Can the US government and private industry unite to fight off those who are intent on waging cyber anarchy? The Defense Department hopes so and it has devised a plan to help promote that cooperation.
More on security threats: Stolen US military IDs ideal cover for army of online dating scammers
Securing the nation's networks will require unprecedented industry and government cooperation, Deputy Defense Secretary William J. Lynn told attendees at the RSA security conference this week. .
"Through classified threat-based information, and the technology we have developed to employ it in network defense, we can significantly increase the effectiveness of cyber security practices that industry is already carrying out," Lynn said. Lynn noted that more than 100 foreign intelligence agencies have attempted intrusions on US networks.
The department already shares some unclassified threat information with defense companies that have networks containing sensitive information, Lynn said. He added that a pressing policy question remains as to whether classified signatures and their supporting technology should be shared across the full range of industrial sectors supporting the military and the economy. "The real challenge, at this point, is developing the legal and policy framework to do so."
The DoD is implementing a few key programs to help this effort, known as Cyber 3.0. For example:
- To spur security improvements, the Defense Department is adding $500 million for new research in cyber technologies, with a focus on areas like cloud computing, virtualization, and encrypted processing.
- DoD will offer seed capital to companies through its "Cyber Accelerator" pilot program to produce dual-use technologies that address cyber security needs.
- The Pentagon will expand its Information Technology Exchange Program, which manages temporary "job-swaps" between the department and industry IT experts.
- The department is beginning a program to maximize its use of cyber expertise within the National Guard and Reserve.
The department must speed its adoption of new technologies, Lynn said. "It currently takes the Pentagon 81 months to field a new information technology system. The iPhone was developed in just 24 months," he said. "We have to close this gap, and Silicon Valley can help us."
More on Cyber 3.0 from the Stars and Stripes blog: Lynn said DOD's new strategy, "Cyber 3.0," is nearing completion. It breaks down to five parts: DOD will treat the cyberworld as a warfare domain on par with air, space, land and sea; continue installing "active" defenses in networks -- probes that seek out malware before they strike; focus on protecting computer-connected infrastructures like power grid; connect to allies; and ensure the U.S. "retains its preeminent capabilities" over others, just like with its conventional armed forces. "I'm always reluctant to put a deadline on ourselves," Pentagon spokesman Bryan Whitman said, in an email, "but I would expect to see the strategy in the next couple of months."
"With the threats we face, working together is not only a national imperative," he said. "It is also one of the great technical challenges of our time," Lynn stated.
Follow Michael Cooney on Twitter: nwwlayer8
Layer 8 Extra
Check out these other hot stories: