Think you have a tough job? Consider that of Navy cybersecurity professionals, tasked with keeping an ever-growing yet increasingly ambiguous enemy at bay, all with diminishing budgets and the constraints of a decentralized, largely maritime environment.
“Imagine, if you will, a strike group commander going into a battle with a force that is not well defined, that he has to defend with capabilities that he doesn’t well understand. To some extent, that’s the way we fight our networks every day,” Rear Adm. Jan Tighe, deputy commander of U.S. Fleet Cyber Command and U.S. 10th Fleet, said Wednesday at the WEST 2014 Expo at the Convention Center.
Laying out the general state of the cybersecurity world, SPAWAR’s Executive Director Patrick Sullivan cited the most recent data in the Internet Security Tracking Report, which details a 42 percent increase in targeted attacks in 2012 over 2011, with an average of 600,000 identities exposed per breach.
Roughly 247,000 attacks are blocked daily, and, unsurprisingly, research and development sites are the most targeted, making Navy networks a bull’s-eye, he said.
The overwhelming need expressed by the panel to better accomplish this monumental task is to standardize the department’s tools, platforms and networks.
“We’ve got this tremendous diversity that are out there in the fleet with regard to network systems and applications, and the reality is that infrastructure is almost impossible to defend the way it exists today,” said Rear Adm. James Rodman, chief engineer at SPAWAR, or the Space and Naval Warfare Systems Command.
“So what we’re really about is trying to take a look now at how do we best try to do what I’ll call, for lack of a better term, the ruthless standardization of what the Navy’s got today,” he said. “The Navy is going to build a unified network afloat, ashore and aloft that is centrally managed and decentrally executed, and the methodology for getting there is by standardizing those networks.”
This standardization will allow for continuous monitoring, another piece of the puzzle that’s vitally important but currently missing. Continuous monitoring will allow Navy personnel to monitor threats and attacks in real time and defend against them immediately.
“It’s not sufficient any longer to do what we do today, which is basically forensic analysis -- we wait until the attack happens, and then afterward we go in and we collect all the boxes and all the software, and then we try to figure out what happened,” Rodman said.
Standardization also will allow for humans to be taken out of the equation a bit through automation, which will be particularly helpful in patching, as well as easily knowing what has and has not been patched and where vulnerabilities exist.
Along with the obvious security benefits that reduced variants and modern, automatic feedback bring, Ruth Youngs Lew, executive director of the Program Executive Office for Command, Control, Communications, Computers and Intelligence, said there are additional positives as well.
“The big benefits there are your sustainment costs then are reduced, you’ve got a fully integrated, fully tested capability that you’re putting out there, and it’s also that much easier to train,” she said.
In terms of integration, she said it takes time -- often lots of it -- to schedule installations onboard ships. Automatic updates applicable across the board would significantly reduce the time spent, and the time and amount of training needed for sailors to master one platform, as opposed to having to retrain them on multiple systems and iterations.
From an industry perspective, the panelists agreed that the Department of Defense’s technology acquisition process can be cumbersome and arduous, particularly given the speed of change in the cyberworld.
“The reality is it takes us anywhere from six months to a year to actually do an acquisition, when a cyberthreat could be as transient as one second,” Rodman said, adding that standardized networks would aid in this respect as well, allowing the industry to have one set of guidelines to work from and build toward.
Though changes are needed and coming, Tighe said she’s still confident in the Navy’s work in the cyber-realm.
“I believe that Navy networks are probably the best defended networks that exist at the scale of what we have in the Navy, largely because they are part and parcel of the DoD networks that we have,” she said. “And the protection and defense and depth that is executed on behalf of those Navy networks and our war-fighting platform is unmatched by any other nation state in the world, largely because we leverage intelligence capabilities to defend those and help us learn through intelligence to defend our networks.”
53560 Hull St.
San Diego, CA 92152