Cybersecurity is so pervasive a concern that a 5-year-old was able to illustrate the concept and what it means — don’t give out your personal details online — in order to win Tennessee’s state safety poster contest, according to George “Dennis” Bartko, director of the capabilities development group and CIO at U.S. Cyber Command.
Speaking at FCW’s Cybersecurity Summit in Washington, D.C., on Wednesday, Bartko used this story to illustrate that although the cybersecurity threat is complicated, it is not difficult to understand its importance.
Of course, federal cybersecurity practitioners have a more in-depth understanding of what it takes to combat ever-changing cyberthreats. During his keynote presentation, Bartko outlined the three biggest challenges Cyber Command faces from an IT perspective and how it’s addressing them.
1. Integrating the Cross-Agency Cybersecurity Response
Cyber Command, an armed forces subunified command within the Defense Department, has three key missions, Bartko noted. One is increasing the mission assurance of the DOD Information Network. The second is deterring and defeating when necessary threats to U.S. interests or infrastructure in cyberspace. And the third is providing the support that other combatant commanders need.
Bartko’s role is to make sure that the Cyber Command’s forces have the technical capabilities they need to achieve their mission and that those capabilities are secure.
Integration is a critical challenge, according to Bartko, that mirrors the nature of cyberspace — converging media types, devices and networks. The Internet of Things also converges cyberspace and the physical world. Cyber Command and other agencies need to address this convergence through integration, he said.
Cyber Command is how the Pentagon “recognizes that that convergence is the nature of cyberspace and that integration is the nature of this response,” Bartko said. In the military, each service branch normally has its own forces assigned to particular missions. But in the Cyber Mission Force, Cyber Command brings together personnel from the different service branches, in an approach Bartko described as “forward thinking and unusual for the DOD.”
The Defense Department organized the Cyber Mission Force so that there are not differences between an Army team and a Navy team, he said. That allows Cyber Command’s commander, Navy Adm. Michael Rogers, to use those teams “in a very highly integrated, flexible way,” Bartko added.
This approach requires Bartko’s office to create technical and security solutions that are equally integrated to reflect the nature of cybersecurity and optimizes the Cyber Mission Force. “If I don’t see those solutions as being highly integrated, if I think that they are standing alone off on their own, I’m probably going to think that they are not going to be highly effective and probably won’t support them,” he said.
2. The Need for Speed in Cybersecurity Acquisitions
The second challenge Cyber Command faces is achieving “speed and agility,” Bartko said. Cyberspace is constantly changing and so are cybersecurity threats. “How do we move at that speed?” he asked.
“I don’t know that any of the threats we face change as fast or as dynamically as the space itself,” Bartko said. “We always try to keep front of mind that we need to keep up with not only those threat actors, but we need to keep up with the space itself in doing that.”
As Federal News Radio reports, the 2016 defense authorization act gives Cyber Command direct acquisition authority and doles out “$75 million to rapidly deliver cyber operations particular equipment, capabilities and services. The money will also be used for the sustainment of cyber operations equipment.” The command will continue to receive $75 million a year until 2021, the report notes.
That authority from Congress allows the agency to keep up with the continuously changing nature of the cybersecurity space and “be able to move faster in the acquisition of technology in order to keep up with our mission.” Cyber Command plans to exercise that authority by the end of the fiscal year, which ends Sept. 30, Bartko said.
Cyber Command also plans to host its first ever industry day on Oct. 27, Bartko said, where it will bring together industry and other key stakeholders to meet with representatives from the command about its cybersecurity technology needs.
3. Achieving a Broader Cybersecurity Perspective
Bartko noted that cyberspace has tons of information in it, and agencies’ networks are treasure troves of data related to not only agencies’ missions but the status of networks contained in log files and records on data traffic. “It’s a tremendous amount of information which actually can boggle the mind,” he said.
Cyber Command’s challenge is to take that information and understand it in order to make sense of the whole picture.
“Each of us in cyberspace tends to have a narrow perspective,” Bartko said. “We can see what we can see.” He then related the ancient parable of the blind men and the elephant to illustrate that in cybersecurity, individual observations are often correct from where they are taken, but until they are combined, practitioners cannot understand the nature of the threat landscape.
In cybersecurity, professionals are often trying to characterize threats, problems or solutions, and often have narrow views of the issues at hand, Bartko said. “But if we combine our observations, we’ll have a better understanding of truth and a better understanding of the path forward.”
Cyber Command, like many agencies, is working to improve information sharing, Big Data storage and processing, and artificial intelligence. “The amount of information, coupled with the need for speed, makes it really difficult to scale human, direct and individual solutions to these problems,” he said.