Cyber Experts Call for More Collaboration, Training

Soldiers, airmen and industry partners conduct network surveillance during Cyber Shield 19 training week at Camp Atterbury, Ind., on April 7, 2019. As the nation’s largest unclassified cyber defense training exercise, Cyber Shield provides participants with training on industry network infrastructure and cyber protection best practices. Army National Guard photo by SSgt. George B. Davis.

A new provision of the 2019 National Defense Authorization Act clears the way for fully fledged joint operations in cyberspace involving both military personnel and those from civilian agencies like the Department of Homeland Security, officials said Thursday.

“We need to move beyond [the] civilian-military relationship of collaboration touch points and into joint operations,” said Brian Murphy, principal deputy undersecretary for the office of intelligence and analysis at the Department of Homeland Security. He spoke alongside representatives from US Cyber Command, the Defense Department’s Network Defense Headquarters, and other service personnel at the AFCEA TechNet Cyber event in Baltimore, Md., on May 16.

The panel also addressed the need to develop better and more widespread cyber training, that is not limited to cyber forces, but includes the military as a whole.

The new provision, in Title 16 of the NDAA, clears the way for more effective operations, and it will enable “seamless” collaboration between agencies that have different missions, but a common purpose—defending the nation’s vital computer networks.

“In the context of our civil liberties, and privacy, and working with Congress, [the new law] … will allow us to collaborate and get through some of those policy problems that we’ve seen in the past,” Murphy said. “We need to continually have that [joint] mindset.”

Murphy explained to Air Force Magazine after the panel that the NDAA provision “allows Cybercom and DHS personnel to share each others’ tools seamlessly” in joint operations, adding that protecting the nation’s election infrastructure from foreign cyber attackers was an excellent example of the kind of situation in which these new authorities might be used.

“There is a gray space between the authorities of the agencies looking outwards [at foreign adversaries] and those focused on the homeland,” he said. “That’s the seam, that’s the sweetspot, that our adversaries could exploit” prior to the new law.

Panelists also emphasized the need for more flexible training tools and the imperative to scale cyber training out from just the Cyber Mission Forces to the military as a whole.

“The reality is if you’re on the internet, you’re in some way engaged with the adversary … You are part of that cyber force from a broader perspective … that’s the culture change that we’re trying to shift,” said Gregg Kendrick, the civilian executive director for the US Marine Corps Cyberspace Command.

His comments echoed those of Air Force Secretary Heather Wilson at a Defense Writers’ Group breakfast that morning, where she discussed the need for cyber awareness on the part of the whole force, not just cyber warriors. She the service needs to raise the “level of understanding and competence” when it comes to cyber, so even an aviation tech working on the flight line is “cyber cognizant.”

Training also needs to be as agile and responsive as the tools cyber warriors are employing, added Brig. Gen. Paul Stanton, deputy director of current operations for Cyber Command.

“The tools that were put in your hands a year ago may not be the same tools you’re leveraging today,” he said. “As we deploy new tools, we need the right training modules associated with those tools … we need them to be put into the cloud for ubiquitous access,” he told the audience of defense company executives.

The cyber environment “will continuously change. It’s dynamic in terms of the technology, it’s dynamic in terms of the threat,and so too must our forces be dynamic to keep up,” he concluded.