9 May 2015

US Navy Expanding Its Cyber Attack and Defensive Forces

Joe Gould

US Navy Cyber Launches Strategic Plan

WASHINGTON — The commander of US Navy Cyber announced a five-year strategy, and like the Pentagon’s cyber strategy announcement two weeks earlier, acknowledged the dire need for talented workers with the skills to fend off the nation’s foes.

Vice Adm. Jan Tighe, who assumed command of Fleet Cyber Command/10th Fleet a year ago, said the US Navy is strengthening its ability to defend against intrusions, launch offensive cyber weapons and field 40 cyber mission teams — a task that is halfway done.

Cyber Strategy Relies on Deterrence, Industry

“You don’t get there from here unless you invest in the capacity pieces,” Tighe said of the Navy’s offensive cyber ambitions, “and that’s essentially what the cyber mission force has done; it’s granting capacity.”

The strategy re-conceptualizes the network as a “war-fighting platform,” which in real terms means assuring awareness, control and security of its networks. The plan comes after Iran reportedly breached Navy networks in 2013, though Tighe said there had been no such breaches since.

“We’ve got to be able to prevent the intrusion in the first place, and if there is an intrusion, respond to prevent lateral movement inside our network,” Tighe said. “How often are people trying? How successful are they? We don’t necessarily have those measures looking back historically as I would like to have them.”

The Navy also plans to deliver offensive cyber “effects,” for use by regional combatant commanders and the national command authority, and those need to be matured, Tighe said. Asked what an offensive cyber weapon might do, she contrasted cyber weapons with missiles, saying cyber weapons can have unpredictable effects and require very unique skills to operate.

Threats ranging from criminal to nation-state adversaries have reached such a volume that the Navy is hard-pressed to rapidly sort significant attacks from what Tighe termed “background noise.” The command has been investing in new defensive tools, though there continues to be a need for network sensors and other tools with the “analytic horsepower” to discriminate, prioritize and respond, she said.

The goal is for cyber sailors to understand their networks like a home field, detect adversary activity and respond. If an intrusion is significant enough, the command would assign a cyber protection team.

Key to achieving Navy’s cyber goals is to staff the teams, intended to be made up of roughly 1,000 active, reserve and civilian workers. The Navy is midway through the effort, Tighe said, with plans to define the precise requirements for her cyber workforce, which in turn will inform recruiting and training efforts.

“One-third of my total workforce is civilian today, and it’s an operational workforce,” Tighe said. “I depend heavily — for maneuvering my networks, defending my networks — on a civilian population, which is different from other warfare areas, and it’s something people have to get used to.”

The process of building the teams began in 2013 and will stretch into 2016, as the Navy, with US Cyber Command, ensures the appropriate assignments, training and unit mission-readiness certifications. The pool includes cryptologists, intelligence specialists, information systems technicians and information dominance officers.

“It’s not single skill set or work role, we have to bring them together as a team,” Tighe said. “We’re leveraging the skill set they come with and giving them specific training for the way the team is operating, or the new way, in some cases, the team is operating.”

No comments: