Retour aux nouvelles

14 juillet 2020 | International, C4ISR, Sécurité

Cyber Command’s measure of success? Outcomes

A U.S. Cyber Command official said that when they examine whether any given operation or even when a strategy has been successful, they're not looking at metrics, but rather outcomes.

“It's really about: have we enabled the collective defense of the nation,” Maj. Gen. John Morrison, Cyber Command's outgoing chief of staff, told C4ISRNET in a July interview.

Roughly two years ago, Cyber Command and the Department of Defense started a paradigm shift for cyber policy and operations. The 2018 DoD cyber strategy tasked Cyber Command to “defend forward,” which is best described as operators working on foreign networks to prevent attacks before they happen. The way Cyber Command meets those goals is through persistent engagement, which means challenging adversary activities wherever they operate.

Part of the need for a change was that adversaries were achieving their objectives but doing so below the threshold of armed conflict – in the so-called gray zone – through cyberspace. DoD wanted to stop that from happening through more assertive cyberspace action.

Some in the academic community have wanted to see some way in which the command can measure the success of these new approaches. But Morrison explained that these outcomes, or intended effects during operations, could be enabling other partners – foreign or other agencies within the U.S. government – to take action in defense of the nation.

For example, he said that when Cyber Command teams encounter malware they haven't seen before, they share it with partners in government, such as FBI or DHS, which can lead to the greater national collective defense.

He also noted that building partnerships enables a sense of collective defense in cyberspace and can help significantly in the future against sophisticated adversaries.

Morrison will be replaced at Cyber Command by Maj. Gen. David Isaacson. It is unclear where Morrison is headed next.

The need for flexibility

As Cyber Command has gained more authorities in recent years, it has been able to conduct significantly more operations and different types of operations as well, Morrison said.

Throughout these missions, leaders have learned they must be flexible, be it in tactics, structure of teams, or the capabilities they need or develop.

“We have thinking adversaries that we go against every single day. That drives us to change how we operate,” Morrison said. “You change your tactics, techniques and procedures but that's also going to drive changes in how we train and what we train ... It drives how we do capability development and development of capabilities and the employment of those capabilities, which again ties back to training at a much faster pace in this space.”

Morrison noted that this includes how teams are organized. He explained the way defensive cyber protection teams were first envisioned when they were created in 2012-2013 is not at all how they fight now.

To keep up with dynamic adversaries, Cyber Command is keeping closer watch on readiness metrics developed by the command for its cyber teams. This is a framework that details standards for how teams are equipped, manned and supplied. Cyber protection teams were detailed first and now Cyber Command has readiness metrics for combat mission teams, the offensive teams that support combatant commands, and intelligence/support teams. Officials are still working through metrics for what are called national teams that are charged with defending the nation.

The command also needs to improve the way it feeds operational requirements into capabilities cyber warriors can use, Morrison said. This includes improving acquisition practices for both of the programs of record Cyber Command is executing through its Joint Cyber Warfighting Architecture — which guides capability development priorities and includes the Unified Platform and Persistent Cyber Training Environment — and the more rapidly developed tools needed on the fly.

“That's where you've got the ability inside the command now to rapidly produce that capability through a variety of means and get it into the hands of our operators as quick as possible,” he said.

In fact, the Army has begun to embed tool developers and coders alongside operators through the Rapid Cyber Development Network to more quickly meet urgent needs. This allows them in almost in near real time to develop or change tools to meet requirements.

“How do we do capability development in a much smoother fashion than we sometimes do today where we're able to rapidly assess, prioritize, resource operational requirements to produce a capability that we can then get back into the hands of our operators as quickly as possible,” Morrison said.

From these capabilities that are developed for shorter term needs, he said the key will be deciding if they want to move them into a program of record. Will it be a longer term capability, will it adjust tactics, techniques and procedures or training?

“We've got to work those pieces,” he explained.

On the longer term, program of record capabilities, he noted officials still want the iterative development associated with more software-centric systems as opposed to more traditional military hardware.

Integration with combatant commands

Cyber is much more ingrained in military planning and operations than it was in years prior, Morrison said, however, work remains.

There is now a closer link between the combatant commands and Cyber Command elements that plan, coordinate, synchronize and conduct cyber operations on their behalf, Morrison said, noting that they are still maturing.

These include the Joint Force Headquarters-Cybers‚ which are commanded by each of the service cyber component commanders, and plan, synchronize and conduct operations for combatant commands they're assigned to, and new entities being created called cyber operations-integrated planning elements. These are forward extensions of the Joint Force Headquarters resident within the combatant commands to better coordinate cyber planning with other operations for the combatant commander.

These entities all enable a greater central connective tissue from a Cyber Command perspective as they can feed from the theater level back to the command providing a global cyberspace picture.

“You have to take not only a regional view of anything that you're doing, but, when you can bring the power of a global enterprise behind it, that's a pretty powerful capability for our nation,” Morrison said. “We are in the process of building every one of our CO-IPEs but I definitely think that we are heading in the right direction, especially as [the CO-IPEs] get built and they integrate closer and closer with their supported combatant commands.”

https://www.c4isrnet.com/cyber/2020/07/10/cyber-commands-measure-of-success-outcomes/

Sur le même sujet

  • Airbus accélère dans les petits drones tactiques

    3 février 2023 | International, Aérospatial

    Airbus accélère dans les petits drones tactiques

    DÉCRYPTAGE - La filiale d’avions militaires du géant européen développe des engins peu coûteux. Développer de petits drones basiques et efficaces, mais peu coûteux. C’est l’ambition d’Airbus Military Air Systems, qui tire un des enseignements de la guerre en Ukraine. Des escouades de Bayraktar, un drone tactique turc de moyenne altitude, emportant jusqu’à quatre missiles à guidage laser capables de détruire des blindés, ont démontré leur efficacité. Ils ont aidé Kiev à stopper l’avancée des Russes sur la capitale et à couler le navire amiral Moskva, l’an dernier. Et cela pour un coût raisonnable, soit autour de 5 millions de dollars l’exemplaire.

  • US nuclear bases to get security networking upgrade from Persistent

    6 mars 2023 | International, C4ISR

    US nuclear bases to get security networking upgrade from Persistent

    The contract, involving the Persistent Systems Infrastructure-based Regional Operation Network, or IRON, is valued at $75.5 million.

  • Pentagon’s CIO shop teams with armed services to prep for move to JEDI cloud

    2 octobre 2020 | International, C4ISR

    Pentagon’s CIO shop teams with armed services to prep for move to JEDI cloud

    Andrew Eversden WASHINGTON — The Pentagon's top IT official said Wednesday that his office has spent the last few months preparing the armed services to migrate to the department's long-delayed enterprise cloud as soon as it becomes available. “We're doing a lot of work with the services on getting them prepared to move their [software] development processes and cycles to DevOps so when the [Joint Enterprise Defense Infrastructure] cloud finally does get awarded, we're not starting at Day One,” Dana Deasy, Pentagon chief information officer, said during a Defense Writers Group roundtable. The JEDI cloud contract was originally awarded to Microsoft over Amazon Web Services 11 months ago, and then was halted by a federal judge in February. Though the court case remains unresolved, Deasy said the services must now identify tools, integration environments and directories that need set up to connect users into the cloud when it's available. Despite the judge's decision, “that's all work that we can do because it sits inside our ownership all ready,” Deasy said. While the Department of Defense has faced criticism for its single-award structure, particularly as cloud technologies have advanced during the yearslong delay, Deasy insisted the JEDI cloud still fills a critical capability gap the department needs to deliver to the war fighter: data at the tactical edge and DevOps. The JEDI cloud is the platform the department still envisions for those needs and is an important piece of the Joint All-Domain Command and Control concept, an initiative through which the services want to connect sensors and shooters. Deasy said the DoD has solutions in place to form that connection, but still needs “that tactical cloud out at the tactical edge.” “JADC2 is going to point out, time and time again, about the need of being able to swiftly bring data together. And guess what? That data is going to be of different classifications, and bringing that together in a cross-domain way in a very quick-to-need [way] is something that is still a need we have across the Department of Defense that JEDI was specifically designed to solve for,” Deasy said. Cloud, data and artificial intelligence are core elements to enabling JADC2. Using data for joint war fighting is the top priority of the department's forthcoming data strategy, which Deasy said he expects will be released in the next 30 days. The department has a lot of data, but it is not necessarily prepared or stored in a way that is ready to be used for any sort of operations. The data strategy is expected to outline how to approach those challenges. The DoD's new chief data officer, Dave Spirk, will finalize the data strategy. After he started in June, Spirk went on a “listening tour” across the department to inform the strategy. Deasy said Spirk was told by many components that the department needs to set goals to ensure data is visible, understandable and trustworthy, while also easily within classification levels. They also said the data needs to be interoperable and secure, while also linked and integrated between sensors and shooters. The Pentagon's Joint Artificial Intelligence Center, the department's AI hub that's situated under Deasy's office, is tackling joint war fighting this year under a new project that uses AI to link intelligence gathering systems to operations and effects systems for commanders. The JAIC recently awarded its Joint Common Foundation contract to Deloitte. The company is to provide an environment for an enterprisewide AI development platform. That platform, which uses the Air Force's Cloud One enterprise cloud, was originally supposed to operate inside the JEDI cloud. Therein lies the challenge for the DoD: Components that have been waiting for the JEDI cloud have had to look elsewhere — a problem Deasy recognizes he'll have to grapple with. Right now, Deasy is encouraging components that are waiting for JEDI but have an “urgent war-fighting need” to look elsewhere for platforms. “That is obviously OK in the short term, but over time that starts to become problematic because now you're starting to set up a lot of different solutions in different environments where you're going to have to go back and sort out in an enterprise way,” Deasy said. https://www.c4isrnet.com/battlefield-tech/it-networks/2020/09/30/pentagons-cio-shop-teams-with-armed-services-to-prep-for-move-to-jedi-cloud/

Toutes les nouvelles