Three Ways the Pentagon Could Improve Cyber Intelligence

The United States military needs to expand its cyber intelligence authorities and capabilities to meet the Trump administration’s new cybersecurity strategy, according to the top current and former government officials and academics.

The United States intelligence community’s ability to boost its surveillance of American computer networks, foreign adversaries and even third-party countries is integral to the Trump administration’s plan to be more aggressive in cyberspace.

“We are building relationships with US institutions that are likely to be targets of foreign hacking campaigns, particularly in the nation’s critical infrastructure, before crises develop, replacing transactional relationships with continuous operational collaboration among other departments, agencies, and the private sector.” Gen. Paul Nakasone (pictured), head of US Cyber Command and the NSA, said in the January edition of Joint Force Quarterly, a Pentagon publication.

“This is a domain where 90 percent of the networks, the critical infrastructure, resides in the private sector, not in the public. This is primarily a private industry-driven domain.”

Under Nakasone, US Cyber Command has embraced the concept of “defend forward,” meaning that cyber staffers operate against enemies on their own virtual territory. It is a tactic that requires significant intelligence capabilities.

“The framing of Cyber Command’s mission requires that it have real-time, fine-grained and current knowledge about adversary forces, capabilities, routines, operating venues and intentions,” wrote Chris Inglis, former deputy NSA director, in the new book “Bytes, Bombs and Spies.”

Cyber operations require surveillance “that enables the command to go from a standing start to a precise and responsive engagement in the shortest possible time.”

To boost intelligence and surveillance activities, Inglis recommended improvements in three areas.

First, he suggested boosting sensors deployed in both Pentagon and adversarial networks that operate under existing and “emerging rules.”

Second, he advocated for a greater sharing of bilateral and multilateral information. Inglis appeared to suggest a greater collaboration with private critical infrastructure companies, but admitted it would be limited by “privacy protections and concerns over legal liability.”

Finally, Inglis suggested greater use of commercially available threat information to fuel the intelligence demands of more offensive cyber operations.

“The intelligence requirements for offensive cyber operations are going to be enormous,” Amy Zegart, a senior fellow at the Hoover Institution, a research organisation, said during a Jan. 30 event at the National Defense University. But she said it was not clear what the surveillance requirements would mean for the structure of the intelligence community.

“The key is that the operational decisions need to be made with an understanding of the intelligence requirements behind them, and then dedicate the organisational structures and talent to match that.”

Fifth Domain:

You Might Also Read:

US Has Devastating Cyber Weapons:

 

 

« DARPA To Test Infrastructure Resilience
Personal Cyber Insurance Market Could Be Worth $3B by 2025 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

ThreatHunter.ai

ThreatHunter.ai

ThreatHunter.ai (formerly Milton Security) is a business that tracks down and mitigates attacks in real time using our ARGOS Platform and our Elite Threat Hunters.

LEXFO

LEXFO

LEXFO specializes in the security of information systems, assisting clients in protecting information assets using an offensive and innovative approach.

Quaynote Communications

Quaynote Communications

Quaynote Communications is a specialist conference and communications company focused primarily on the maritime, yachting, aviation and security industries.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

Beetles Cyber Security

Beetles Cyber Security

Beetles is a crowdsourced penetration testing platform designed to build a trusted, hacker-centric approach to protectan organization’s digital attack surface.

CNF Technologies

CNF Technologies

CNF Technologies is an award-winning cyber company providing technology-focused research and development to commercial, federal, and Department of Defense clients.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.

Corix Partners

Corix Partners

Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.