9 November 2015

DoD still 'working through' cyber strategy implementation

Amber Corrin, 
November 5, 2015 

The Defense Department's cyber strategy released earlier this year outlined several overarching goals, fleshed out narrower objectives and plans for implementation, and hit on a number of Pentagon cyber ambitions. Now, six months after the strategy's late-April release, DoD officials are working to carry out its directives.

One of the central parts of the strategy is the direction of significant authorities to a newly appointed principal cyber adviser (PCA). Mandated in the 2014 National Defense Authorization Act and emphasized in the 2015 strategy as an integrator and supervisor for DoD's evolving cyber forces, policy and operations, the PCA is responsible for convening an interdepartmental cyber team and a senior executive forum, improving management of cyber budgets, developing cybersecurity policy and framework, and conducting an end-to-end assessment of DoD cyber capabilities.

The role is referred to numerous times in the document and plays a key oversight role for U.S. Cyber Command and Joint Force Headquarters-DoD Information Networks.

"The creation of principal adviser cyber shows the importance and demonstrates the commitment" of the Pentagon to the cyber domain, said Andrew Heighington, executive director, Office of the Principal Cyber Adviser to the Secretary of Defense. "There's no one organization that can do this alone. That's why the PCA was stood up, to look past organizational lines to ensure consistency across gaps and ensure [a holistic] approach to cyber…we're going to take [the strategy's] push to create, codify, sustain and institute what needs to get done in cyber."

Heighington spoke during an online conference hosted by Carahsoft, held Nov. 4.

Since stepping into the PCA role in January, Heighington has been coordinating across DoD to establish, manage and integrate cyber governance at the Pentagon. He's also working on implementing the 47 objectives laid out under the strategy's five strategic goals, including by assigning leads and supporting components for each objective.

"We're working very closely with the components at all levels – at [Office of the Secretary of Defense], the Joint Staff, CyberCom, Joint Force Headquarters-DoDIN and the Defense Information Systems Agency to advance the objectives in the cyber strategy," he said. "We've gone and established the lead and supporting roles for [the 47] objectives, including participation from JFHQ-DoDIN where relevant to their mission, and the other components. That participation at the strategic, tactical and operational levels is key to driving the performance of the strategy."

No comments: