The U.S. DOD Cyber Strategy has evolved quickly to meet a broad mix of current and expected threats. Computer and network security controls and strategies are the foundation of new military warfighting strategies. They must be designed to gain and hold information advantage, to strike at any distance, and to enable reliable and secure global command and control. At the same time, our commercial business infrastructure depends on reliable and secure internet infrastructure to conduct commerce. This may also include the defense of non-DOD owned Defense Critical Infrastructure (DCI) and Defense Industrial Base (DIB) networks and systems.
Strategically, the U.S. DOD is in competition with many overseas powers, including China and Russia. These powers have been using cyber-enabled military operations to impact our elections, exfiltrate sensitive military data, and gain advantages wherever and whenever possible. China has also been using cyber-enabled military operations to the same end goals. And nation-states are not the only problem – well-funded organized crime also threatens DOD agencies and branches. Organized crime may be the proxy for some of these nation states and has increasingly demonstrated high levels of skill in recent cyber attacks.
All of this has required a comprehensive strategy to preserve our cyber advantages and to identify and stop attackers before they can damage our infrastructure or exfiltrate sensitive data. In support of this, the DOD has developed a new strategy in concert with our allies and key partners that is designed to strengthen cyber capacity, expand combined cyberspace operations, and increase information sharing.
The new DOD strategy published in 2018 is comprehensive and outlines five pillars of focus that will help support and execute the overall national strategy.
Build a more lethal joint force
- The DOD needs to accelerate the development of cyber capabilities for warfighting and for dealing with malicious cyber attackers.
- The DOD needs to leverage automation and data analysis/analytics to identify malicious activity rapidly.
- The DOD has committed to build out these advanced capabilities using commercial-off-the-shelf (COTS) products that may be further tailored to meet the needs of special operational problems.
- Support for program innovation and agility will enable the DOD to keep up with advanced threats and to innovate faster than our strategic competitors.
Compete and deter in cyberspace.
- The DOD remains focused on deterring adversaries from conducting malicious and destructive cyberspace activity that could threaten the U.S. and our allies. Should deterrence fail, the DOD stands ready to employ the full spectrum of military capabilities in response.
- The DOD will provide an advanced persistent defense to meet and and defeat malicious cyber activity. Campaigns will be countered rapidly. This also will include the hardening and strengthening of the systems and networks that support the DOD in any area.
- The DOD will anticipate cyber activity that could target our critical infrastructure or have cascading or catastrophic consequences for our citizens. The goal is to increase the resilience of this infrastructure.
- The DOD will out execute our adversaries. Our cyberthreat-related decision processes (observe, orient, decide, and act – OODA) will be faster and better than those of our adversaries.
Reform the Department of Defense culture and training.
- Senior management must be cyber aware and cyber fluent so it can position day-to-day operational decisions in the context of current and expected cyberthreats.
- Reducing the DOD attack surface and reducing vulnerabilities requires a strong focus on leading edge best practices. Senior management must be accountable for its choices and management in this area.
- Move rapidly to deploy solutions that are affordable and flexible. At all times, favor the use of COTS software that can be used off the shelf or slightly modified to meet the needs of cyber defense programs. This is in lieu of the more traditional reliance on expensive, custom-built software to build and deploy cyber defense programs.
- The DOD will continue to fund and support crowd-sourced vulnerability identification to, at minimum, maintain parity with evolving threats.
Cultivate talent.
- Take the steps necessary to sustain a ready cyber workforce. Provide the opportunities to retain and attract talent at all levels with the department.
- Promote science, technology, engineering, mathematics, and foreign language education to, in turn, increase the critical pool of cyber talent.
- Software and hardware expertise must be a core DOD competency. Establish career tracks that reflect these priorities and reward success.
- Establish the best cyber talent management program in the industry. The goal is to identify the most capable specialists and then further empower those personnel to meet and defeat the Department’s toughest challenges.
As we know, it is virtually impossible to keep persistent attackers out of DOD networks. They will get in. Once within critical networks, these attackers will attempt to move laterally to identify DOD resources for theft and possible destruction.
Deception technology is a powerful security control designed to identify malicious and stealthy attackers once they are already inside of DOD networks. Deception technology has been used widely by the U.S. Government, our NATO allies, and by many commercial organizations in banking, finance, manufacturing, and many other industries.
Deception technology puts the Department of Defense on the offense to lure, identify, and then shut down these attackers. Uniquely, deception technology meets many difficult program requirements for the delivery of extremely high accuracy alerts, as well as reducing the high volumes of useless alert traffic. Deception technology can provide the most classified and secure programs with the advantages you need to maintain program security and stay ahead of your attackers.
Find out more about Acalvio and how deception technology can help the DOD get the edge over malicious nation-state attackers. We’d be pleased to introduce you to our latest technology and share information about customers that have used Acalvio ShadowPlex to protect the most health care institutions around the world.
Authors
