Three Ways the Pentagon Could Improve Cyber Intelligence

The United States military needs to expand its cyber intelligence authorities and capabilities to meet the Trump administration’s new cybersecurity strategy, according to the top current and former government officials and academics.

The United States intelligence community’s ability to boost its surveillance of American computer networks, foreign adversaries and even third-party countries is integral to the Trump administration’s plan to be more aggressive in cyberspace.

“We are building relationships with US institutions that are likely to be targets of foreign hacking campaigns, particularly in the nation’s critical infrastructure, before crises develop, replacing transactional relationships with continuous operational collaboration among other departments, agencies, and the private sector.” Gen. Paul Nakasone (pictured), head of US Cyber Command and the NSA, said in the January edition of Joint Force Quarterly, a Pentagon publication.

“This is a domain where 90 percent of the networks, the critical infrastructure, resides in the private sector, not in the public. This is primarily a private industry-driven domain.”

Under Nakasone, US Cyber Command has embraced the concept of “defend forward,” meaning that cyber staffers operate against enemies on their own virtual territory. It is a tactic that requires significant intelligence capabilities.

“The framing of Cyber Command’s mission requires that it have real-time, fine-grained and current knowledge about adversary forces, capabilities, routines, operating venues and intentions,” wrote Chris Inglis, former deputy NSA director, in the new book “Bytes, Bombs and Spies.”

Cyber operations require surveillance “that enables the command to go from a standing start to a precise and responsive engagement in the shortest possible time.”

To boost intelligence and surveillance activities, Inglis recommended improvements in three areas.

First, he suggested boosting sensors deployed in both Pentagon and adversarial networks that operate under existing and “emerging rules.”

Second, he advocated for a greater sharing of bilateral and multilateral information. Inglis appeared to suggest a greater collaboration with private critical infrastructure companies, but admitted it would be limited by “privacy protections and concerns over legal liability.”

Finally, Inglis suggested greater use of commercially available threat information to fuel the intelligence demands of more offensive cyber operations.

“The intelligence requirements for offensive cyber operations are going to be enormous,” Amy Zegart, a senior fellow at the Hoover Institution, a research organisation, said during a Jan. 30 event at the National Defense University. But she said it was not clear what the surveillance requirements would mean for the structure of the intelligence community.

“The key is that the operational decisions need to be made with an understanding of the intelligence requirements behind them, and then dedicate the organisational structures and talent to match that.”

Fifth Domain:

You Might Also Read:

US Has Devastating Cyber Weapons:

 

 

« DARPA To Test Infrastructure Resilience
Personal Cyber Insurance Market Could Be Worth $3B by 2025 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

Infopulse

Infopulse

Infopulse is a global provider of Software Engineering, Cloud & IT Infrastructure Management, and Cybersecurity services.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

Tenzir

Tenzir

Tenzir's primary focus lies on network forensics: the systematic investigation of cyber attacks with big data analytics.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

Cofrac

Cofrac

Cofrac is the national accreditation body for France. The directory of members provides details of organisations offering certification services for ISO 27001.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Laminar

Laminar

Laminar provides the only Public Cloud Data Protection solution that provides full visibility and enforcement capabilities across your entire public cloud infrastructure.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

Cloudflare

Cloudflare

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.

Baidam Solutions

Baidam Solutions

Baidam Solutions is a 100% Australian owned and operated First Nations information technology business.

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.