Transcript Army Cyber Command
UNCLASSIFIED
ARCYBER
The Next Battlefield
UNCLASSIFIED
OVERALL CLASSIFICATION
10 December 2013
UNCLASSIFIED
Cyberspace as a Domain
CYBERSPACE:
A
global domain
within the information environment consisting of the
interdependent
network of information technology infrastructures, including the
Internet
,
telecommunications
networks,
computer systems
, and embedded
processors
and controllers. (JP 1-02) • Man-made domain – ever changing •
Interdependent w/ traditional war-fighting domains
.
• Not special or separate – part of every unit’s Operating Environment •
Physical, logical (virtual), and social
characteristics •Instantaneous operational reach –
global battlefield.
Constant presence – evolves at the speed of code!
2 UNCLASSIFIED
UNCLASSIFIED
Evolution of the Operational Environment
(Emergence of Cyberspace)
Past
Classical – AirLand Battle
Today
Classical –Network Enabled
Future
Land Cyber
CYBER CYBER
OPTEMPO Increasing Convergence has taken place between land-human-cyber; so successful Unified Land Operations will require integrated and successful cyberspace operations
3 UNCLASSIFIED
UNCLASSIFIED
Threat…Contested Environment
• Sophisticated, Growing and Evolving • Exploiting daily, Increasing disruption, Developing destruction capabilities • Current approach is not defendable or affordable – Limited Situation Awareness – Disparate Networks – Reactive Defense (Signature-based) – Compliance is our first line of defense
Threats Developing Faster Than We Can Protect Against Them 4 UNCLASSIFIED
United States Cyber Strategy
UNCLASSIFIED
• • •
U.S. International Strategy for Cyberspace : “…combine Diplomacy, Defense & Development prosperity, security & openness…” Dissuading and Deterring Strengthening Partnerships Building Prosperity and Security to enhance Our strategic approach is always grounded by our unshakable commitments to fundamental freedoms of expression, privacy, and the free flow of information
• • • • •
Department of Defense Strategy for Cyberspace Treat cyberspace as an operational domain Employ new defense operating concepts Enable a whole of government cybersecurity strategy Build relationships with U.S. allies and International partners Leverage the Nation’s ingenuity U.S. Joint Cyberspace Doctrine is Emerging and Evolving UNCLASSIFIED 5
UNCLASSIFIED
U.S. Cyber Command On June 23, 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command (USSTRATCOM) to establish a sub-unified command, United States Cyber Command (USCYBERCOM). Full Operational Capability (FOC) was achieved October 31, 2010. The command is located at Fort Meade, MD
.
Service elements include: Army Cyber Command (ARCYBER); Air Forces Cyber (AFCYBER); Fleet Cyber Command (FLTCYBERCOM); and Marine Forces Cyber Command (MARFORCYBER). The Command is also standing up dedicated Cyber Mission Teams to accomplish the three elements of our mission.
UNCLASSIFIED 6
UNCLASSIFIED
U.S. Cyber Command
USCYBERCOM Mission: networks
plan, coordinate, integrate, synchronize and conduct activities to: direct the operations and
defense of specified Department of Defense information
and; prepare to, and when directed,
conduct full spectrum military cyberspace operations
in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.
Mission Areas Cyber Forces Defend the Nation
Cyber National Mission Forces
DoD Information Networks (DODIN)
DISA/Services Cyber Protection Forces
Combatant Command Support
Cyber Combat Mission Forces (CCMD Aligned)
Lines of Operation
3 Lines of Operations - Running Throughout the Mission Areas
1. DODIN Operations 2. Defensive Cyber Operations (DCO) 3. Offensive Cyber Operations (OCO) 7 UNCLASSIFIED
UNCLASSIFIED
Army Cyber Command
Our Mission
Army Cyber Command/2 nd Army plans, coordinates, integrates, synchronizes,
directs
, and conducts network
operations
and
defense of all Army networks
; when directed, conducts
cyberspace operations
in support of full spectrum operations to ensure U.S./Allied
freedom of action in cyberspace
, and to deny the same to our adversaries.
2 nd Army / Army Cyber Command
• Serve as Cyber Proponent • Conduct Information Operations
Cyberspace Operations = Build + Operate + Defend + Exploit + Attack 8 UNCLASSIFIED
Command & Control…Evolving
UNCLASSIFIED Army Cyber Center (USMA) Cyber Center of Excellence (TRADOC) STRATCOM CYBERCOM Army
•
Organize to Support Combatant Commands ARCYBER/ 2 nd PROPONENT Army
•
Train, Organize, Equip to Meet Requirements Army Cyber Operations and Integration Center (ACOIC) ARNG Cyber Units USAR Cyber Units NETCOM/ 9 th SC 1 ST IO CMD (L) CYBER BDE (780 th MI) INSCOM Unity of Effort for Cyberspace Operations 9 UNCLASSIFIED
Army Cyber Command Roles
UNCLASSIFIED
Defense of All Army Networks Serves as Service Component to U.S. Cyber Command Train, Organize and Equip Provide Trained & Ready Forces Build Joint Force Headquarters-Cyber capability Integrate Cyberspace into Planning and Exercises Cyber Education, Training and Leader Development Build Partner Capacity Conduct Information Ops for the Army Support to Institutional Cyber Force Development
10 UNCLASSIFIED
Defending All Army Networks
UNCLASSIFIED
• • • • • • • • • • •
Collapse to a defendable enterprise network Provide all-source indications and warnings Maintain cyber situational awareness Ensure Intel-Ops Signal (“2-3-6”) integration Train and equip all Army HQs, units, and users to defend their networks Recognize and understand the importance of trusted and disciplined system and network administrators Monitor and enforce compliance Conduct forensics of all attacks Obtain required tools and capabilities Identify and defend cyber key terrain Ensure future integration into the Joint Information Environment framework
• • • • • • •
Army Networks 400+ Network Connections 700+ Circuits Over 800,000 Workstations Over 35,000 Servers Over 90,000 Mobile Devices Over 1,200,000 Users A Global footprint Must Defend to Maintain the Freedom to Operate 11 UNCLASSIFIED
Cyber “In Stride” Initiatives
UNCLASSIFIED Strategic Landpower LandCyber White Paper Cyber Home Station Training Pilot Cyber Security Assessment Teams FY14 FORSCOM Training Guidance Cybersecurity Awareness Week FORSCOM Cyber Summit Commanders Program on Cyberspace Risk Mission Command Assessment Teams TRADOC Plan for Cyber Center of Excellence World Class Cyber Opposing Force Cyber-Electromagnetic Activities (CEMA) Elements
Do What We Can Now While More Develops
12 UNCLASSIFIED
UNCLASSIFIED UNCLASSIFIED
Evolving Doctrine
•
JP 3-12 (Cyberspace Operations):
Cyberspace Operations
are the employment of cyberspace capabilities where the primary purpose is to achieve objectives in or through cyberspace Most aspects of Joint Operations rely in part on cyberspace Commanders conduct cyberspace ops to retain freedom of maneuver in cyberspace and deny • freedom of action to adversaries
FM 3-38 (Cyber-Electromagnetic Activities):
Activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy use of the same and protecting mission command systems
13
UNCLASSIFIED
Army Cyber Training
Vision: A team of elite, trusted and disciplined cyber warriors trained to operate and defend Army networks Individual Level
• Increase individual cyber awareness (passwords, software updates, suspicious attachments); Begin with Initial Military Training • Certification is a first step…Every user has training requirements • Ensure leaders understand and are capable of planning Cyber ops
Unit Level
• Train units for a degraded cyber environment • Seek opportunities to integrate and evaluate Cyber ops into planning, training, and exercises at all levels • Synchronization of Cyber ops with all other operations is imperative • Establish cyber OPFOR capability
Service/Joint
• Establish and meet Joint cyber training standards
Making the US Army “Second to None” in Cyberspace… Training and Leader Development is the Key 14 UNCLASSIFIED
Establish New Systems Engineering FA26
Operations LT/CPT MAJ LTC COL
25D - Cyber Network Defender
HQDA Approved 25D MOS Nov 2013 Five CND Specialties JAN 2014: Recruiting Target MOS 25B predominate pool
Candidates for MOS, as follows:
•
MOS Immaterial
• • •
A SSG ALC graduate with at least 8 years TIS At least 4 years of experience in IA and IT. This experience must be verified IA Certification: Must hold a current certification under either IAT Level II or IAM Level I IAW DoD 8570.01-M
811 •
Qualifying Scores. A minimum score of 105 in aptitude areas GT and ST on Armed Services Vocational Aptitude Battery (ASVAB) tests administered on and after 1 July 2004
•
Possess a security clearance of TOP SECRET (TS) sensitive compartmented information (SCI)
•
U.S. citizen
•
Meet service remaining requirement per AR 614-200 (36 months)
•
A physical demands rating of medium
•
A physical profile of 212221
•
Normal color vision
Ongoing Initiatives
Science, Technology, Engineer, Math (STEM) 50% SC Accession Targets
Additional Point on OML for STEM Cadets
Voluntary Transfer Incentive Program (VTIP) for FA and BR MOCS Action approved requiring STEM and TS-SCI for FA53
Increased Throughput FA53 ISMC Submitted request to document Civilian Certifications on ORB
Cyberspace Operations and Security Training With Industry (TWI)
Zero-based update of all ACS/TWI Requirements
Documented CPT officer positions as Cyber related ACS utilization assignments
CMF KD positions in DA Pam 600-3 for AOC 24A, 25A, 53A & Signal WO 40 Seats USAF Cyber 200 Course and 45 at 300 Course for FY 14 (CW4 instructor assignment @ AFIT) 8 annual ACS seats for AFIT Cyber related MS Degree Programs (PhD instructor assignment @ AFIT) Implemented TS-SCI Cyber Threat briefing for all Signal PCC Piloting ECOPS for all Signal PCC Signal Regimental Officer Transformation MOCS Action (AOC 25G and FA 26) Increased SC WO accessions to meet CMF build requirements HQDA approved 25D MOCS Action / 25D Pilot course 25D In-Service Screening Test (ISST) CIO/G6 provided DoDD 8570 annual IA/Cybersecurity recertification vouchers
Developing Initiatives
• • • • •
Incorporate SANS MS Degree into FA 26 education program Organic ACOPC instructor capability in the Cyber Leader College Cyberspace Technological Enrichment Program (CTEP) (HIA) Non-MEL4 Fellowship @ NCCIC and FCC for field grade and warrant officers USCC/NSA CMF equivalency for SC AOC/MOS qualification training course
• • • •
SIGCoE Course Emphasis on Blended Education vice Training Army Career Tracker Pilot for all Signal Regiment Officers, WO, Enlisted Select SC 2LT to USAF Undergraduate Cyber Training @ Keesler AFB Army Cyber Assessment (ACA) transfer of responsibility from ARCYBER
UNCLASSIFIED
What We Must Do
• Embrace cyberspace as a contested domain • Know the threat….It is not random • Treat the Network as a weapon system • Enforce Compliance with Basic Standards and Discipline • Cyber security is not a given and remediation is expensive • This is leader’s business • Conduct Training and Leader Development • Make people the Centerpiece, not Technology
Strong partnerships are critical to success
19 UNCLASSIFIED
UNCLASSIFIED
Cyber Warriors
Vision: Professional team
Elite, trusted, precise, disciplined warriors
Culture of trust, respect, and dignity
Who
Defend and operate all military networks Provide dominant effects in cyberspace Ensure Mission Command Enable Unified Land Operations Ensure a decisive advantage—Land and Cyber
The Key to Cyberspace Operations is People, not Technology 20 UNCLASSIFIED
Questions
UNCLASSIFIED
“Transforming Cyberspace While at War… Can’t Afford Not To!”
UNCLASSIFIED 21