Three Ways the Pentagon Could Improve Cyber Intelligence

Uploaded on 2019-02-27 in GOVERNMENT-Defence, FREE TO VIEW

The United States military needs to expand its cyber intelligence authorities and capabilities to meet the Trump administration’s new cybersecurity strategy, according to the top current and former government officials and academics.

The United States intelligence community’s ability to boost its surveillance of American computer networks, foreign adversaries and even third-party countries is integral to the Trump administration’s plan to be more aggressive in cyberspace.

“We are building relationships with US institutions that are likely to be targets of foreign hacking campaigns, particularly in the nation’s critical infrastructure, before crises develop, replacing transactional relationships with continuous operational collaboration among other departments, agencies, and the private sector.” Gen. Paul Nakasone (pictured), head of US Cyber Command and the NSA, said in the January edition of Joint Force Quarterly, a Pentagon publication.

“This is a domain where 90 percent of the networks, the critical infrastructure, resides in the private sector, not in the public. This is primarily a private industry-driven domain.”

Under Nakasone, US Cyber Command has embraced the concept of “defend forward,” meaning that cyber staffers operate against enemies on their own virtual territory. It is a tactic that requires significant intelligence capabilities.

“The framing of Cyber Command’s mission requires that it have real-time, fine-grained and current knowledge about adversary forces, capabilities, routines, operating venues and intentions,” wrote Chris Inglis, former deputy NSA director, in the new book “Bytes, Bombs and Spies.”

Cyber operations require surveillance “that enables the command to go from a standing start to a precise and responsive engagement in the shortest possible time.”

To boost intelligence and surveillance activities, Inglis recommended improvements in three areas.

First, he suggested boosting sensors deployed in both Pentagon and adversarial networks that operate under existing and “emerging rules.”

Second, he advocated for a greater sharing of bilateral and multilateral information. Inglis appeared to suggest a greater collaboration with private critical infrastructure companies, but admitted it would be limited by “privacy protections and concerns over legal liability.”

Finally, Inglis suggested greater use of commercially available threat information to fuel the intelligence demands of more offensive cyber operations.

“The intelligence requirements for offensive cyber operations are going to be enormous,” Amy Zegart, a senior fellow at the Hoover Institution, a research organisation, said during a Jan. 30 event at the National Defense University. But she said it was not clear what the surveillance requirements would mean for the structure of the intelligence community.

“The key is that the operational decisions need to be made with an understanding of the intelligence requirements behind them, and then dedicate the organisational structures and talent to match that.”

Fifth Domain:

You Might Also Read:

US Has Devastating Cyber Weapons:

 

 

« DARPA To Test Infrastructure Resilience
Personal Cyber Insurance Market Could Be Worth $3B by 2025 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

KLDiscovery

KLDiscovery

KLDiscovery is a global leader in delivering best-in-class eDiscovery, information governance and data recovery solutions.

Cryptosense

Cryptosense

Cryptosense provides the first application security software dedicated to the detection and remediation of crypto vulnerabilities.

APT Search

APT Search

APT Search is a recruitment company specialising within the Legal Technology, Cybersecurity and Privacy sectors.

CyBOK - University of Bristol

CyBOK - University of Bristol

CyBOK is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

Secfix

Secfix

Secfix helps companies get secure and compliant in weeks instead of months. We are on a mission to automate security and compliance for small and medium-sized businesses.

AppSentinels

AppSentinels

Appsentinels are a group of security and technology experts with a mission to fix gaps in application security.

Canary Technology Solutions (Canary IT)

Canary Technology Solutions (Canary IT)

A Cloud, Cyber Security, Retail Solutions and Managed IT Services provider for over 25 years, we safeguard and revolutionise business through technology and foresight.