Rogers: Cyber Command capabilities at 'tipping point'

More than five years after its inception, U.S. Cyber Command is at a "tipping point" in maturing its offensive and defensive cyber capabilities, said Adm. Michael Rogers, the command's head.

"The capacity and capability is starting to come online," Rogers said Jan. 21 at an Atlantic Council event in Washington.

The Pentagon's cyber mission force, which is slated to reach about 6,200 personnel, is developing more "tangible" capabilities "that you will see us start to apply in a broader and broader way," added Rogers, who is also National Security Agency director. Cyber Command has built this capacity in part by drawing on the NSA's technical prowess.

The NSA in 2016 will increasingly focus on bolstering the cyber defense of weapons systems, Rogers said.

"We need to move beyond a focus on the network structure into how do we get into systems and platforms, because they have every bit as much level of vulnerability in many ways as our traditional backbone network structure," the admiral said.

Rogers's prioritization of cybersecurity in weapons systems is typical of the consistent alarm expressed by defense officials that tools pushed out to soldiers are vulnerable to hacking. Frank Kendall, the Pentagon's top acquisition official, has made cybersecurity in weapons a key piece of his latest round of acquisition guidance to the department.

It may take time for funding to catch up. Of the $3 billion the Air Force Space Command spent last fiscal year on cybersecurity, for example, not a single penny went to weapons' IT security.

'A whole lot more' OPM-style hacks coming

2016 will be an important year for the NSA. In the coming weeks, the agency will unveil what is likely its biggest organizational overhaul since the late 1990s.

The reorganization will include changes to the agency's workforce and innovation strategies, Rogers said last month. The revamp will also include efforts to greater integrate the agency's twin missions of foreign intelligence gathering and information assurance, he said Jan. 21. "I don't like these stovepipes" of activity currently residing in the NSA's Information Assurance Directorate, walled off from the agency's Signals Intelligence Directorate, Rogers added.

The NSA chief touched on cyber incidents affecting civilian agencies and the private sector.

 The OPM hack, and the big breach of health insurer Anthem Inc., demonstrated that "data is increasingly a commodity of value all on its own," Rogers said. Given the rising value of data, he added, "what you saw at OPM…you're going to see a whole lot more" of in the future.

Rogers also weighed on the use of encrypted communications, which has been a contentious topic in Washington. "Encryption is foundational to the future," he said. "So spending time arguing about, hey, encryption is bad and we ought to do away with it - that's a waste of time to me."