Upload
megan-wilkerson
View
213
Download
0
Embed Size (px)
Citation preview
Perspectives onCyberspace Research Needs
Cyber Research WorkshopLouisiana Tech University
Center for Secure Cyberspace
Lt General Bob Elder, USAF (Retired)
15 November 2010
Overview
• Evolving Cyber Environment
• Cyber and Cyber-enabled Business Operations
• Cyber Security and Defense
• Mission Assurance
• Exploiting Cyberspace
• Operational & Strategic Cyber Leaders
The Nation requires cyber and cyber security expertise
Today’s Cyber Environment
• National Focus is on cyber security—$18B in FYDP– Effort limited to federal government networks– Critical need for state and local government,
commercial, and private use network protection• World focus is development of cyberspace for global
business—leaders are found outside the United States• Information now a commodity; knowledge management
tools and services prevent information overload• Value Chain is changing—consumers interact with
businesses to develop tailored products (Dell)• Social networking drives behaviors, choices, politics
Key Cyber Functional Elements
Data CollectionKnowledge Creation(Info Management)
Network OpsNetwork Security
(Communications)
Legacy EnhancementGlobal Integrated Ops
Administrative OpsMission Assurance
(Operations)
Actions in & through Cyberspace
Ways:
• Information Operations
• Network Operations
• Kinetic Actions
• Law Enforcement
• Counterintelligence
Enablers:
• Science & Technology
• Partnering
• Intelligence Support
• Law and policy
• Trained personnel 6
National Military Strategyfor Cyberspace Ops (NMS-CO)
Joint Capability Areas:
• Battlespace Awareness
• Force Generation
• Command and Control
• Information Operations
• Net-centric Operations
• Global Deterrence
• Homeland Defense
• Interagency Integration
• Non-governmental organization coordination
Civilian Cyberspace Use
• Establish Networks – TELECOMs, ISPs, Businesses
• Maintain Networks (Security) – CIOs, CTOs, CISOs
• Defend Networks (Business) – COOs, Associations
• Business Ops Assurance – Risk Management
• Ops through Cyber – Business Enhancement
• Ops through Cyber – Marketing/Sales
• Ops through Cyber – Knowledge Management
• Ops in Cyber – Virtual Travel
• Ops in Cyber – Virtual Presence
• Ops in Cyber – Producer/Consumer Dialogue
7
Major Cyber Security Players
Defense
• Law Enforcement
• Intelligence Community
• Homeland Security
• Counterintelligence
• Military
• Industry Consortiums
• Regulatory Agencies
• Commercial Providers
Potential Adversaries
• Organized Crime
• International Terrorists
• Domestic Terrorists
• Nation-State Intelligence
• Nation-State Military
• Industrial Intelligence
• Cyber “Vandals”
8
Full Spectrum Cyber DefenseFull Spectrum Cyber Defense
Cyberspace Typology
• Private/Open
• Commercial
• Regulated Commercial
• Government (.gov)
• Military (Admin)
• Military (Ops)
• Economic Security
• Public Safety
• WMD/E Defense/I&W
Glo
bal I
nfor
mat
ion
Grid
and
DO
D N
etw
orks
US
Gov
ernm
ent
Cyb
ersp
ace
Sta
te &
Lo
cal
Go
v’t
Cyb
ersp
ace
Other USCyberspace
(includes DIB)&
AssociatedCyber
Infrastructure
CADC FOCUS
Cyberspace Business Areas
COMMERCE
Cyberspace importance is increasing
Cyber Ops
• Establish the Domain– Form Cyber Networks– Secure Cyber Networks
• Defend the Domain– Passive Defense– Active Defense
• Use the Domain– Business Augmentation– Internet Business– Participatory Services
PhysicalNetworks
Information Protection
Electronics (& Infrastructure)
Elec
trom
agne
tic S
pect
rum D
igital Data &
Code
Cyber Use
Force Protection
Elect
roni
c
Prote
ctio
nD
ata/Code
Protection
InfluenceProtection
Physical Attack(includes Directed Energy)
CyberAttack
ElectromagneticSpectrumAttack
Influence Attack
LogicalNetworks
WirelessNetworks
Effects of Attacks:• Denial of Service• Confidential Data Loss • Data Manipulation• System Integrity Loss
Social Networks
LawEnforcement
Offense
Mission Assurance: Focus on Effects
ATTACKS TARGETS EFFECTS
Human Organization
Mission Layer
App/Session Layer
OS/Network Layer
HW/Systems Layer
Devices & Linkages
DisinformationConfusionC2 DisruptionAlter Behaviors
InaccuraciesInduced FailuresDenial of ServiceData Exfiltration
MalfunctionsPerformance lossLost Comms
Insider Attacks;Social engineering
Data and policyCorruption
Worms, virusesFlooding
Backdoor Implants
Physical Destruction
Code ManipulationMalware
Source: 2008 AFSAB Study
Passive Defense Active Defense Mission Assurance
SensorData
SensorData (in)
IntelInfo (out)
IntelInfo
Intel InfoCmd Input
GndStation
Cmd Out(Gnd Cdr)
Control (in)Data (out)
Cmd Out(Air Cdr)
Control (out)Sensor (in)
Sensor(Out)
CoordAOC/ASOC
CoordAOC/ASOC
Coord
AOC-UAS Terrestrial
Sensors
RPA: Remotely Piloted AircraftAOC: Air Operations CenterASOC: Air Support Operations Center
Target
AOC Resiliency Study—C3 View
RPA Ctrl
AOC
ASOC
FusionCenter
AOC Resiliency Study—Ops View
RPA Ctrl ASOC
FusionCenter
GndStation
AOC
SensorData
Sensors
Intel Info
SensorData (in)
IntelInfo (out)
Control (out)Sensor (in)
Sensor(Out)
Coord
Control (in)Data (out)
AOC/ASOCCoord
AOC-UAS Terrestrial
Dotted lines denote operational connections
RPA: Remotely Piloted AircraftAOC: Air Operations CenterASOC: Air Support Operations Center
Target
Degraded Cyberspace
15
Observe
PhysicalSpace
Cognitive “Space”
Sensors DataIntegration
OpsIntegration
Effects(Integrated Actions)
KnowledgeOperations
LegacyOperations
Intelligence
Cyberspace Exploitation
Logistics
Cyber
Orient
DecideAct
Situational Awareness
Linked Ops CentersCyber-enabled Global Operations
Value Chain in a Cyber World
OPPORTUNITIES• Shopper Dialogue• Information
Sharing• Synchronized
Production• Integrated
Logistics• Sustainability• Company Cyber
Culture
16
Consumer isa Partner
Quality isa commodity
OpenNetworkrules
ConsumerBehavior
Prod
uct
Flow
Information
Flow
FutureValueChain
GCI Initiative, 2008
Warfighter-Industry Collaboration
Military User
(Warfighter)WIC-E
RequirementDevelopers
Programmers
AcquisitionCommunity
Capability Provider(Private Sector)
NormalProcess
“WIC-E”Process
Test &Evaluation
Multi-State CADC Relationships
LANOSC
ARNOSC
MSNOSC
TX NOSC
Cyber Assurance and Defense Network Center
ARGuard
LAGuard
MSGuard
TXGuard
Internet
AR Network LA Network MS Network TX Network
Operational & Strategic Leaders
Operational LeaderSupervise and
integrate technical skills with mission
Technical SkillsSuch as cyber Security, Info Assurance,
Software Assurance, Network Mgmt, Communications, Knowledge Management, Visualization …
StrategicLeader
Exploit Cyberspace
CurrentCyber WorkforceDevelopmentFocus
Cyber-enabledLeadershipDevelopmentShortfall
Facilitating Cyber Partnerships
NationalGuard
LawEnforcement
Cyber(& related)Industries
Dept of HomelandSecurity
CyberSecurity &DefenseCenter
CyberspaceInnovation
Center
AcademicCommunity
Assurance& SecurityEducation
DoD
Challenge: Cultural (R)evolution
Hierarchical Culture Cyber Culture
21
Hierarchy Level ---- Power ---- ConnectionsHierarchy Level ---- Value ----- Contribution
Future
Alternative Strategies are available: Can we “break” the cultural barrier?