Perspectives onCyberspace Research Needs

Cyber Research WorkshopLouisiana Tech University

Center for Secure Cyberspace

Lt General Bob Elder, USAF (Retired)

15 November 2010

Overview

• Evolving Cyber Environment

• Cyber and Cyber-enabled Business Operations

• Cyber Security and Defense

• Mission Assurance

• Exploiting Cyberspace

• Operational & Strategic Cyber Leaders

The Nation requires cyber and cyber security expertise

Today’s Cyber Environment

• National Focus is on cyber security—$18B in FYDP– Effort limited to federal government networks– Critical need for state and local government,

commercial, and private use network protection• World focus is development of cyberspace for global

business—leaders are found outside the United States• Information now a commodity; knowledge management

tools and services prevent information overload• Value Chain is changing—consumers interact with

businesses to develop tailored products (Dell)• Social networking drives behaviors, choices, politics

Key Cyber Functional Elements

Data CollectionKnowledge Creation(Info Management)

Network OpsNetwork Security

(Communications)

Legacy EnhancementGlobal Integrated Ops

Administrative OpsMission Assurance

(Operations)

Actions in & through Cyberspace

Ways:

• Information Operations

• Network Operations

• Kinetic Actions

• Law Enforcement

• Counterintelligence

Enablers:

• Science & Technology

• Partnering

• Intelligence Support

• Law and policy

• Trained personnel 6

National Military Strategyfor Cyberspace Ops (NMS-CO)

Joint Capability Areas:

• Battlespace Awareness

• Force Generation

• Command and Control

• Information Operations

• Net-centric Operations

• Global Deterrence

• Homeland Defense

• Interagency Integration

• Non-governmental organization coordination

Civilian Cyberspace Use

• Establish Networks – TELECOMs, ISPs, Businesses

• Maintain Networks (Security) – CIOs, CTOs, CISOs

• Defend Networks (Business) – COOs, Associations

• Business Ops Assurance – Risk Management

• Ops through Cyber – Business Enhancement

• Ops through Cyber – Marketing/Sales

• Ops through Cyber – Knowledge Management

• Ops in Cyber – Virtual Travel

• Ops in Cyber – Virtual Presence

• Ops in Cyber – Producer/Consumer Dialogue

7

Major Cyber Security Players

Defense

• Law Enforcement

• Intelligence Community

• Homeland Security

• Counterintelligence

• Military

• Industry Consortiums

• Regulatory Agencies

• Commercial Providers

Potential Adversaries

• Organized Crime

• International Terrorists

• Domestic Terrorists

• Nation-State Intelligence

• Nation-State Military

• Industrial Intelligence

• Cyber “Vandals”

8

Full Spectrum Cyber DefenseFull Spectrum Cyber Defense

Cyberspace Typology

• Private/Open

• Commercial

• Regulated Commercial

• Government (.gov)

• Military (Admin)

• Military (Ops)

• Economic Security

• Public Safety

• WMD/E Defense/I&W

Glo

bal I

nfor

mat

ion

Grid

and

DO

D N

etw

orks

US

Gov

ernm

ent

Cyb

ersp

ace

Sta

te &

Lo

cal

Go

v’t

Cyb

ersp

ace

Other USCyberspace

(includes DIB)&

AssociatedCyber

Infrastructure

CADC FOCUS

Cyberspace Business Areas

COMMERCE

Cyberspace importance is increasing

Cyber Ops

• Establish the Domain– Form Cyber Networks– Secure Cyber Networks

• Defend the Domain– Passive Defense– Active Defense

• Use the Domain– Business Augmentation– Internet Business– Participatory Services

PhysicalNetworks

Information Protection

Electronics (& Infrastructure)

Elec

trom

agne

tic S

pect

rum D

igital Data &

Code

Cyber Use

Force Protection

Elect

roni

c

Prote

ctio

nD

ata/Code

Protection

InfluenceProtection

Physical Attack(includes Directed Energy)

CyberAttack

ElectromagneticSpectrumAttack

Influence Attack

LogicalNetworks

WirelessNetworks

Effects of Attacks:• Denial of Service• Confidential Data Loss • Data Manipulation• System Integrity Loss

Social Networks

LawEnforcement

Offense

Mission Assurance: Focus on Effects

ATTACKS TARGETS EFFECTS

Human Organization

Mission Layer

App/Session Layer

OS/Network Layer

HW/Systems Layer

Devices & Linkages

DisinformationConfusionC2 DisruptionAlter Behaviors

InaccuraciesInduced FailuresDenial of ServiceData Exfiltration

MalfunctionsPerformance lossLost Comms

Insider Attacks;Social engineering

Data and policyCorruption

Worms, virusesFlooding

Backdoor Implants

Physical Destruction

Code ManipulationMalware

Source: 2008 AFSAB Study

Passive Defense Active Defense Mission Assurance

SensorData

SensorData (in)

IntelInfo (out)

IntelInfo

Intel InfoCmd Input

GndStation

Cmd Out(Gnd Cdr)

Control (in)Data (out)

Cmd Out(Air Cdr)

Control (out)Sensor (in)

Sensor(Out)

CoordAOC/ASOC

CoordAOC/ASOC

Coord

AOC-UAS Terrestrial

Sensors

RPA: Remotely Piloted AircraftAOC: Air Operations CenterASOC: Air Support Operations Center

Target

AOC Resiliency Study—C3 View

RPA Ctrl

AOC

ASOC

FusionCenter

AOC Resiliency Study—Ops View

RPA Ctrl ASOC

FusionCenter

GndStation

AOC

SensorData

Sensors

Intel Info

SensorData (in)

IntelInfo (out)

Control (out)Sensor (in)

Sensor(Out)

Coord

Control (in)Data (out)

AOC/ASOCCoord

AOC-UAS Terrestrial

Dotted lines denote operational connections

RPA: Remotely Piloted AircraftAOC: Air Operations CenterASOC: Air Support Operations Center

Target

Degraded Cyberspace

15

Observe

PhysicalSpace

Cognitive “Space”

Sensors DataIntegration

OpsIntegration

Effects(Integrated Actions)

KnowledgeOperations

LegacyOperations

Intelligence

Cyberspace Exploitation

Logistics

Cyber

Orient

DecideAct

Situational Awareness

Linked Ops CentersCyber-enabled Global Operations

Value Chain in a Cyber World

OPPORTUNITIES• Shopper Dialogue• Information

Sharing• Synchronized

Production• Integrated

Logistics• Sustainability• Company Cyber

Culture

16

Consumer isa Partner

Quality isa commodity

OpenNetworkrules

ConsumerBehavior

Prod

uct

Flow

Information

Flow

FutureValueChain

GCI Initiative, 2008

Warfighter-Industry Collaboration

Military User

(Warfighter)WIC-E

RequirementDevelopers

Programmers

AcquisitionCommunity

Capability Provider(Private Sector)

NormalProcess

“WIC-E”Process

Test &Evaluation

Multi-State CADC Relationships

LANOSC

ARNOSC

MSNOSC

TX NOSC

Cyber Assurance and Defense Network Center

ARGuard

LAGuard

MSGuard

TXGuard

Internet

AR Network LA Network MS Network TX Network

Operational & Strategic Leaders

Operational LeaderSupervise and

integrate technical skills with mission

Technical SkillsSuch as cyber Security, Info Assurance,

Software Assurance, Network Mgmt, Communications, Knowledge Management, Visualization …

StrategicLeader

Exploit Cyberspace

CurrentCyber WorkforceDevelopmentFocus

Cyber-enabledLeadershipDevelopmentShortfall

Facilitating Cyber Partnerships

NationalGuard

LawEnforcement

Cyber(& related)Industries

Dept of HomelandSecurity

CyberSecurity &DefenseCenter

CyberspaceInnovation

Center

AcademicCommunity

Assurance& SecurityEducation

DoD

Challenge: Cultural (R)evolution

Hierarchical Culture Cyber Culture

21

Hierarchy Level ---- Power ---- ConnectionsHierarchy Level ---- Value ----- Contribution

Future

Alternative Strategies are available: Can we “break” the cultural barrier?