Cybersecurity

Cyber Command takes the fight abroad

Paul Nakasone confirmation hearing for NSA 

Cyber Command launched in 2010 with a mission of defending Defense Department networks, but it has evolved into a more proactive organization, its top leaders say.

Gen. Paul Nakasone, CyberCom chief and director of the National Security Agency, outlined its "persistent engagement" and "defend forward" strategies that involves meeting adversaries in cyberspace "on a recurring basis" in an Aug. 25 Foreign Affairs article titled How to Compete in Cyberspace.

"We learned that defending our military networks requires executing operations outside our military networks. The threat evolved, and we evolved to meet it," Nakasone and senior adviser Michael Sulmeyer wrote.

One result of persistent engagement is the ability to collect and disclose information, including potentially destructive malware deployed by nation-state actors, to other government and the private sector to enable patching and other defense.

Nakasone and Sulmeyer are confident that such continuous engagement with cyber adversaries ballooning "from hacking to all-out war" because "inaction poses its own risks."

"Some have speculated that competing with adversaries in cyberspace will increase the risk of escalation—from hacking to all-out war. The thinking goes that by competing more proactively in cyberspace, the risk of miscalculation, error, or accident increases and could escalate to a crisis. Cyber Command takes these concerns seriously, and reducing this risk is a critical part of the planning process," they wrote. "We are confident that this more proactive approach enables Cyber Command to conduct operations that impose costs while responsibly managing escalation."

One key concern, the two write, is that "one-off cyber operations are unlikely to defeat adversaries." But Nakasone also stressed, as he often has in the past, that cyber operations "are not silver bullets, and to be most effective, they require much planning and preparation."

"Cyber Command's capabilities are meant to complement, not replace, other military capabilities, as well as the tools of diplomacy, sanctions, and law enforcement," the authors wrote. "U.S. cyber forces should continue to be more proactive and implement the strategy to contest our adversaries' malicious activity online. But our actions must also remain consistent with the law of armed conflict and other important international norms."

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


Featured

  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected