Defense domain, civilian awareness
Connecting state and local government leaders
<b>SPECIAL REPORT: The Next Steps for Security | </b> Elder, Garcia walk two sides of the cybersecurity beat.
Air Force Lt. Gen. Robert Elder
Rick Steele
DHS' Gregory Garcia
Rick Steele
Garcia is the first assistant secretary for cybersecurity and telecommunications at the Homeland Security Department. It is he who worries about how to prepare American society'government, commercial interests and individual citizens'to protect themselves from assaults on their electronic assets, whether home computers or nationwide networks.
The White House appointed Garcia, a former vice president for information security programs at the Information Technology Association of America trade association in Arlington, Va., in September. His former colleagues were pleased with the pick, but did not hesitate to suggest his priorities.
'I think the first thing is to do the job of making the department more aware of cyber issues and of being a champion for cybersecurity,' said Joe Tasker, ITAA's senior vice president of government affairs. 'We're now at a place where 90 percent of American businesses are on the Internet ... The ubiquity and power of the networks is becoming inescapable.'
On the offensive side of the equation, Air Force secretary Michael Wynne made it clear when he approved the creation of a Cyber Command that combat already is taking place in cyberspace.
'[T]he cyberspace domain contains the same seeds for criminal, private, transnational and government-sponsored mischief as we have contended with in the domains of land, sea, air and now contemplate as space continues to mature,' Wynne said in November. 'In cyberspace, our military, America and indeed all of world commerce face the challenge of modern-day pirates, of many stripes and kinds, stealing money, harassing our families and threatening our ability to fight on ground, air, land and in space.'
Elder, commander of the 8th Air Force, based at Barksdale Air Force Base, La., is the first head of the Cyber Command. The 8th Air Force already had many cyberspace capabilities, including intelligence, surveillance, reconnaissance and electronic warfare, and the creation of this major command gives Elder the responsibility for creating 'cyberspace warriors,' who can react to any threats 24/7, he said.
ROBERT ELDER
GCN: What are your two or three top priorities for establishing this new command?
ELDER:
Our first priority is to establish cyberspace as a warfighting domain, characterized by the use of electronics and the electromagnetic spectrum.
Today, cyberspace operations are generally viewed as network operations, information operations, or use of the Internet as an enabler for military operations in physical domains. The Air Force now recognizes that cyberspace ops is a potential center of gravity for the United States and, much like air and space superiority, cyberspace superiority is a prerequisite for effective operations in all warfighting domains.
Our second priority is to present Air Force cyberspace forces and capabilities to U.S. Strategic Command for their global missions, and to other combatant commanders through their Air Force component commanders for theater operations. This includes establishment of a 24/7-air operations center.
Our third priority is to develop a plan to organize, train and equip the Air Force to effectively conduct cyberspace operations. We intend to build capacity to conduct cyberspace operations across all aspects of [doctrine, organization, training, materiel, leadership and education, personnel and facilities]. We must develop a robust capability to manage risk for operations in cyberspace.
GCN: Can you elaborate on the role the Air Force will play in providing cybersecurity, and how it relates to the roles of other governmental offices (civilian and DOD)?
ELDER: There are many government agencies involved in cybersecurity. Air Force Network Operations is the service component to the Joint Task Force-Global Network Operations and will continue in that role.
However, as a warfighting domain, cyberspace is much more than computer networks, it is a domain characterized by the use of electronics and the electromagnetic spectrum. Although we didn't call it cyberspace before, we've been operating in this domain at least since World War II, with radar, chaff curtains and telephone networks. ... Superiority in cyberspace will be defined in much the same way as we define air or space superiority'maintaining freedom of action for the United States and its allies, while denying freedom of action to our adversaries.
Our Air Force command-and-control networks and other cyberspace capabilities must be capable of operating in a contested environment, and we will seek to deny the advantages cyberspace provides to our adversaries. Air Force Cyberspace Command will focus its efforts on military operations in and through cyberspace, but in support of JTF-GNO, will work closely with other government agencies. ... [We] will be postured to support homeland security, critical infrastructure protection and civil support operations using cyberspace.
GCN: Establishing this command implies there are real threats in cyberspace. Can you describe what's happening on this frontier?
ELDER: Our adversaries operated in cyberspace in the past, are doing so today, and will do so even more in the future. Your readers are well aware of the attacks they experience with their networked computers every day. The Air Force can't afford to disconnect a [command-and-control] system to purge itself of malware; as a result, we are very aggressive in our efforts to protect and defend these networks.
Al-Qaida coordinated the 9/11 strike with international and cellular communications, and they trained their pilots on simulators. Additionally, there are now hundreds of anti-U.S. Web sites, including ones actively used for planning and coordinating attacks on U.S. interests, and our adversaries can communicate freely via text messaging and e-mail. If we can establish cybersuperiority, we can inhibit the adversary's ability to use cyberspace as an enabler.
We have very few peer competitors or entities with similar capabilities, in air, on the ground or at sea. However, we have many potential peer competitors in cyberspace due to its low entry costs. And the cyberdomain is also very attractive to both state and nonstate rogue actors because of its potential to achieve high-impact effects with low probability of detection or retribution. We can't afford to lose the initiative in this area.
Our dependence on cyberspace demands an even greater emphasis on our ability to ensure freedom of maneuver in the domain. This will entail more than just 'sitting guard' at workstations. It will mean approaching the problem just like we approach defending other physical domains. We need to be prepared to operate in cyberspace while our dominance is being contested.
GREGORY GARCIA
GCN: As the first assistant secretary for cybersecurity at Homeland Security, a lot of folks in the business community have high expectations for you. What are your immediate priorities?
GARCIA: The first is that this function, cybersecurity and telecommunications, is going to lead in the national effort to prepare ... our networks, our information and communications systems, [to] make them more robust against cyberattacks.
Second, when incidents do happen, we need to have a strong, national coordinated response capability ... in partnership with the private sector, a strong level of incident response that links over to state and local first responders. Over time, the next year or so, I'll be working toward really integrating cyber and communications functions to better reflect the convergence that's taking place in the marketplace. We're looking to secure both the pipes'the transport'and the content'the info.
Finally, the third strategic priority is to build awareness. This function is a bully pulpit. I want to help develop a well-informed public at both the enterprise level and individual consumer level. ... That's a matter of getting out and talking, doing a lot of talking.
GCN: Does it really make a difference whether this is done at the assistant-secretary level or lower in the DHS organizational chart?
GARCIA: It has made a difference already, just simply by virtue of there being somebody at this level. It sends a clear [message] of the priority that this administration places on cybersecurity, communications security. I have briefed the secretary a couple of times now; he is engaged and considers this a priority.
GCN: How have you been working on these priorities?
GARCIA: One of the first things that I pushed for, and that we're close to having done now, is co-locating the U.S.- Computer Emergency Readiness Team (CERT) and the National Coordination Center, the communications industry/government partnership for watch and warning. That's going to facilitate the information sharing we need between industry and government [and] build our incident response capability. ... That is one of the reasons I was brought on to DHS, in recognition of my strong ties with industry.
A couple of the high-level things we really need to do [are] work with [the Office of Management and Budget] to raise the bar for federal agencies, to strengthen all of our security.
Secondly, [we need to] really work with the private sector to get that coordinated incident response capability that we need to be able to move quickly and decisively. [And] we need a mature, real-time information sharing capability.
GCN: What are the pitfalls, the things you worry about?
GARCIA: The threats are constantly evolving against our cyber and communications infrastructure. We're going to build upon this shared responsibility ... by industry, by government'all levels of government'by consumers [and] academia. And if we can put in place the structures and systems that will prepare us and deter against those threats, [if we] build incident response capability and awareness, then we'll be better able to protect ourselves. The pitfall is that we don't reach the level of partnership that we all know is necessary.
The one thing that I worry about is lack of awareness. I think that will be one of our biggest challenges, to be able to articulate ... how important everybody's role is, that one computer or one network of computers can be the portal through which an attack is launched.
NEXT STORY: Agencies feel botnets' light footprint