Learning to “hunt as a pack” in cyberspace is a challenge for the branches of the U.S. military and U.S. Cyber Command, but essential for effectiveness.
That is just one element of developing the cyber strategy for the Department of Defense, said Vice Adm. Jan Tighe, Commander, U.S. Fleet Cyber Command, U.S. Tenth Fleet, at the 13th Annual C4ISR & Networks Conference held in Pentagon City in May.
U.S. Cyber Command is a subordinate organization within U.S. Strategic Command. The partnership between the services and the DoD organization is “[e]volving into functional relationships,” said Tighe, who runs the Navy’s cyber operations. Part of it is developing “a commonality in how we talk to our service leaders.”
Similar partnerships also have to evolve between the military and industry, she said, noting that vendors have to be protected “since they have data.”
The Navy – and all services – requires “information dominance” to be able to act effectively. There are three pillars to that dominance, Tighe said:
– Assured command and control of warfighting assets, from ships to aircraft to troops. Cybersecurity “is a critical area” to maintain and protect that;
– Intelligence, also termed “battlespace awareness.” Here, Cyber Command uses many different types of sensors and devices to collect real-time information, and the ability to analyze Big Data is essential; and
– “Integrated fires.” By this, Tighe said, kinetic weapons – physical, what people think of when they think of the military – have to be able to use the data that has been gathered, while using “non-kinetic” weapons, such as cyber tools, have to be integrated into an overall plan of attack.
Expanding the battlespace into the cyber realm presents unique challenges. There are differences between “disruptive” attacks on financial institutions and “destructive” attacks such as the cyberattack on Aramco, the Saudi national oil company, she said. Similarly, there are differences between hackers and hacktivists, criminals, insider threats, and nation-states.
“We are constantly assessing risks and maneuvering our networks,” Tighe said. When looking at cyber threats, the assessment has to consider “both the capability the adversary possesses, [but] also the intent of the adversary to do harm.”
It also is very hard to explain the dangers to military leaders unfamiliar with cyber technology. “One of the harder parts in that calculus is communicating [what is at] risk to others,” she said.