STRATEGIC INTELLIGENCE MANAGEMENT

Chapter by Paul de Souza

Chapter 18 - National Cyber Defense Strategy, Pg. 224

Section 4: Future Threats and Cyber Security

18. National Cyber Defense Strategy, Pg. 224

• A solid national cyber defense strategy must be based on the understanding that although risk can be minimized, the threat can never be completely eliminated. The attack surface will always be present no matter how many layers of defense one implements. Defense in depth in conjunction with situational awareness and active defense when properly implemented can take any nation from being reactive to proactive.

• Defense in depth is nothing but the active deployment of computer network defense (CND). According to the U.S. Joint Chiefs publication “Joint Pub 3-13, Information Operations,” CND involves actions taken via computer networks to protect, monitor, analyze, detect, and respond to network attacks, intrusions, disruptions, or other unauthorized actions that would compromise or cripple defense information systems and networks. According to the U.S. Department of Defense, defense depth is also “the sitting of mutually supporting defense positions designed to absorb and progressively weaken attack, prevent initial observations of the whole position by the enemy, and to allow the commander to maneuver the reserve.”

Section 4: Future Threats and Cyber Security

18. National Cyber Defense Strategy, Pg. 224

• Solid defense operating concepts in the cyber domain will take into consideration the fluid nature of cyberspace and keep up with its rapid pace of change. When speaking about defense, a phrase often heard from cyber security professionals is “in near-real time” or even defense “in real time.” What does it mean to be able to defend one's systems and data in real time? Is it even possible?

• Most cyber security vendors want potential clients to believe that such capabilities rest upon their technological solutions, when in reality the solution is a combination of technologies and human capabilities. The gap found in most cyber defense strategies is the lack of human capabilities, the lack of proper trained cyber security professionals, and the lack of SA.

• A current global trend is for cyber security professionals, so-called cyber warriors, to have their training focus on specific technologies, tools, and segmented methodologies that apply only to defensive matters. In the physical domain, soldiers are trained to both defend and attack; the same reality must be applied in cyberspace by training our cyber warriors to be battle focused.