Cybersecurity

Dunford: U.S. has work to do in cyber deterrence

Joint Chiefs of Staff Chairman Gen. Joseph Dunford stressed the need to beef up resiliency and improve the government's ability to attribute activity in cyberspace.

The U.S. military still has a lot of work to do to improve its ability to deter adversaries in cyberspace, according to the country's top general.

"We...need to develop a framework within which to deter cyberthreats, and obviously attributing threats and managing escalation and hardening ourselves against cyberattacks are all areas that require more work," said Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, during a March 29 appearance at the Center for Strategic and International Studies in Washington.

The Obama administration sent a cyber deterrence policy to lawmakers last December after long-standing criticism from Capitol Hill that the administration lacked a strategy. All instruments of power, including military and economic means, should be used to "create uncertainty in adversaries' minds about the effectiveness of any malicious cyber activities," the plan states.

In response to questions after his remarks, Dunford said he was not referencing the administration's broad deterrence strategy but instead talking about "operationalizing" cyber deterrence. Beefing up resiliency and improving the government's ability to attribute activity in cyberspace to its source are part of that effort, he added.

A deterrence framework is one thing, but "operationalizing that and actually having the tools to implement that, those are all different things," Dunford said.

Although U.S officials have generally said the government's ability to identify hackers or other actors in cyberspace has improved, the progress comes with a caveat, said Adm. Michael Rogers, commander of U.S. Cyber Command. Nation-states could increasingly turn to surrogate actors to cloak their operations in cyberspace, he has predicted.

The Joint Chiefs' unclassified email network suffered a debilitating hack beginning in July 2015 that shut down the network for about two weeks. Dunford has said the hack, which news reports have attributed to Russian spear phishers, showed that the Defense Department had made insufficient investments in cyberspace.

In response to an array of cyberthreats to defense systems and out of a desire to boost the military's own hacking capabilities, Dunford and Defense Secretary Ash Carter have asked Congress for about $6.7 billion to spend on cybersecurity in fiscal 2017. That is $900 million more than DOD spent in fiscal 2016.

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.