DISA cyber protection teams deployed
- By Sean Lyngaas
- Sep 23, 2015
DISA Director Lieutenant General Alan R. Lynn (left) and Army Deputy Chief Information Officer Gary C. Wang.
Lt. Gen. Alan Lynn is only two months into his job as Defense Information Systems Agency director, but is already knee-deep overseeing cyber operations to defend Defense Department networks that he described as being under siege from hackers.
“The first three weeks in command, I had my Joint Force Headquarters DODIN hat on because I was fighting the fight in cyberspace,” Lynn said Sept. 23, referring to the DISA unit, created in January, that is charged with building DOD’s capacity to defend its networks. Lynn, who also heads JFHQ DODIN, spoke at a Defense Systems-hosted conference in Arlington, Va.
Lynn, who was promoted from DISA vice director in July to take over for the retiring Lt. Gen. Ronnie Hawkins, revealed that the cyber protection teams employed by JFHQ DODIN have been used in seven named operations since the force’s inception in January.
When asked by FCW to elaborate on what those operations achieved and why they were ordered, Lynn was coy. “They were all cyber events of varying degrees and that required action on the part of those teams,” he said. “Some deployed, some did not have to because it’s cyberspace – you just dig in and you go wherever you got issues.”
That Lynn has spent a good chunk of his first two months at the helm focusing on JFHQ DODIN operations illustrates the magnitude of the challenge of defending Pentagon networks. The volume of threats is daunting. Out of “700 million emails that we’ll get in a month, about 98 million” are benign, he said. The rest are spam and other potentially malicious content.
The emergence of JFHQ DODIN is also emblematic of the pressing need for the Pentagon to organize its cyber capabilities to allow for coherent offensive and defense strategies. The joint force was established to take some pressure off Cyber Command. The goal is to leave the management of capacity-building to DISA so Cyber Command can focus on executing the Pentagon’s cyber capabilities.
Like many a DOD IT official in recent months, Lynn expressed general interest in making better use of data analytics to manage cyber threats. The lieutenant general told the audience of industry executives that he has high hopes for software-defined networking, an IT architecture that centralizes network intelligence in software-based controllers. The ability to regenerate a network after it has been attacked could help the Pentagon gain a firmer footing in cyberspace, he said.
But for the most part in the Q&A session, Lynn was short on specifics on the types of analytical tools he is looking for to defend DOD networks.
Later in the conference, Gary Wang, the Army’s deputy chief information officer, fittingly called analytics the “buzzword du jour,” adding that it is not “one big, huge thing. It can be very specific.” Analytics need to be broken down by functional area to prioritize how various tools are applied, he said.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.