December 9, 2019 — Aprimary mission of the Department of Defense (DoD) remains defending the
nation in cyberspace, a function which has until this point has been oriented around the traditional Defense Support of Civil Authorities (DSCA) framework. However, conceptual confusion as to the most effective mechanisms for DoD support during national cyber emergencies has generated a perpetual “fog” that restricts the frameworks optimal employment. This paper examines the typical forms of DoD cyber support currently employed, and presents four additional pillars for consideration. These proposed pillars highlight the potential value of the DoD’s defined role and functionality as a supporting command to the private sector during national cyber emergencies. Furthermore, this paper recommends new, adaptable structures and defined roles that can serve as a model for the DoD’s future composition, disposition, and employment in cyberspace when called upon to defend the nation. Because the private sector is on the front lines of the conflict, a new model of Defense Support to the Private Sector (DSPS) needs consideration. MORE
|
December 9, 2019 — “The idea of degrading the opponent's information flow and, conversely, to protect or improve our own, has gained reasonably widespread acceptance and has resulted in important applications.”
-- Thomas P. Rona, Weapons Systems and Information War, 1976[1]
The Cold War ended in 1991 with the Soviet Union extinct and the United States
perhaps the most powerful country in history, at least in relative terms. President
Bill Clinton suggested at his 1993 inauguration that conflict had become an isolated phenomenon of extremists fighting against world order, disrupting nations and peoples but holding no real hope of accomplishing anything positive.[2] The end of the Cold War seemed to have restored respect for sovereignty grounded in international law. History had “ended” and the world had turned toward liberalism—but not wholly. MORE
|
December 9, 2019 — Policymakers and academics have raised concerns over escalation should states
adopt a more proactive cyberspace posture. The unspoken context for those
fears is potential, episodic, offensive cyber operations that threaten to cause,
or cause, physical damage. This narrow focus excludes an equally, if not more
important, strategic space—actual, continuous, strategic competition without resort to armed attack, a space which, according to 2018 U.S. strategic guidance, poses a central challenge to national security. U.S. Cyber Command (USCYBERCOM) has described a strategic approach to cyberspace intended to counter and contest adversary gains: persistent engagement. This approach is assessed through a re-consideration of Herman Kahn’s On Escalation. It is concluded that competitive interaction in cyberspace short of armed conflict in an agreed competition, as opposed to spiraling escalation, best explains the dynamic from persistent engagement and, consequently, prevailing concerns of escalation are unwarranted. Agreement to compete robustly short of armed conflict may be
the grand strategic consequence of cyberspace. MORE
|
November 15, 2019 — Welcome to the Fall edition of The Cyber Defense Review (CDR). This tenth edition of the CDR is published in conjunction with the Army CyberInstitute’s (ACI) International Conference on Cyber Conflict U.S.(CyCon U.S.), which takes place November 18-20, at the Crystal Gateway Marriott in Arlington, VA. The CyCon U.S. conference is the premier forum MORE
|
November 15, 2019 — Cyber operations are a perfect example of how efforts in one domain can affect virtually every aspect of a nations comprehensive security. The CDR was keenly interested in General David Petraeus’ view of comprehensive security, its whole-of-government implications, and its critical importance to the United States. The interview was conducted via MORE
|
November 15, 2019 — The United States government has made major strides in the past year in improving our nation’s cyber defense with initiatives such as the creation of the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the new DoD Defend Forward policies. However, our nation’s emphasis remains focused on improving MORE
|
November 15, 2019 — For Joint Force leaders to visualize and describe how the operational environment shapes the range of military operations, they must have a deep understanding of the capabilities comprising the multi-domain battlefield. The information environment, which Joint Publication (JP) 3-13 defines as the “aggregate of individuals, organizations, and MORE
|
November 15, 2019 — Data privacy and protection should be priorities for every business, large or small, regardless of sector or geographic location. Data collection is now a critical component of all business operations, whether it is client data to perform a simple service or enterprise data to ensure operations of critical infrastructure. In today’s operating MORE
|
November 15, 2019 — Information security and intelligence professionals have long known the value of thinking like their adversary. If the defender can put themselves into the mind of their adversary, they can predict behaviors, anticipate attacks, and make moves and counter-moves that frustrate their enemy at a level far beyond what a traditional reactive defense can MORE
|
November 15, 2019 — In June 2013, National Security Agency contractor Edward Snowden released a trove of information on classified U.S. Government surveillance methods. U.S. Intelligence chiefs warned that the ripple effects of the leak would be devastating and extensive. Five years later, in June 2018, Joel Melstad, a spokesman for the U.S. National MORE
|