Nov. 15, 2021

The Cyber Defense Review: Thinking of the Future

Since the publication of Johannes Kepler’s novel, Somnium, science fiction has played an interesting role in society. It has been used to inspire (just ask how many current astronauts point to Star Trek as their reason for their chosen profession), to inform about possibilities (driverless cars have appeared in numerous films), or to serve as a warning (pick any post-apocalyptic movie…there’s too many to list). Many of the current cyberspace challenges we face were, at one time, the stuff of science fiction. While it is possible to fixate on the negative aspects of the current and future state, the many authors in this issue offer potential solutions for our challenges. Hopefully, their perspectives and proposals will move us beyond the status quo to reach a more advantageous state.

Nov. 15, 2021

Responding to Proxy Cyber Operations Under International Law

The United States (US), its allies, and other partners are engaged in long-term strategic competition with Russia and China—near-peer adversaries adept at operating in the grey zone of international law, where the precise contours of the law are difficult to discern. They do so to complicate our response options, in part to avoid provoking a direct military response. Increasingly, cyberspace is that grey zone, a domain in which Russia, China, and other adversaries such as Iran and North Korea mount cyber operations ranging from cyber-enabled espionage, theft, and propaganda campaigns to significantly more disruptive and destructive operations. In particular, they often leverage non-state actors—cyber proxies—to do their bidding because proxies further complicate legal and policy assessments of the operations. And those assessments determine the response options available to victim states.

Nov. 15, 2021

Toward a Zero Trust Architecture Implementation in a University Environment

The core concepts of Zero Trust Architecture have existed since the Jericho Forum in 1994 and have served as the goal of cyber security specialists for many years. Zero Trust Networks and Architectures are extremely appealing to institutions of higher learning because they offer the flexibility to support research and learning while protecting resources with different protection levels, depending on the sensitivity of the resource. This paper investigates how other universities can employ the Zero Trust Architectures using the West Point model.

Nov. 15, 2021

What Every Leader Needs Now in This Unprecedented Era of Global Competition

The global pandemic forced recognition of what many already knew: the world has changed in ways that significantly alter every organization’s strategic planning; few will adapt and thrive, but most will remain stagnant and perish. The world as we think we know it no longer exists. Every consequential factor, of a weakened competitive position in this new era, will cascade across our traditional landscape of responsibilities: militaries can no longer defend national borders; governments can no longer control what happens to their constituencies; and businesses are now both the primary targets and prime facilitators of global affairs.

Nov. 15, 2021

Practical Cyber Risk Management for Tactical Commanders

Risk management in today’s complex threat environment necessitates decision rules that integrate cyber risk control into the overall mission risk profile. This article outlines cyber risk management decision rules that are based on lessons learned from the Expeditionary Signal Battalion-Enhanced (ESB-E) prototype, which adapted Special Operations Forces (SOF) and commercial-off-the-shelf (COTS) capabilities by applying a rapid fielding and feedback approaches within the scope of the Army Futures Command. Focus areas include the use of diverse COTS systems and satellite communications providers to mitigate risk, controlled system maintenance processes, capitalizing on behavioral bias in cybersecurity, integrating enterprise services, and keeping pace with technological innovation trends. Lessons learned are intended to give tactical commanders practical cyber risk management options within the overall scope of mission risk management.

Nov. 15, 2021

Information Advantage Activities: A Concept for the Application of Capabilities and Operational Art during Multi-Domain Operations

The Multi-Domain Operations (MDO) doctrinal framework is the driving mechanism for transforming the U.S. Army into a dominant information-age military force. To address the informational power aspects associated with MDO, the U.S. Army’s Training and Doctrine Command (TRADOC), in partnership with the Cyber Center of Excellence (CCoE), developed the Information Advantage (IA) and Decision Dominance (DD) doctrinal framework. Within this framework, “commanders seek to achieve DD, a desired state in which a commander can sense, understand, decide, act, and assess faster and more effectively than an adversary by gaining and maintaining positions of relative advantage, including IA.” IA is “a condition when a force holds the initiative in terms of relevant actor behavior, situational understanding, and decision-making using all military capabilities through the conduct of Information Advantage Activities (IAA).” Lastly, IAA is defined as “the employment of capabilities to enable decision-making, protect friendly information, inform and educate domestic audiences, inform and influence international audiences, and conduct information warfare.”

Nov. 15, 2021

Military Authorizations in a Connected World: DoD’s Role in Cyber Influence Operations

The open nature of the Internet, allowing the unprecedented free flow of information, has given rise to a new type of attack surface. Cyber activities in the gray zone, which falls between diplomatic engagement and military action, includes disinformation campaigns and influence operations. These activities raise questions regarding responsibility and proportionate response. This article examines the distinction between influence operations and more traditional conflict, specifically in a gray zone of blended activity. It also addresses the role and authorities of the Department of Defense (DoD) governing cyberspace activity. Deterring and countering adversary influence operations require a multipronged approach of regulation, education, and government agency action to focus agency authorities and resources where they are needed most. DoD has the technical resources to lead the government’s efforts to counter and deter such operations but is limited by policy and law. This article considers how DoD can effectively operate under its Title 10 and Title 50 authorities in the gray zone and introduces a heuristic construct for the role of influence operations in the continuum of conflict.

Nov. 15, 2021

Causal Reasoning with Autonomous Systems and Intelligent Machine Applications

In the field of Artificial Intelligence (AI), Machine Learning (ML) techniques and algorithms have been employed in a wide variety of domains and have demonstrated incredible capabilities as well as continued applicability to an ever-expanding number of areas and applications. Image and speech recognition, medical diagnosis, classification and prediction, information extraction (i.e., deep learning), commercial market and customer analysis, robotics, and self-driving vehicles are a few of the many areas where ML has either made possible or had a significant impact. Yet for all this progress, the field of AI has not yet approached what many consider the holy grail of AI: machines with human-like intelligence. Causal analysis is essential for realizing the vision of human-like reasoning: it brings the ability to determine cause-effect relationships and provides a basis for reasoning about interventions (i.e., doing), as well as what might have happened had events occurred differently (i.e., imagining/retrospection) which are fundamental characteristics of human reasoning. Causal analysis has seen widespread use and success in epidemiology, social science, and other fields for decades. Even so, its use in engineering, computer science, and AI has been limited and its potential is just beginning to be widely recognized and applied.

Nov. 15, 2021

DoD Has Over 3.5 Million Insiders – Now What?

DoD employs about 3.5 million military and civilian direct employees, contractors, and reserve personnel. In addition, over 50,000 contracted entities (e.g., groups and organizations) can connect directly to the DoD Information Network (DoDIN) to collaborate and protect DoD systems and sensitive data. These imperfect users often interact with DoD across multiple classification domains and IT systems. Without focusing on potentially damaging insider activity, DoD will fail to meet the 2018 Cyber Strategy objectives, and adversaries will continue to erode our technical overmatch while imposing excessive remediation costs. This erosion occurs not only through attacks using technical means but also through exploitation of insiders. This article will introduce and urge the implementation of a framework to more effectively address insider threats by providing an empirical measure of each user's risk through their actual behaviors. This model will give the user near-real-time awareness of personal behaviors counter to organizational policy and cybersecurity requirements. This measure will also empower management to target training, remediation, and risk reduction while also allowing decision-makers to determine which user risk-exposed areas, roles, or practices require additional remediation. As a result, all organizational decision levels will be better able to improve cybersecurity resiliency in the face of an ever-evolving insider threat landscape.

Nov. 15, 2021

Lessons for the DoD when Planning for the Future of S&T

Telling the future is not yet possible, but we have nearly come to expect it, thanks to incredible achievements in technology which presents us with an ever-improving sense of what is probable. This has introduced interesting challenges, for example, when DoD prepares for future states of the world. This was a challenge recently undertaken by researchers at OUSD (R&E), where a glimpse into science and technology out to the year 2045 was explored as part of a Congressionally mandated report included in the 2020 NDAA. A credible team of experts was commissioned for the effort, who additionally organized a complement of technology analysts and writers. A parallel project was conceptualized and nominated by a few researchers who felt it important to investigate the thoughts and perspectives of professionals whose worldview is dominated by such matters: futurists, technology forecasters, and science fiction writers. Thus, the OUSD (R&E) Principal Director for Cyber agreed to launch Project Valence (the namesake being a nod to the gregarious nature of valence electrons); the members of which successfully reached a dozen such luminaries, and recorded nearly 30 hours of unbridled exploration about the world to come. Notably, regardless of whether visions prove to be true, such a world will undoubtedly feature a fighting force charged with the defense of America, comprised of experts many of whom have not yet been born.