One year after Russia’s invasion of Ukraine, cyber leaders across the Defense Department want a new cybersecurity intelligence center and a heightened focus on increasing network bandwidth and reducing latency to accelerate information transfer and enable the U.S. military and allied partners to make mission-critical decisions faster without sacrificing cybersecurity.
Underpinning these efforts is an aggressive push for a zero trust approach to cybersecurity.
Col. Candice Frost, who leads U.S. Cyber Command’s Joint Intelligence Operations Center, said CYBERCOM plans to stand up a new cyber intelligence center to fill intelligence-gathering gaps at the combatant command level in DOD.
“Across the spectrum we really need a combatant command all-source intelligence,” she said during a Billington Cybersecurity breakfast event Tuesday. “We don’t have that for networks. The second side of it is the science and technology — we have a workforce of amazing analysts, but they’re kind of like me, political science majors, and I need some [analysts] really in the nuts and bolts with hardware and software. We’ve got to build that workforce then bring that together to build the cyber intelligence center.”
While Frost doesn’t have a timeline for the launch of the new center, the announcement comes before the release of the White House’s highly anticipated national cybersecurity strategy, which aims to respond to the sharp increase in cyberattacks and cybercrime stemming from the Russia-Ukraine war.
“In cyberspace, we’re physically growing more space, 'internet-of-things' grows exponentially,” Frost said. “God bless the government, but we’re not always the most forward-leaning. We’ve got to rely on our partnerships with industry. That’s one area that concerns me greatly. This attack surface continues to grow, and we don’t have the ability to perpetually defend it. 80% of it is in the hands of the private sector and, as much as DOD wants to take care of that, it’s just not plausible, so how do we make sure the Defense Industrial Base (DIB) stays as secure as possible?”
Jane Rathbun, the Department of the Navy’s (DON) deputy CIO, described data as “core to everything we do” during the Billington event. Data security and data access, which allow for mission operators to make the right decisions at the right time, drive current Navy investments, Rathbun added.
“This is where cloud becomes critically important to us,” she said. “I think it’s critical to the war fight. How do we enable (data) at the edge, make it trustworthy? Everything we’re doing with regard to zero trust, even SIPRNet 2.0, is about how to protect the data, not necessarily the network or the boundaries.”
Limited bandwidth is a primary Navy concern to improve information-sharing and data transfer with allied partners, such as Ukraine, at the speed of mission relevancy. Rathbun said the department is considering commercial satellite and lower-orbit capabilities to augment bandwidth.
“Lower stationary orbits could be a gamechanger with regard to access to bandwidth,” she said. “Afloat and ashore, in areas where we don’t have connectivity, so we’re going to double down on that.”
SpaceX’s Starlink system is the leader in low-orbit satellite services and recently gained notoriety for its use by Ukrainian military forces last year. U.S. Air Force Special Operations Command awarded a $1.9 million contract to SpaceX last year to deploy Starlink services in support of the Air Force’s 86th Airlift Wing in Europe and Africa, according to Space News.
Satellite services will be critical for DOD to execute its Joint All-Domain Command-and-Control (JADC2) initiative, which aims to connect air, land, sea and space for seamless information and data exchange to improve mission readiness and mission response times. The ultimate goal, according to defense leaders, is information dominance.
At the Department of the Air Force, telecommunication latency is another barrier to achieving information dominance. Before she leaves the office in June, CIO Lauren Knausenberger hopes to dramatically improve latency issues for the department, an initiative directly related to its recently released zero trust roadmap.
Air Force is currently working with the Defense Information Systems Agency (DISA) to “kill” latency in areas with lower connectivity, Knausenberger said, by addressing inefficiencies with transactional paths, gateways and credential cashing practices.
“If you’re in the Pacific, you have the worst latency, and the Pacific is pretty important to our strategy and future fight,” Knausenberger said at the Billington event. “We are sending too much traffic back to the U.S. We’re really looking at cashing certificates locally and using next-gen gateways. Ideally, we will be able to jump to commercial and go directly, given that our data will never necessarily be at rest in an overseas data center, which has been the crux of the issue for a long time.”
5G underpins these efforts, she added.
"And where 5G is not available: LTE," Knausenberger said. "We have bases all over the world where if you don’t put in a cell tower, coverage is pretty spotty. We have a lot of major interest from the major telecommunications providers to put towers on our bases and that’s a DOD-wide effort."
For all of DOD, plans to improve intelligence-gathering and connectivity through increased bandwidth and reduced latency are rooted in mission needs and zero trust.
“We don’t want it to be easy for adversaries to get our data, to extract our intelligence,” Knausenberger said. “There’s a huge security piece, but we need to do it in such a way so that we’re not only protecting the data from ourselves where we’re so focused on that iron wall that we can’t get to the data either. The most important thing for me is that zero trust as a concept, as a North Star, allows us to simplify our operating environment. We’re trying to get to one warfighting environment with our joint partners and allies. We need to be able to grab every signal we need for the resiliency and redundancy of our mission. We want our warfighters to connect or disconnect anywhere they choose. The way we’re architecting our zero trust approach gets us closer to that.”