Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

The Highlighter: Securing Cyberspace for the 44th Presidency – Part V

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part V includes highlights of:

  • Section 4 – Regulate for Cybersecurity

——————————————————————————————————————————————
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
——————————————————————————————————————————————

The Highlights:

4
Regulate for Cybersecurity

Recommendations

  • The president should task the NOC to work with appropriate regulatory agencies to develop and issue standards and guidance for securing critical cyber infrastructure, which those agencies would then apply in their own regulations.
  • The NOC should work with the appropriate regulatory agencies and with the National Institute of Standards and Technology (NIST) to develop regulations for industrial control systems (ICS). The government could reinforce regulation by making the development of secure control systems an element of any economic stimulus package…
  • The NOC should immediately determine the extent to which government-owned critical infrastructures are secure from cyber attack…
  • The president should direct the NOC and the federal Chief Information Officers Council, working with industry, to develop and implement security guidelines for the procurement of IT products (with software as the first priority).
  • The president should task the National Security Agency (NSA) and NIST, working with international partners, to reform the National Information Assurance Partnership (NIAP).
  • The president should take steps to increase the use of secure Internet protocols. The president should direct OMB and the NOC to develop mandatory requirements for agencies to contract only with telecommunications carriers that use secure Internet protocols.

Read the rest of this entry »

Advertisements

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

NSA Should Oversee Cybersecurity, Intel Chief Says

By Kim Zetter
February 26, 2009

E731a5a1fb39407e8bee699ef32a5f7e2

Despite the fact that many Americans distrust the National Security Agency for its role in the Bush Administration’s warrantless wiretapping program, the agency should be entrusted with securing the nation’s telecommunications networks and other cyber infrastructures, President Obama’s director of national intelligence told Congress on Wednesday.

Director of National Intelligence Admiral Dennis Blair told the House intelligence committee (.pdf) that the NSA, rather than the Department of Homeland Security which currently oversees cybersecurity, has the smarts and the skills to secure cyberspace.

“The National Security Agency has the greatest repository of cyber talent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”

Blair added that “because of the offensive mission that they have, they’re the ones who know best about what’s coming back at us and it’s defenses against those sorts of things that we need to be able to build into wider and wider circles.”

He acknowledged that the agency had a trust handicap to overcome due to its role in the Bush Administration’s secret domestic spying program, and therefore asked Congress to help convince the public that it’s the right agency for the task.

“I think there is a great deal of distrust of the National Security Agency and the intelligence community in general playing a role outside of the very narrowly circumscribed role because of some of the history of the FISA issue in years past. . . . So I would like the help of people like you who have studied this closely and served on commissions, the leadership of the committee and finding a way that the American people will have confidence in the supervision, in the oversight of the role of NSA so that it can help protect these wider bodies. So, to me, that’s one of the keys things that we have to work on here in the next few months.”

Blair is not without support for his view. Paul Kurtz, who led the cybersecurity group on Obama’s transition team and was part of Bush’s White House National Security Council, recently told Forbes that he supports the NSA taking a prominent role in cybersecurity.

Continue reading…

Filed under: Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part IV

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part IV includes highlights of:

  • Section 3 – Rebuilding Partnership with the Private Sector

——————————————————————————————————————————————
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
——————————————————————————————————————————————

The Highlights:

3
Rebuilding Partnership with the Private Sector

Recommendation

The U.S. government should rebuild the public-private partnership on cybersecurity to focus on key infrastructures and coordinated preventive and responsive activities. We recommend the president direct the creation of three new groups for partnership that provide the bases for both trust and action:

  • A presidential advisory committee organized under the Federal Advisory Committee Act (FACA), with senior representatives from the key cyber infrastructures. This new body would incorporate the National Security and Telecommunications Advisory Committee (NSTAC) and National Infrastructure Advisory Council (NIAC);
  • A town hall style national stakeholders’ organization that provides a platform for education and discussion; and
  • A new operational organization, the Center for Cybersecurity Operations (CCSO), where public- and private-sector entities can collaborate and share information on critical cybersecurity in a trusted environment.

Securing cyberspace requires government and the private sector to work together.

There is a bifurcation of responsibility (the government must protect national security) and control (it does not manage the asset or provide the function that must be protected).

…the United States has a perplexing array of advisory groups with overlapping interests, inadequate resources, varying capabilities, and a lack of clarity around roles and responsibilities. To achieve real partnership, we must simplify mission and organizational structure.

In many interviews, we found almost universal recognition that the status quo is not meeting the needs of either the government or the private sector with respect to trust and operational collaboration.

Another problem for securing cyberspace is a diffusion of effort. Currently DHS identifies 18 different sectors as critical.

For us, critical means that, if the function or service is disrupted, there is immediate and serious damage to key national functions such as U.S. military capabilities or economic performance.

To focus the defense of cyberspace, we have identified four critical cyber infrastructures: energy, finance, the converging information technology and communications sectors, and government services (including state and municipal governments).

We recommend concentrating on two key problems: how to build trust between the government and company executives and how to focus efforts on what is truly critical for cyberspace.

The primary goal of the new partnership organizations should be to build action-oriented relationships rather than to share information that is either already available or that companies are reluctant to provide. This can be done by creating a simplified structure that has three parts: a new presidential advisory committee that connects the White House to the private-sector entities most important for cyberspace; a national town-hall organization that provides a dialogue for education and discussion, and a new operational organization.

The intent behind the three groups is to provide an inclusive platform for national engagement, something the United States currently lacks.

Trust is the foundation of a successful partnership between government and the private sector.

Read the rest of this entry »

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part III

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part III includes highlights of:

  • Section 2 – Organizing for Cybersecurity

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

2
Organizing for Cybersecurity

Recommendations

The president should appoint an assistant for cyberspace and establish a Cybersecurity Directorate in the NSC that absorbs existing Homeland Security Council (HSC) functions.

A new National office for Cyberspace (NOC) would support the work of the assistant for cyberspace and the new directorate in the NSC. The president can create this office by merging the existing National Cyber Security Center (NSCS) and the Joint Inter-Agency Cyber Task Force (JIACTF). The assistant to the president for cyberspace would direct the NOC.

The central problems in the current federal organization for cybersecurity are lack of a strategic focus, overlapping missions, poor coordination and collaboration, and diffuse responsibility.

The Commission considered many options for how best to organize for cybersecurity. We grew to understand the importance of bridging across the federal agencies in order to leverage the knowledge to provide the best security for our nation.

We also recognize the importance of involving the private sector—the federal government cannot do this alone.

Our thinking on organization tracks with our finding that cybersecurity is now a central problem for national security. Our recommendation is to create a new “enterprise” governance model for cyberspace using the NSC, a collaborative network among the key agencies, and a new cyberspace office in the EOP.

We based our recommendations in part on the intelligence community’s experience in implementing the Intelligence Reform and Terrorist Prevention Act (IRTPA). IRTPA imposed a new, more collaborative structure on the intelligence community. It mandated a distributed “intelligence enterprise.” Congressional mandates, however, are not enough. It took a director of national intelligence (DNI) with the appropriate authorities to build collaboration.

What about the Department of Homeland Security?

One of the first tasks for the new administration will be to strengthen DHS.

DHS is not the agency to lead in a conflict with foreign intelligence agencies or militaries or even well-organized international cyber criminals.

Cybersecurity is no longer (if it ever was) a domestic issue. It is an issue of international security in which the primary actors are the intelligence and military forces of other nations.

Although the department’s performance has improved in recent years, our view is that any improvement to the nation’s cybersecurity must go outside of DHS to be effective. For that reason, we recommend that the White House, rather than any single agency, lead the new strategic and coordination functions required for cybersecurity.

Read the rest of this entry »

Filed under: The Highlighter, , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part II

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part II includes highlights of:

  • Section 1 – Create a Comprehensive National Security Strategy for Cyberspace

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

1
Create a Comprehensive National Security Strategy for Cyberspace

The president should state as a fundamental principle that cyberspace is a vital asset for the nation and that the United States will protect it using all instruments of national power, in order to ensure national security, public safety, economic prosperity, and the delivery of critical services to the American public.

Our influence as a nation is at its lowest point in decades.

Years of underinvestment have weakened both government and our scientific establishment (and, in the case of government, scorn from those who sought to shrink it). The reputation of the United States has been badly tarnished, and our failure to defend cyberspace, despite huge informational losses, has encouraged our opponents to increase their attacks.

Strategies articulate goals and identify the means to achieve them. The United States has clear goals—to defend itself and its allies from threats and intimidation, increase openness to trade and to ideas, and expand the rule of law and democracy.

…we recommend a clear articulation of the importance of cyberspace of the nation.

To some extent expressing principles for cyberspace is more difficult than expressing a military doctrine designed to protect our physical territory.

Cyber attack joins terrorism and weapons of mass destruction (WMD) as one of the new, asymmetric threats that put the United States and its allies at risk.

A comprehensive cybersecurity strategy must engage all elements of U. S. power—economic, diplomatic, and law enforcement as well as military and intelligence.

As with the larger national security strategy, we identify four principal instruments—international engagement, military and defense actions, economic tools, and the coherent use of intelligence and law enforcement capabilities—to achieve this.

One model for the new approach, which we recommend for the next president, can be found in the U. S. experience with nonproliferation and WMD.

Read the rest of this entry »

Filed under: The Highlighter, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part I

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part I includes highlights of the:

  • Executive Summary
  • Summary of Recommendations
  • Introduction

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

This report makes use of a broad definition of cyberspace that goes beyond the Internet to include all forms of networked, digital activities.

Executive Summary

(1) cybersecurity is now a major national security problem
(2) decisions and actions must respect privacy and civil liberties
(3) only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will make us more secure

We were encouraged in our work by senior officials in the Department of Defense, the intelligence community, and other agencies who told us that cybersecurity was one of the greatest security challenges the United States faces in a new and more competitive international environment.

Major agencies play key roles set by presidential directives and coordinated by the White House.

We propose creating a new office for cyberspace in the Executive Office of the President. This office would combine existing entities and also work with the National Security Council in managing the many aspects of securing our national networks while protecting privacy and civil liberties.

Government must recast its relationship with the private sector as well as redesign the public-private partnership to promote better cybersecurity.

The Bush administration took a major step toward improving federal cybersecurity with its Comprehensive National Cybersecurity Initiative.

…we face a long-term challenge in cyberspace from foreign intelligence agencies and militaries, criminals, and others, and that losing this struggle will wreak serious damage on the economic health and national security of the United States.

Read the rest of this entry »

Filed under: Analysis, cyber security, Doctrine, Policy, Politics, Strategy, The Highlighter, , , , , , , , , , , , , , , , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
 
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]

 


 


ADVERTISEMENT

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]

RSS ODNI News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


ADVERTISEMENT

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]

RSS NSA News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]

RSS CIA News


ADVERTISEMENT

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2018/07/20 DARPA Sets Date for Subterranean Challenge Competitors Day July 20, 2018
    DARPA will host a competitors day September 27, 2018, to communicate the vision and timeline of the DARPA Subterranean (SubT) Challenge, engage potential competitors, and provide a space for technical and operational exchange.
  • 2018/07/20 Accelerating the Exploration of Promising Artificial Intelligence Concepts July 20, 2018
    DARPA today announced its Artificial Intelligence Exploration (AIE) program, a key component of the agency's broader artificial intelligence (AI) investment strategy aimed at ensuring the United States maintains an advantage in this critical and rapidly accelerating technology area. AIE will constitute a series of unique funding opportunities that use s […]
  • 2018/07/18 Faster, Lighter, Smarter: DARPA Gives Small Autonomous Systems a Tech Boost July 18, 2018
    DARPA's Fast Lightweight Autonomy (FLA) program recently completed Phase 2 flight tests, demonstrating advanced algorithms designed to turn small air and ground systems into team members that could autonomously perform tasks dangerous for humans – such as pre-mission reconnaissance in a hostile urban setting or searching damaged structures for survivors […]
  • 2018/07/17 Developing Microrobotics for Disaster Recovery and High-Risk Environments July 17, 2018
    Imagine a natural disaster scenario, such as an earthquake, that inflicts widespread damage to buildings and structures, critical utilities and infrastructure, and threatens human safety. Having the ability to navigate the rubble and enter highly unstable areas could prove invaluable to saving lives or detecting additional hazards among the wreckage. Partner […]
  • 2018/07/17 Seeking 72-hour Space Environment Forecasts with Updates on the Hour July 17, 2018
    Models for providing hourly terrestrial weather forecasts anywhere in the world have become increasingly precise-our smartphones buzz or chirp with local alerts of approaching thunderstorms, heavy snow, flash floods, and big events like tornados and hurricanes. The military relies on accurate weather forecasts for planning complex operations in the air, on g […]

ADVERTISEMENT

RSS Cyber News (Google)

  • This RSS feed URL is deprecated July 21, 2018
    This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news
  • Cyber Saturday—Introducing Fortune Brainstorm Finance - Fortune July 21, 2018
    FortuneCyber Saturday—Introducing Fortune Brainstorm FinanceFortuneGood morning, Cyber Saturday readers. It's been a heady week of hand-shaking, connection-making, and idea-waking at Fortune Brainstorm Tech in Aspen. With the conference concluded, I've descended from the mountaintops to an islet off the coast of ...
  • Singapore cyber attack affects 1.5 million people - euronews July 21, 2018
    euronewsSingapore cyber attack affects 1.5 million peopleeuronewsGovernment officials did not say who might have been behind the attack, but a joint statement by the health and communications ministries suggested a high degree of sophistication. The cyber attack comes as the state has made cybersecurity a top ...Cyber attack on Singapore health database stea […]
  • What Alexander Hamilton Can Teach Us About Cyber Policy - Defense One July 21, 2018
    Defense OneWhat Alexander Hamilton Can Teach Us About Cyber PolicyDefense OneThough this Hamiltonian framework is useful for any policy discussion, it is a particularly good lens for the cyber realm, for it encourages policymakers to balance the expected effects and unintended consequences of a proposed policy; and to harmonize ...
  • US Officials Warn of Potential Cyber Attacks from Iran - Fortune July 20, 2018
    FortuneUS Officials Warn of Potential Cyber Attacks from IranFortuneIranian hackers have laid the groundwork to carry out extensive cyber attacks against private U.S. and European companies, U.S. officials warn, according to NBC News. Although experts don't believe any such attack is imminent, the preparations could ...Iran has laid groundwork for exten […]
  • What a Cyber 9/11 Would Mean for the US - Fortune July 20, 2018
    FortuneWhat a Cyber 9/11 Would Mean for the USFortuneThe United States has been beset by hackers who have plundered the country's intellectual property and meddled with its political system. But the worst could be yet to come in the form of a “cyber 9/11″—a term often invoked but rarely defined. This ...
  • Top FBI cyber officials set to retire - CNNPolitics - CNN.com - CNN July 20, 2018
    CNNTop FBI cyber officials set to retire - CNNPolitics - CNN.comCNNThe FBI's top two cybersecurity officials are planning to leave the bureau, the FBI confirmed Thursday.Three senior cyber officials at FBI retiring: report | TheHillThe HillTop FBI cyber officials set to retireWPLG Local 10all 10 news articles »
  • Cyber Security offers long list of work opportunities - KCAU 9 July 20, 2018
    KCAU 9Cyber Security offers long list of work opportunitiesKCAU 9Non-profit information security advocacy groups, predict a global shortage of two million cyber security professionals by 2019. And research shows employers are struggling to fill 200,000 other cyber-security positions every year. One of the biggest ...
  • What Is The GRU And What Role Does It Play In Russia's Cyber And Military Operations? - NPR July 20, 2018
    What Is The GRU And What Role Does It Play In Russia's Cyber And Military Operations?NPRIn 2008, a combined cyber and military attack that pummeled neighboring Georgia. More recently, critical ongoing support to bolster President Bashar al-Assad in Syria's devastating war. MARK GALEOTTI: And then, above all, along came the Ukrainian ...and more » […]
  • EU, China setting global cyber standards - Politico July 19, 2018
    NextgovEU, China setting global cyber standardsPoliticoAnd China has been even more aggressive, enacting a cyber law with strict security controls on tech companies and spreading its heavy-handed model throughout the developing world. And while the global tech industry is adapting to these new realities, ...Government's Cyber Monitoring Program Would Be […]
  • With cyber forces underequipped, DoD turns to rapid prototyping contracting - fifthdomain.com July 20, 2018
    fifthdomain.comWith cyber forces underequipped, DoD turns to rapid prototyping contractingfifthdomain.comAs a result, the military wants to quickly get these new cyber warriors the tools they need. To do this, they are turning to contracting vehicles such as other transaction authorities and the so-called IT Box construct as a way to skirt the traditional .. […]

ADVERTISEMENT

RSS Cyber War News (Bing)


ADVERTISEMENT

RSS Cyber Tag (Icerocket)


ADVERTISEMENT

RSS Cyberwar Tag (Wordpress)


ADVERTISEMENT


 
The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment

 


ADVERTISEMENT

In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


ADVERTISEMENT

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]


ADVERTISEMENT

ADVERTISEMENT

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


ADVERTISEMENT

Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]