DOD's cyber command takes shape
Defense Department officials are ironing out the details of a new major military command in charge of DOD’s cyber mission. However, they have not made a formal announcement that spells out the new command's scope.
Defense Department officials are ironing out the details of a new military command in charge of the Pentagon's cyber mission. The department hasn't yet formally announced the creation of a cyber command, but officials have been speaking about it at public events as if the command is a certainty.
For example, in a recent speech at the Center for Strategic and International Studies in Washington, Deputy Defense Secretary William Lynn said the creation of the command exemplifies DOD's recognition that cyberspace is a new theater of operations, on par with land, sea and air theaters.
Lynn said the command will be in charge of military networks, and the Homeland Security Department will continue to take the lead on cybersecurity for civilian agencies. The private sector will be responsible for its own cyber defenses, he said. Some critics say creating the command would militarize cyberspace, an allegation Lynn denied.
Despite the lack of official details, knowledgeable observers offered ideas of what they would like to see DOD do with the command.
Creating the cyber command is a necessary step, said Dale Meyerrose, a retired Air Force major general who is now vice president and general manager for cyber and information assurance at Harris. Creating a new command “has a way of elevating and providing the priority that I think cyber needs" at DOD, Meyerrose said.
That makes sense, said Peter Stephenson, chairman of the complex computing systems program at Norwich University, a military college in Vermont. But DOD should not completely ignore cyber issues outside the dot-mil domain, he said.
“A very large percentage of government traffic travels on public networks, so we actually have a situation where unclassified traffic, and sometimes unclassified but sensitive traffic, travels encrypted on public networks,” Stephenson said.
Although encryption might protect data, an attack on public networks could slow or stop the flow of some military cyber traffic. “So there is a case that can be made for protecting the national cyber infrastructure, the national backbone," which the private sector largely maintains, Stephenson said.
Another priority for the new command will be to end the jockeying for funds, resources and people among cyber defense organizations, said Harry Raduege, chairman of the Deloitte Center for Network Innovation and a retired Air Force lieutenant general.
“A major responsibility for a new command will be to influence a comprehensive and balanced cyber program that is properly resourced across the DOD,” he said. “The biggest challenges for the new command will be in building trust and teamwork among the numerous interrelated activities.”
Meyerrose agreed that a new command will help organize DOD's various cyber activities. “I think it will clean up lines of authority and help with establishing priorities for the Department of Defense,” he said.
The command will act similarly to Central Command, which coordinates DOD missions without overseeing forces, Meyerrose said.
“A sub-unified command will be one that will command and control cyber forces but will not own them,” Meyerrose said. “The cyber forces will still be a part of the Air Force, Army, Navy and Marine Corps.”
NEXT STORY: DHS centralizes cybersecurity programs