Three Ways the Pentagon Could Improve Cyber Intelligence

Uploaded on 2019-02-27 in GOVERNMENT-Defence, FREE TO VIEW

The United States military needs to expand its cyber intelligence authorities and capabilities to meet the Trump administration’s new cybersecurity strategy, according to the top current and former government officials and academics.

The United States intelligence community’s ability to boost its surveillance of American computer networks, foreign adversaries and even third-party countries is integral to the Trump administration’s plan to be more aggressive in cyberspace.

“We are building relationships with US institutions that are likely to be targets of foreign hacking campaigns, particularly in the nation’s critical infrastructure, before crises develop, replacing transactional relationships with continuous operational collaboration among other departments, agencies, and the private sector.” Gen. Paul Nakasone (pictured), head of US Cyber Command and the NSA, said in the January edition of Joint Force Quarterly, a Pentagon publication.

“This is a domain where 90 percent of the networks, the critical infrastructure, resides in the private sector, not in the public. This is primarily a private industry-driven domain.”

Under Nakasone, US Cyber Command has embraced the concept of “defend forward,” meaning that cyber staffers operate against enemies on their own virtual territory. It is a tactic that requires significant intelligence capabilities.

“The framing of Cyber Command’s mission requires that it have real-time, fine-grained and current knowledge about adversary forces, capabilities, routines, operating venues and intentions,” wrote Chris Inglis, former deputy NSA director, in the new book “Bytes, Bombs and Spies.”

Cyber operations require surveillance “that enables the command to go from a standing start to a precise and responsive engagement in the shortest possible time.”

To boost intelligence and surveillance activities, Inglis recommended improvements in three areas.

First, he suggested boosting sensors deployed in both Pentagon and adversarial networks that operate under existing and “emerging rules.”

Second, he advocated for a greater sharing of bilateral and multilateral information. Inglis appeared to suggest a greater collaboration with private critical infrastructure companies, but admitted it would be limited by “privacy protections and concerns over legal liability.”

Finally, Inglis suggested greater use of commercially available threat information to fuel the intelligence demands of more offensive cyber operations.

“The intelligence requirements for offensive cyber operations are going to be enormous,” Amy Zegart, a senior fellow at the Hoover Institution, a research organisation, said during a Jan. 30 event at the National Defense University. But she said it was not clear what the surveillance requirements would mean for the structure of the intelligence community.

“The key is that the operational decisions need to be made with an understanding of the intelligence requirements behind them, and then dedicate the organisational structures and talent to match that.”

Fifth Domain:

You Might Also Read:

US Has Devastating Cyber Weapons:

 

 

« DARPA To Test Infrastructure Resilience
Personal Cyber Insurance Market Could Be Worth $3B by 2025 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

HoxHunt

HoxHunt

HoxHunt is an automated cyber training program that transforms the way your employees react and respond to the growing amount of phishing emails.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

Deutsche Gesellschaft für Cybersicherheit (DGC)

Deutsche Gesellschaft für Cybersicherheit (DGC)

As a leading provider of cyber security, DGC supports companies in taking advantage of the opportunities offered by the digital transformation – and in minimizing the associated risks.

Cybernatics

Cybernatics

Cybernatics is inspired by bringing together best-in-class innovations around Cybersecurity and Analytics. We offer tailored enterprise solutions to safeguard your organisations best interests.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.