CURRENT ISSUE

Military Information Technology - August 2010 - Issue 14.7

Issue 14, Volume 7
August 2010

KMI MEDIA GROUP
WEBSITES

SUBSCRIPTION SERVICES

Industry Cyber Perspectives

Attention: open in a new window. PDFPrintE-mail

MIT 2010 Volume: 14 Issue: 4 (May)

Industry Cyber Perspectives

INNOVATION, UNIFICATION AND TRAINING SEEN AS CRITICAL
IN STRENGTHENING SECURITY OF MILITARY NETWORKS.


(Editor’s Note: In connection with coverage of the establishment of U.S. Cyber Command, Military Information Technology posed the following question to some of the leading companies in the field of information security: “What ideas or perspectives do you see as critical as the military works to strengthen the security of its networks, including establishing new cyber command organizations?” Following are their responses.)

 

 

Security Through Innovation

THE SATISFACTORY AUTHENTICATION OF IDENTITY WILL DEMAND EVOLVING COMBINATIONS OF SPECIFIC ACCESS SCHEMA AND SECURITY COUNTERMEASURES.

BY JOHN OSTERHOLZ


Without question, an effective cybersecurity strategy for the military can only come about through innovation. In the words of Bill Gates, “Never before in history has innovation offered promise of so much to so many in so short a time.” With that in mind, BAE Systems has deployed, near Fort Meade, Md., an open prototyping architecture where innovative cyber-operations are being implemented. There, we see the unleashing of capabilities to collect, process, analyze and share critical cybersecurity information more effectively among intelligence and defense organizations. This Leading Edge Network operations and security Environment (LENE) is where better countermeasures to advanced and persistent threats are being developed and evolved at a pace that denies the continuing efforts of our adversaries to do their worst.

Recently, I was struck by Mike Hayden’s conversational framework for cybersecurity, given from the rare vantage point of one who was at the helm of both the NSA and CIA. His concise formulation of the major cyber problems that plague us as a nation is especially noteworthy, and I’d like to use that framework to share my thoughts on the challenges we face delivering solutions from the private sector that are affordable in the context of total cost of ownership.

General Hayden notes that there are three related but separable cyberspace areas where we as a nation largely focus our innovation: access, security and identity. They are an interesting trio in that our efforts to address each individually have been impressive. On the other hand, not addressing them collectively has contributed in even greater measure to our vulnerability.

Achieving widespread access to the business-winning advantages of Internet-enabled operations has been the cornerstone of some of our most impressive achievements. Of course, we increasingly find out that the universality of that access ambition has also led to a real national vulnerability.

Our second challenge, security, has suffered poorly over time in comparison to access. It’s the rain on our parade, the skunk at the garden party of life. It’s a losing proposition for an increasingly networked world. The resources allocated to security technology pale in comparison to the resourcing of technologies to increase access.

This imbalance has progressed to the point where we, as a cyber-faring nation, are more vulnerable than we are threatening. The “security” that currently surrounds cybersecurity, while entirely understandable in a national sovereignty context, does not scale to the enterprise level needed to employ the best and brightest in the struggle to truly deny a transnational cyber threat. This factor alone represents probably the biggest practical challenge to harnessing the innovation layer of our industry at this moment in time.

That leaves us with challenge number three—identity. I saved it for last as it represents both the “light speed barrier” to the advocates of network enabled enterprise, and the very concept that can potentially engender the unified treatment of all three challenges. It’s the sound barrier, for sure.

Let me offer an example. While digital signature-endorsed documents are being increasingly accepted, the context for that acceptance is currently more tokenism than mainstream acceptance. Instances where widespread use of a digital signature is accepted within the rules of accounting and law are few and far between. I am sure each of us has had the experience of digitally or biometrically signing a document and then having to present the physically signed instrument to actually make something happen. Identify theft and exploitation represents both a motive and an opportunity all neatly wrapped up into one. Thus, improving the verification of identity requires the collective treatment of access, security and identity.

While representing perhaps the greatest technical and operational challenges in deploying durable cybersecurity, the satisfactory authentication of identity will demand evolving combinations of specific access schema and security countermeasures. Balancing to achieve identity enables a broader balance that will include access and security. That may well be the final frontier we face without the comfort of the transporter to beam us up and save us at the very last moment. ♦

John Osterholz is vice president, cyber warfare and cybersecurity, for BAE Systems. His prior career with the Department of Defense included service as the senior executive responsible for development of the Global Information Grid architecture and its key programs.

 

Spectrum Dominance for Cyber-Assurance

ONLY THROUGH FAR-REACHING COOPERATION ACROSS DISCIPLINES AND SERVICE BOUNDARIES CAN WE GET OUR WARFIGHTERS OFF THE DEFENSIVE AND BACK IN CONTROL OF OUR CYBER-DESTINY.

BY J.B. “GIB” GODWIN


Is America in a cyber-war? I would propose that with hidden antagonists running the gamut from teenage hackers to terrorists to nation-state “hacktivists” launching hundreds of millions of probes and attacks a day aimed at disrupting our capabilities—many from a worldwide network of more than 9.4 million bot computers—not only are we at war, but arguably against the largest standing army in history.

To respond to this fast-moving, sophisticated and secretive global cyber-assault, we need a new paradigm of cyberassurance: a holistic approach to electromagnetic spectrum dominance. And the best way to understand this new paradigm is to line its characteristics up against the old.

The old paradigm is defense: While others disrupt the spectrum and use it against us, we huddle behind a “Maginot line” and try to stop them. The new paradigm is dominance: We control the spectrum and use it to advance the mission.

The old paradigm is reactive: We’re on the receiving end, and respond without the capability to understand and evaluate what has hit us and from where. The new paradigm is predictive: identifying and knowing the enemy—and anticipating, preparing for, precluding and even pre-empting attacks.

The old paradigm is fragmented: Increasingly artificial distinctions among cyber, electronic warfare and kinetic forces allow the enemy to divide, conquer and capitalize on gaps and seams. Attacks faced by such stovepipe communities are often of first impression, even if known to others.

The new paradigm is holistic: Collaborating across the spectrum, from air to land to sea to cyberspace, bringing together cyber with electronic warfare, as well as non-electronic sources of information ranging from every source of intelligence to political and economic analysis. If it’s a “tron,” we need to be able to manage and use it: offensively, defensively, exploitatively, and again, predictively.

The old paradigm is so network-focused, it often compromises the mission. To seal off an attack, we shut down the firewall and repair the damage, leaving our warfighters flying, sailing and rolling blind. The new paradigm prioritizes the mission, employing redundant systems, reprovisioning and migration of C3 functions to keep fighting or operating through a threat.

Currently, cyber-assurance is an add-on, bolted onto costly legacy systems. In the new paradigm, cyber-assurance is integrated into the acquisition process for all platforms, weapons systems and communications platforms from word one.

Today, cybersecurity is improvised. Not only are we outgunned and outmanned, we’re out-prepared, with inexperienced teams making it up as we go along. In the new paradigm, we train a large, well-prepped force cost-effectively.

The old paradigm is the geek squad: Technologists lead the response with policymakers often in the dark. The lack of policy input ties our hands in developing strategy and solutions, because we don’t know what will fly and won’t. The new paradigm is policy-driven, with informed policymakers setting the strategic parameters for technology development, instead of the other way around.

The current cyber-assurance paradigm is isolated: confined to the point of attack, with no division of labor in defending against onslaughts. The new paradigm is coordinated: We work with allies—and sometimes even adversaries—as well as partners in academia and the private sector to share information, pool resources and divide responsibilities to counter low-cost, multiple lines of attacks.

At Northrop Grumman, we’re pursuing a range of initiatives to advance this new, holistic, dominance paradigm, including investments in best-in-class, closed-range systems to define vulnerabilities, emulate enemy attacks and develop, in effect, “pre-sponses.” These emulated ranges will also allow for more realistic training and smarter, more-informed acquisition.

We’re testing state-of-the-art complex-event processing, previously used to provide real-time analysis and response in financial trading, to analyze and respond instantly to cyberattacks, utilizing the entire vault of intelligence and information at our disposal. And we’re engaging broadly with partners in academia, industry and government to develop cooperative initiatives and to raise awareness of the imperative of policy leadership in addressing the global cyber-threat.

Only through such far-reaching, faithful cooperation across disciplines and service boundaries, in a new holistic paradigm of electromagnetic spectrum dominance, can we get our warfighters off the defensive and back in control of our cyber-destiny. ♦

J.B. “Gib” Godwin is vice president, cybersecurity and systems integration, Defense Systems Division, Northrop Grumman Information Systems. This article is adapted from the author’s presentation at the CyberSecurity East Conference in March.

 

Training for Tomorrow’s Missions

IT IS IMPORTANT FOR CYBER COMMAND LEADERSHIP TO FIND A BALANCE BETWEEN SHORT-TERM OPERATIONAL NEEDS AND LONG-TERM PERSONNEL DEVELOPMENT.

BY ANDRE J. GUDGER AND DR. JOHN GRIFFIN


Our advice to cyber command leadership is not to sell short their command’s future capabilities by focusing only on today’s mission needs, to the detriment of their personnel’s long-term development and technology maintenance needs.

The Solvern Innovations division of TeleCommunication Systems provides computer network operations (CNO) mission support for the DoD and intelligence communities. One aspect of this support is to provide operational cyber-expertise, such as red team vulnerability assessments and consultation on tailored access operations. Another aspect involves the creation and delivery of mission-oriented training across the spectrum of CNO activities—network attack/defense/exploitation, information technology, information assurance, signals intelligence and emerging technologies. This second area of support is made available through the Art of Exploitation University (www.aoeuniversity. com).

It is essential to our ability to support cybersecurity missioncritical activities that our subject matter experts (SMEs) actively maintain the freshness, breadth and depth of their technical expertise in order to prevent being “left behind by the mission.” Our SMEs and instructors are responsible for maintaining their currency in their chosen field of expertise and for growing their knowledge base over time with respect to their operational breadth and communication capabilities.

Each employee is expected to identify the continuing education or experience he or she needs to stay current. TCS supports these personal development and maintenance activities through a significant financial commitment to professional development training activities, in addition to schedule and assignment flexibility in response to employees’ specific training needs.

Both customers in the field and our students in the classroom express a uniform regret that they are never able to get the full depth of training they feel they need both for their current mission and for their continued development. Our customers express regret that their cyber warfighters and peacekeepers are too busy executing the mission to do other on-the-job activities, including continuing education and maintaining technology currency. Many team leaders are even hard pressed to spare new personnel for a few weeks for the fundamental cyber training upon which their missions are built.

In the formative days of the cyber mission, personnel were responsible both for the mission and for training their colleagues— curriculum development and course instruction—and many saw this as a valuable experience for keeping abreast of technology changes and gaining another valuable career skill. As a tool to advance continued development of skills, our SMEs and instructors work on a diverse pool of activities, as opposed to assignment to a single task for extended time periods.

For example, although some of our instructors are hired into full-time instructional positions, these instructors do not spend every day performing course instruction or development activities. Rather, our instructors are encouraged to continue working part-time on R&D tasks identical or similar to those in their former positions in DoD or the commercial world. Our goal for each instructor is a mix of 70 percent instructional activities and 30 percent maintaining technical proficiency. Such a mix enables the instructors to keep up to date with advancements in the operational environment and therefore enhance their ability to engage and motivate students by sharing timely and relevant experiences.

The lesson for cyber command leadership is to find a balance between short-term operational needs and long-term personnel development and skill set maintenance. Today’s mission is unquestionably important, but tomorrow’s mission is also important. Trained and up-to-date cyber personnel will be needed to meet the needs of tomorrow’s mission. Advances in technology and cyber capabilities grow so rapidly that the only way for personnel to stay relevant and current is to complement mission experience with formal and informal continuing education at all levels. ♦

Andre J. Gudger is senior vice president and Dr. John Griffin is senior training specialist for TeleCommunication Systems.

 

Arming the Cyber Command Warfighter

BRINGING THE CYBER COMMANDS TO FULL OPERATIONAL CAPABILITY REQUIRES A TWO-PRONGED APPROACH—OFFENSIVE AND DEFENSIVE.

BY ED HAMMERSLA


Bringing the cyber commands to full operational capability will involve both offensive and defensive postures. To provide a strong offensive position, the commands will need to ensure that networks, servers and desktops are properly secured. All Department of Defense operating systems (server and desktop) should be locked down to the most stringent of standards—for example, the Defense Information Systems Agency’s Security Technical Implementation Guides—providing a security barrier to prevent attacks from internal and external sources. All DoD networks should also utilize appropriate behavior analysis tools to identify anomalies in network traffic that might indicate an attack, allowing for quicker detection and remediation.

Addressing both offensive and defensive postures, it is critical that information about attacks and attackers is available to the right people, at the right time, in the right locations, in the most secure way possible. These are critical capabilities that determine the effectiveness of U.S. intelligence in today’s global operational environment. Cyber commands will be required to share information with other cyber commands and government agencies to protect the country and its assets. It is important that these cyber commands do not operate in silos.

Every espionage incident and data spill reinforces the need to share critical information in a timely fashion. With the 2009 Christmas Day attempted bombing incident, we discovered that much of the necessary information to prevent this attack existed, but no one person or entity was able to combine the pieces into a complete picture and then communicate the right information at the right time.

With billions of dollars being invested in cyber commands and associated technologies, it is clear that a large part of the current and future battlefield is taking place in cyberspace. The success of these commands hinges on secure and timely information sharing; without it there is potential for a full-scale cyber-war. Recently a top government executive with DISA stated: “It’s not about data; it’s about reliable, trusted information; collaborating and sharing that information; and ensuring consistent access to information on protected networks to enable optimal situational awareness and decision-making.”

For the past two years, the Pentagon has experienced a large number—about 5,000 times per day on average—of network attacks, many from enemy states. With each attack comes the opportunity to gather traceable intelligence information. This intelligence must be securely shared in order to arm the cyber warfighter for each subsequent attack.

Secure sharing of intelligence between domains of varying security levels is vital to supporting counterterrorism assessment efforts and developing a common operational picture for the war on terror. As cyber-attacks continue to increase, there is an absolute need to arm senior agency personnel with the right information to make accurate decisions. These decisions should not be based solely on real-time damage reports and assessments, but must incorporate intelligence data to determine weaknesses and vulnerabilities moving forward.

Bringing the cyber commands to full operational capability is a two-pronged approach—offensive and defensive. Both approaches require the deployment of tools and solutions that assist the cyber warfighter in the most secure and efficient ways possible. ♦

Ed Hammersla is chief operating officer of Trusted Computer Solutions.

 

Architectures for Defense in Depth

WE WILL CONTINUE TO BE VERY VULNERABLE UNTIL WE ENFORCE WHAT WE CURRENTLY HAVE IN PLACE.

BY THOMAS A. GLUZINSKI


The military today is clearly different than when I began my career in 1973. The rise of the information age and the advent of the tools and methods applied to engage operationally in both peacetime and times of conflict have continued to raise challenges for both their use and the protection of those systems, tools and personnel committed to protecting our nation.

The threats continue to rise, and as we know, not all threats come directly from bullets, bombs and IEDs. Today we are engaged in a cyber-war of epic proportions, and it requires and will continue to require the best and brightest in technologies and trained personnel. The wars of today are bordering on being won, based on who has and can protect the best technologies.

Complex integrated network topologies, physical and virtual, are now the norm for managing and controlling our military assets and the flow of battle. Breaches in these systems can be very serious and range from internal misconfigurations to external-based coordinated attacks.

At the leading edge of technology we find unified communications being employed—to name just a few, Web 2.0, advanced security paradigms, advanced network topologies and complex storage solutions. Warfighters spend their time on Google, Myspace, Facebook, Twitter and other tools to keep in touch with friends, colleagues and family. Sometimes they do this on personal computers, other times with smartphone technologies using both wired and wireless platforms. This opens the door to potential leaks of critical information that would otherwise seem innocuous.

Technology is rapidly advancing, and our security for those systems continues to slip to what will certainly become unacceptable levels. As we create and execute new Security Technical Implementation Guides for emerging technologies, the threats continue to develop. By the time the standards are developed, in large part they are obsolete.

We have become a system that focuses on checklists, certifications and low bid contracts and have lost sight of the need for applied knowledge. In our efforts to stave off the emerging threats, we add infrastructure to the system for the purpose of protection, and in so doing create additional layers of generally ineffective bureaucracy.

The questions remain; how do we best protect our national assets and which tools are right for the tasks? What are the indicators we must follow today to stay ahead of the threat that is currently present and the one that is emerging? Do we take risk by implementing new technologies before we understand the threats, or do we continue to accept higher levels of risk on current or obsolete technologies that are currently in place? If so, what can we do to reduce the risk to those systems, architectures and assets?

Here are some thoughts for consideration:

  • Establish architectures that create defense in depth.
  • Educate and hold accountable staff for their actions.
  • Apply technology as an enabler for security, which creates an environment of support instead of conflict or frustration.
  • Identify trends in development that affect security.
  • Identify where the preponderance of developmental thought is being generated and acquire resources to address this threat.
  • Examine interoperability, not based on what we have done, but what can be done as technology moves forward.

    •  

New technological approaches such as VoIP, cloud computing and virtualization may stretch the current certification and security paradigms but still fall within the scope of existing architectures and security. Properly applied, they can move capabilities to the next level of operational capability.

As we continue moving forward, it is incumbent upon everyone—leaders and staff alike—to focus on the need for critical infrastructure protection as well as systems and information survivability. Mapping the issues and staying ahead of the threat picture is a difficult task at best. More regulation and bureaucracy is not the answer. Like our laws, until we enforce what we currently have in place, we will continue to be very vulnerable. ♦

Thomas Gluzinski currently serves as the senior vice president, federal operations, I.D. Rank Security.

 

 

Improving DoD’s Cybersecurity Posture

GIVE CYBER COMMAND A STREAMLINED GLOBAL COMMAND AND CONTROL STRUCTURE THAT ALLOWS IT TO ACT IN REAL TIME AGAINST THREATS.

BY LIEUTENANT GENERAL ROBERT SHEA (RET.)


Cybersecurity is one of the most critical, complex and least understood national security challenges facing the United States. It is an evolving, rapid growth area in terms of policy, science and practice, and it has attracted many purported pundits offering a myriad of solutions. Unfortunately, there are no “silver bullets.”

Cybersecurity is not concerned solely with the physical and technological elements of the networks. It involves the integration of several interdependent elements, ranging from policy, capability definition, education/training, acquisition, network design and control, software and hardware assurance, protected transmission media, and commander and user accountability to a myriad of other technical and non-technical elements in between. It crosses many communities of interest, each with agendas that occasionally clash.

Further, we are faced with an unresolved dichotomy between sharing information and protecting it. For the most part, Department of Defense networks were not designed to operate as they are today, but rather they have evolved as mission need has grown.

Adding to the challenge is the fact that even if the DoD secures its own internal networks, it is heavily dependent on a myriad of internal and external organizations for mission accomplishment. This support comes from such outside elements as the Internet, upon which much of DoD’s business and logistics support is dependent, and such commercial transmission networks as leased commercial satellite and information technology networks. However, in the end, cybersecurity is an enabler for mission assurance and success.

Below are some thoughts on measures that can be taken to improve the DoD cybersecurity posture now:

  • Foster better shared understanding of the threat—its motivation, intent and capabilities—across a broader government and industry base, including executive management to provide greater understanding.
  • Better educate and train policy makers and implementers as well as the operators and users of our cyber capabilities. Improve/increase their understanding of the threats, risks and tradeoffs in dealing with the threat. There is a need to collectively better understand the end-to-end dynamics and vulnerabilities of our cyber world, all the way from an individual user with his/her thumb drive to fiber optic links, satellites, routers/servers, power generators, supervisory control and data acquisition devices, and the information itself.
  • Provide a better understanding of the delicate balance between cost-effectiveness and mission-effectiveness, while accounting for risk. Develop an effective methodology to deal with this disparity so that we do not unintentionally create unacceptable risk for the collective missions.
  • Give Cyber Command the appropriate authorities and resources to accomplish their mission. This includes a streamlined global command and control structure that allows them to act in real time against threats and effectively counter them (where appropriate).
  • Improve early threat warning capabilities.
  • Raise the bar on training standards and certifications for users and operators of networks.
  • Establish accountability. Commanders and troops must be educated and trained in cybersecurity practices, to include an understanding of the potential consequences of poor practices, and then held accountable for their actions or inactions.
  • Develop improved network and IT/C4ISR system design and engineering that accounts for dealing with the threat and limits the loss of operational capability.
  • Increase emphasis on effective risk management and improved risk mitigation strategies across the department. There needs to be a methodology to better integrate the various inconsistent risk management strategies employed across the department into a strategy that is complementary.
  • Conduct meaningful training in environments of significantly reduced cyber capability; and develop tactics, techniques and procedures that facilitate continuation of the mission.
  • Institute strong disciplined network configuration management and control processes. Rediscover the “lost sciences” of system design, engineering and integration.
  • Develop and field software and hardware assurance capabilities that verify and certify that the software code and hardware (including firmware) in programs and systems is free from tampering or other insidious malware and will perform as expected.
  • Develop a unifying strategy that improves coordination, funding and synergy of DoD and national cyber-related research and development efforts.
  • Redouble efforts to identify, recruit, retain and train individuals with cyber skills and aptitude, and apply knowledge and experiences dealing with similar critical capabilities in the department.
  • Restrict the use of “technically qualified, lowest bidder” contract awards for cyber-related efforts. Raise the bar in cyber-related contracting efforts—and stop tripping over it.

    •  

Lieutenant General Robert Shea (Ret.) is executive vice president of Smartronix. His military career included service as the Joint Staff J6 director for C4, where he directed the first National Military Strategy for Cyber Space Operations.

 

 

A Truly Unified Command

CYBERCOM NEEDS TO LEAD THE CHARGE IN MELDING MILITARY CYBER FORCES INTO A SINGLE, STREAMLINED ORGANIZATION.

BY DR. STEVE KIMMEL


Hackers intent on penetrating DoD computers have more than 15,000 networks from which to choose. To bolster security, the department needs a solid plan to make the goal of layered defense a reality and to keep the intruding hackers at bay.

With the recent confirmation of Army General Keith Alexander to lead U.S. Cyber Command (CYBERCOM), which falls under the purview of U.S. Strategic Command, DoD is poised to make some real headway with regards to cybersecurity. CYBERCOM is also charged with anticipating intrusions and conducting offensive operations. Alexander, who is also the director of the National Security Agency, will have many hats to wear—part policy ringleader, part chief of police, part trainer and part tester.

To counter the vulnerabilities in the 15,000 networks operated by DoD, across 4,000 military installations in 88 countries, Alexander and CYBERCOM should concentrate on a few key areas: melding the disparate pieces of DoD and the military services’ cybersecurity structures into one seamless organization, developing a full-time monitoring federation, synchronizing the training and testing of the new 30,000-plus cyber work force, and leaving acquisition programs of record to the other DoD acquisition organizations.

First and foremost, CYBERCOM needs to lead the charge in melding the Army, Air Force, Navy, Marine Corps and DoD cyber forces into a single, streamlined organization. This cannot work if the business-as-usual structure takes over, because there will be too many groups fighting for limited resources, and cybersecurity will continue to be conducted in a disjointed way. To accomplish this goal, CYBERCOM needs to become the single authority to set the tactics, techniques and procedures for the cybersecurity information experts across the services and agencies to follow. Alexander is now in charge of safeguarding DoD’s information assets, but he can only effectively do this if he is given the proper authority to carry out the command’s mission.

Secondly, if the department is going to build a true layered defense, someone needs to monitor the networks constantly. Currently, each of the services monitors its own networks in inharmonious ways. The result often leaves gaps in coverage, which cause a critical void that can be manipulated by those seeking to wreak havoc on military networks. CYBERCOM needs to synchronize efforts by taking more of a holistic approach.

To perform such a massive mission, there needs to be a trained (military, civilian and contractor) cyber work force. Some estimates say DoD is looking to hire and/or train 30,000 cyber experts over the next several years to help fortify defense networks. As we all know, when technology evolves, so does the threat. Most security software requires frequent system updates. How will the DoD train tens of thousands of cyber warriors and test all of the potential solutions?

Today, the military services each have their own test laboratories and training mechanisms. But again, much of this work is discordant and not synchronized. CYBERCOM needs to delineate and champion an integrated resourced infrastructure that can fill both the training and testing need capable of replicating DoD’s operationally realistic networked environments.

In summary, the first three areas mentioned above are suggestions on what CYBERCOM needs to do. Meanwhile, I believe CYBERCOM would be ill-served to take on a program acquisition role. By its nature, an acquisition role calls for layers of program management and oversight— areas that would cause CYBERCOM to both lose track of why it was created and traction in defending and protecting the department’s cyber interests.

Less than a year into the establishment of CYBERCOM and just a few weeks after Alexander’s confirmation, I suspect many of these areas are already being addressed. Defense leaders are developing a cyber framework that will establish the intricacies of how the command will function.

CYBERCOM should be the first and last lines of defense for breaches. It should serve as a true unified command, anticipating intrusions, identifying attackers, launching offensive operations and defensive responses to stop hackers in their tracks. ♦

Dr. Steve Kimmel is senior vice president for corporate development at Alion Science and Technology.


Back to Top