capability.

GCN: What are the pitfalls, the things you worry about?
GARCIA: The threats are constantly evolving against our cyber and 
communications infrastructure. Were going to build upon this shared 
responsibility ... by industry, by governmentall levels of governmentby 
consumers [and] academia. And if we can put in place the structures and 
systems that will prepare us and deter against those threats, [if we] 
build incident response capability and awareness, then well be better 
able to protect ourselves. The pitfall is that we dont reach the level 
of partnership that we all know is necessary.

The one thing that I worry about is lack of awareness. I think that will 
be one of our biggest challenges, to be able to articulate ... how 
important everybodys role is, that one computer or one network of 
computers can be the portal through which an attack is launched.

Subscribe to InfoSec News

This archive was generated by hypermail 2.1.3 : Thu Jan 25 2007 - 22:56:14 PST