What a WWII battle can teach about cybersecurity

The Battle of the Atlantic was World War II’s longest military campaign and centered on U.S. merchant ships and German U-boats, but there are lessons from that battle that are applicable to the Defense Department’s enterprise approach to cyber warfare, according to the Defense Information Systems Agency’s second-in-command.

“Early on in the Battle of the Atlantic in 1942, you had a battle space that was spread out over a very extensive area, and you had an asymmetric force element in the U-boats that were able to take great advantage of that large battle space,” said Rear Adm. David Simpson, DISA vice director. “In many respects, in cyber that’s where we’re at today – we’ve got a very broad battle space that constitutes DOD’s cyberspace, surrounded by a broader, expanding Internet.”

Simpson spoke March 9 at an event sponsored by AFCEA’s Northern Virginia chapter.

Today, the cyber adversary has an advantage in technology that often evolves faster than defensive action. But, Simpson said, an enterprise approach can better forge a collective defense that covers more ground in cyberspace – like U.S. convoys did in the Battle of the Atlantic, a plan that turned the tide in favor of the Allies.

Those large convoys of 100 or more ships and aircraft helped control the large swaths of ocean and yielded critical intelligence, Simpson said.

“In cyberspace, by having an enterprise approach we essentially constrain the environment in the same way the convoys did in World War II. We’re able to identify key terrain and put sensors in and around that key terrain to spot adversary activity – which looks to us like anomalous activity,” he said.

For DOD cyber operations, the enterprise approach is a good start, but full-spectrum defense requires more, including skilled intelligence personnel.

“Like in World War II, we have to stitch that information together for cyber. The sensors aren’t just enough; you have to bring it together in a time-referenced space where you can bring analytical skill sets to bear – people that can correlate the anomalous events and determine what it means and generate response actions,” Simpson said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.