Q & A with a cyberwarrior
The commander of the Pentagon's Joint Task Force for Computer Network Defense responds to FCW questions about cyberdefense and attack
Following are responses by Maj. Gen. James Bryan, commander of the Pentagon's
Joint Task Force for Computer Network Defense, to questions posed by FCW.
Q: Does the Defense Department need a greater role in law enforcement,
in tracking down and prosecuting hackers?
A: No, I don't think so. What just a year-and-a-half ago took sometimes
weeks to figure out — what to share and who to share it with — now takes
place in minutes because those relationships [with law enforcement organizations]
are there.
Q: What are some specific actions you are already taking to improve
DOD network security?
A: I believe "CND Better" [a new-and-improved JTF-CND] is going to require
us to have a higher resource level. So we've put together a multiyear resource
strategy in regard to people and money, and we are preparing to deliver
that to [Space Command]. Without a resource strategy to support our goals,
the goals are so much hot air.
Q: Can you provide some specifics on the resource strategy?
A: In order for us to do a better job of determining indications and
warnings [of coming attacks], we need to have some additional capabilities
for intelligence and analysis and threat tracking, so we've identified what
those are and we've costed them out in terms of technology and money. We
need a little bit of technology, a little bit of permission and a little
bit of manpower.
Q: Will the strategy include any recommendation regarding development
of a sub-unified command for computer network defense and computer network
attack?
A: It is a matter of public record that the [space commander-in-chief]
has both the computer network attack and computer network defense missions
[{/fcw/articles/2000/1023/web-attack-10-25-00.asp} "Spacecom
handling cyberattack, defense," FCW.com, Oct. 25, 2000]. We are prudently
studying how to go about implementing that for the long term. I think it
would be imprudent of me to get out in front of the commander-in-chief and
postulate where that is going to go.
Q: Are we involved in a cyberspace arms race?
A: Clearly, we have no corner on cyberspace in the United States, nor
does the Department of Defense. Nor are we the only military organization
in the world that's concerned about cyber events and cyber operations. I
believe the pace is being set by the evolution of technology itself and
not because of someone's creation of the term "cyberspace arms race."
Q: What guidelines should DOD use to determine when an offensive attack
is appropriate to defend its own networks?
A: This was a central question that we have asked our legal authorities
to remain engaged on. The fact is that right now my authority is very limited.
I believe in this area the wisest course of action is to pursue the policy
and procedural issues at or ahead of the pace of technological capabilities,
because whether or not to use an attack as an active defense measure or
as a weapon system is a decision that needs to be operationally defined
at the national policy levels first and foremost.
Q: There's no frustration on your part that this has not been resolved
yet?
A: I think that every commander wants to be able to defend his forces,
in this case our networks, with every prudent technology and technique at
their disposal. But in this new mission area of computer network defense,
we have to accept the fact that the boundaries are very clearly defined
for us and that we're not in the business of defining what those boundaries
are, and we have to be patient with those who are defining what the boundaries
and the procedures and the proper authorities are.
NEXT STORY: Experts: E-gov examples shine abroad