Alexander: Military cybersecurity requires broader training

The Defense Department’s cybersecurity efforts require broader-based training and better support mechanisms for the military services, while still protecting civil liberties, said Lt. Gen. Keith Alexander, the man expected to head the military’s new U.S. Cyber Command.

“The nation that started the Internet ought to be the first to secure it and still protect civil liberties,” he said, speaking at a cybersecurity conference in Washington Thursday. “We can and we must.”

To accomplish that, Alexander said, “We have to have a common block of training for all the [military] people that operate in cyberspace so that everyone understands the nature of the network.”

“We’ve also got to give our network operations people the security clearances they need, so they can understand the nature of the threats” the military is dealing with on a daily basis, he said.

Alexander’s comments drew particular attention following Defense Secretary Robert Gates June 23 announcement directing U.S. Strategic Command to establish a new unified military command dedicated to cyberspace. The new command is to be led by the director of military’s National Security Agency, the position now held by Alexander, in a “dual-hatted” capacity. The expansion of Alexander’s duties must still be approved.

The new Cyber Command is charged with developing a coordinated strategy for defending the military’s information networks, and rules for engaging offensively in cyberspace. It also must resolve how to work with the Homeland Security Department, the intelligence community, U.S. allies, and industry, which operates much of the infrastructure that the military relies on.

Speaking at conference organized by the Armed Forces Communications and Electronics Association’s D.C. chapter, Alexander warned that the organized cyberattacks on Estonia, Latvia and Georgia illustrate how the Internet has become a potential battleground.

“We’re going from a network,” originally designed for communications, “to one we’re going to be fighting over,” he said.

It raises the question, he said, “Where’s the common defense?” The answer, he said, is “It’s not there. You have network operators and defense (teams) in separate stove pipes, with no capability” to work together in real time. “We need to fix that,” he said.

“We’ve got to become more joint in our operations,” he said, and “build the mechanisms so the services can plug into them,” while still having the tools to accomplish their respective missions.

“And in the IT arena, we have to make things happen at network speed,” he said.

Alexander also stressed, however, that “civil liberties, privacy and security can and must coexist. We’re not saying you have to give up one to have the other. It’s not going to be easy,” he said. “We’re going to have to work to do it.”