recommended reading

Army leaders promote need for offensive cyber capability

jannoon028/Shutterstock.com

The Army needs to develop offensive cyber capabilities it can wield in battle the same way it uses artillery or air power, top service commanders explained at the Association of the United States Army annual conference yesterday.

Lt. Gen. Rhett Hernandez, commander of Army Cyberspace Command at Fort Meade, Md., said cyber threats against Army networks today are “real, growing, sophisticated and evolving . . . they are changing the way we operate.”

The threats require sophisticated defensive systems to detect and deter attackers. But the Army also must have the ability to “conduct cyber offensive operations when directed,” he said, adding that the ability to conduct cyberattacks should be integrated with traditional joint fires capabilities such as artillery.

Lt. Gen. Donald Campbell, commanding general of the Army’s III Corps and Fort Hood, Texas, said he incorporated cyberattack capabilities in a recent exercise, which allowed him to degrade the command-and-control system of an opposing force by 40 percent. Campbell said both offensive and defensive cyber capabilities must be incorporated in all exercises the Army conducts in the future.

During that exercise, Campbell said he also used social media to “target” the local populace, adding the service must figure out how to leverage social media as part of any campaign. The use of social media in battle is “bigger than the [public affairs office],” which currently manages it.

Campbell emphasized that cyber operations are integral to what happens on the battlefield and should not be relegated to the staff. Cyber operations “are a leaders business,” he said.

Lt. Gen. Mary Legere, Army deputy chief of staff for intelligence, agreed the service’s networks are under attack and said, “we need an ability to respond proactively.” The service needs a cadre of soldiers “trained to understand what they are doing and react at the speed of sound,” she said.

Building a viable cyber force goes beyond standard recruiting practices, Legere said. The Army stood up the 780th Military Intelligence Brigade at Fort Meade in December 2011 to support cyber operations and plans to staff it with university trained soldiers and civilians with a background in math and logic, Legere said.

But, she warned, for the troops of the 780th to become “game-changers” in cyberspace will require an additional three to five years of training. 

(Image via jannoon028/Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.