The complexity of the cyber security threat and the Army’s continuing struggle to deal with it were discussed in detail Oct. 23 by a panel of senior Army officers and two industry experts.
Key issues and concerns included who has the authority to do what in defensive or offensive cyber operations, how does the Army obtain the right people to handle the issue, what role is there for the reserve component and even the basic question of whether cyber really is a domain similar to the air, sea, land and space domains in which the Army has operated for centuries or decades.
The complex and controversial subject was the focus of a forum on Building the Army’s Cyber Forces on the final day of the Association of the United States Army’s Annual Meeting and Exposition at the Washington Convention Center.
A note of grim reality was provided by Charles Croom, the vice president for Cyber Security Solutions at Lockheed Martin, who said he was “not sure there is any game-changer technology” that could resolve the cyber security threat overnight.
Another sobering observation was offered by James Young, the Army Account Executive for Google Enterprise Transformation, who cited studies showing that the best cyber security operatives were people who had a musical background and “most of them have pony tails. That could be a challenge for the Army.”
Four of the Army officers on the panel represent cyber security units, including Lt. Gen. Edward Cardon, commanding general of the Army Cyberspace Command, and Brig. General-select Jennifer Buckner, commander of the new 780th Intelligence Brigade.
Cardin said his focus was on “the integration of cyber into all domains of Army operations.” To do that, he said, he needed to find the right people and needed the support of industry.
Buckner said her brigade “represents the Army’s operational cyber force. We are in contact every day, in the fight every day.”
Buckner also emphasized the need to obtain good people and said “we invest in them.”
But, she added, she had been told that what was needed was a “Google-like atmosphere inside the Army,” and acknowledged that could be “a challenge.”
An officer in the audience raised the question of who has the authority to conduct cyber operations, noting that the cyber threat can affect every echelon of the operating force.
Lt. Gen. David Perkins, commanding general of the Combined Arms Command, who brought a warfighters’ and a doctrinal perspective to the debate, described cyber as just one of the domains in which the Army operates and equated cyber ops with other traditional combined arms capabilities.
While acknowledging that the question of responsibility “comes up a lot,” Perkins was not able to provide a clear explanation of what authority commanders at various levels had.
That uncertainty could be a reflection of the fact that the national government has not adopted a clear policy on cyber operations, including determining whether a cyber attack is an act of war, what is the proper response and who can initiate that.
Perkins warned that trying to separate the domains creates seams, which an enemy will exploit.
The discussions on how to protect vital systems and networks from intrusion also provided no clear answers.
Young advised steps to “reduce the attack surface” open to cyber intrusions and warned that trying to protect everything would fail. The problems becomes more acute as the services move to more integrated systems, he said. “A single bug in one line of code in one system affects all.”
Croom argued that humans were incapable of dealing with the possible extent of the threats and said a partial solution was automated systems that could detect and respond to attacks.
Brig Gen. Alan Lynn, vice director of the Defense Information Systems Agency, proposed a standard security suite in all DoD systems that would send out real time alerts to everyone.
Brig. Gen. George Franz, current operations director for the Cyber National Mission Forces, said to defend the networks, “you have to go outside the networks” to engage the threat sources.
Another challenging issue was how to protect the sensitive networks from insider attacks, such as those from Edward Snowden and former Army Specialist Bradley Manning.
Croom said as a supplier of defense systems Lockheed is concerned about protecting its secrets and they have turned some of their security efforts inward, which “lets people know they are being watched.”
Lynn said the Army has plans for future systems that would monitor individual’s behavior and send alerts if that behavior changes, such as looking at different sites or downloading large amounts of data.
The question of whether the National Guard or Army Reserve will have a role in cyber security is being examined, the Army officials said. There is the problem of the length of schooling needed, but the possibility that reservists could bring civilian expertise to the task.