Where do you think Cyber Security belongs?

2015-03-31T15:04:00-04:00

I ask this question, because in the past, I always saw this as an IT piece of network security. Today, those lines are blurred. There are so many pieces of Security that tie in to Cyber Security. Think of social engineering and physical security. We need to physically have areas locked down and guarded so we don't have someone inserting a device somewhere and opening a port on a network.

In the military, we have Force Protection/Anti-Terrorism units that have Cyber Security sections. Many different areas of the civilian world have Cyber Security seperate from the IT departments altogether.

So where do you think this fits in the military, in our world today?

I'm also attaching an article I read:

http://www.defense.gov/news/newsarticle.aspx?id=128305

Response by SFC Private RallyPoint Member made Mar 31 at 2015 3:18 PM

2015-03-31T15:18:31-04:00

Nice question. I'm not an IT guy, but just my 2 cents. They do overlap, but they are also distinctly different as you said. I won't even say one is necessarily a subset of the other. I do like your "Hardware" vs "Social Engineering" description because in general, I think that has a lot of credibility. In short, I agree that they are distinct from each other. A complete approach would need to address both.

Overlap, where hardware supports and interfaces with the social engineering aspect as one example.

Response by MSG Charles Perkins made Mar 31 at 2015 3:22 PM

2015-03-31T15:22:16-04:00

One of the questions that need to be answered is at what level does cyber security need to be applied? I would postulate that it needs to be applied all through from company level and up. In garrison, the existing G6/NIST structure would work with oversight and training down to the individual service member. However, with our current distributed deployment posture where Companies might find themselves on isolated FOBs/COBs then the coverage needs to be there also. Social engineering and OPSEC threats dont stop when you leave garrison.

Response by TSgt Joshua Copeland made Mar 31 at 2015 3:33 PM

2015-03-31T15:33:00-04:00

I think it is an emerging new area that fits in either on it's own, in IT or in traditional security just depending on the size, scope and mission of the organization. It is hard to be the master of all things. A large IT based firm would likely have a separate cyber security dept in addition to a traditional security dept. A very small company might have their IT dept handle it. A company with no "in house" IT would likely have their traditional security handle it.

Response by COL Jason Smallfield, PMP, CFM, CM made Mar 31 at 2015 3:45 PM

2015-03-31T15:45:19-04:00

Where Cyber Security belongs depends upon how it is defined and visualized. These are important things that should be critically thought about along with DOTMLPF (doctrine, organization, training development, material, leader development, personnel, facilities) considerations. Some historical examples.
- Tank. The tank was introduced in 1917. The British and French saw the tank as an infantry support vehicle and thus developed their DOTMLPF to support this vision. The Germans saw the tank as an independent vehicle and thus developed their DOTMLPF to support this vision. End result: the Germans kicked the British and French butts within six weeks in May 1940 even though the British and French had more tanks and their tanks were better (more powerful and heavily defended but less mobile).
- Airplane. The plane was first seen in 1904 and used in WWI. The Germans created a separate Air Force but saw the purpose of that Air Force to be tactical (support the Army). This is one reason why the Germans were not able to set proper air conditions for the invasion of Great Britain during the Battle of the Blitz. The Americans kept the Air Force as part of the Army (Army Air Corps) during WWII but created both strategic and tactical capability. The Air Force split from the Army in 1947. End result: The US was able to set tactical and strategic air conditions for the invasions of Europe, Germany, and Japan.
- Machine guns. Originally heavy and immobile thus Machine Gun Battalions were created in WWI. Eventually became lighter and more mobile which allowed for infusion into all elements at the platoon level.
- Cyber Security. Short answer is that I do not yet know where Cyber Security belongs but I know the methodology I will use to answer that question were I passionate about it to pursue it. Cyber security includes many different elements including but not limited to: offensive capability, defensive capability, engineering aspects (physical structures), IT aspects, private and public implications, etc.

Response by SGT Nia Chiaraluce made Mar 31 at 2015 3:46 PM

2015-03-31T15:46:16-04:00

As a signal NCO, I can easily see the 25D fitting in with our structure as a signal corps. However, the 35 series would fall up under the intel community. I see overlap and it would make the most sense to group them with the others.

Response by SSgt Private RallyPoint Member made Mar 31 at 2015 4:41 PM

2015-03-31T16:41:03-04:00

There has got to be a meme for a new military service out there called the "Cyber Force"... It is comprised almost entirely of pimple ridden former basement dwellers...

All joking aside, Cyber Security and Information System Security are a large piece that do not only fit within one service. The use of the information domain as a weapon has been around for much longer than the advent of the cyber space. Exact details of which I wish I could speak to.

Each one of our weapon systems, whether they are controlled by the Army, Air Force, Navy or USMC will have a need for protection from intrusion and a quick method of detection that go far beyond inserting a "device" on a network. Compromising NIPRNet is as easy as someone opening up their Gmaill, or other free email account message and clicking on a link. It has happened before and it will happen again.

In short, cyber security belongs right where it is; as a component of each of the service's cyber security and information system security plans. Perhaps even standing up their own command dedicated solely towards Information System security protection and cyber attack. An example of this would be the Air Force's Cyber Command.

I could see a Cyber Command structure that is very similar in concept to the IC (Intelligence Community).

Response by 1SG(P) Private RallyPoint Member made Mar 31 at 2015 4:49 PM

2015-03-31T16:49:08-04:00

To see real time Cyber attacks, try: http://map.ipviking.com

Norse - IPViking Live

Every second, Norse collects and analyzes live threat intelligence from darknets in hundreds of locations in over 40 countries. The attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber attacks by bad actors. At a glance, one can see which countries are aggressors or targets at the moment, using which type of attacks (services-ports).

Response by Lt Col Private RallyPoint Member made Mar 31 at 2015 9:32 PM

2015-03-31T21:32:20-04:00

I like the one members description of a cyber community like the IC. There will have to be many cells within each of the services and probably units that will address different functions, deal with certain threats and have various tactics at their disposal. Tactical options should be at a lower level while more strategic responses are elevated. Which raises the question of who is only authorized to be defensive and who can actually respond with countermeasures. Domestically it should be homeland security with the NSA. Overseas it should be the military in my opinion.

Response by SPC Angel Guma made Apr 1 at 2015 8:02 PM

2015-04-01T20:02:15-04:00

SSG-

Excellent website.

Personally I don't think there's a right or wrong way of looking at it. It really just comes down what the military has a whole wants. Enforcing a decision by pulling rank would get something done, but culture is a hard thing to weed out and cyber warfare is just becoming accepted.

Response by TSgt Private RallyPoint Member made Apr 7 at 2015 11:24 PM

2015-04-07T23:24:46-04:00

The simple answer, at the desktop/laptop/mobile device of EVERY Soldier, Sailor, Marine, Airman, Government Civilian, and Contractor that access any and all systems. That said, we need to get into the mindset that security has to be part of the build plan and not an after thought. How many people have physical access to your device? Until we can get buy-in from the USERS of the systems, security in the cyber realm will be a dream and this is one area where just one person who is careless can be party to a network compromise.

Ask yourself this question, how many of you have stepped away for "just a second" and left your computer logged in and not locked? Be honest, this isn't a graded exam (yet). How long does it take to craft an all-hands e-mail? What about exposing your's or someone else's PII?

Response by SSG Private RallyPoint Member made Oct 28 at 2015 4:11 AM

2015-10-28T04:11:17-04:00

I think it should be its own entity: Land, Sea, Air, Cyber.

I think the Cyber realm should have different PT, HT/WT, Test Scores, Mandatory Training, etc for their realm. This would enable us to bring in people that might not be the most physically fit for combat operations but are mentally fit for cyber operations.

Response by SGT Private RallyPoint Member made May 9 at 2017 2:58 PM

2017-05-09T14:58:14-04:00

Cyber is a new realm of warfare just like land, sea, and air. It can potentially be the most dangerous as well. DOD needs to stop whatever experiment they are trying and create a separate branch all together for Cyber. This is a realm that is not going anywhere, is only going to expand, and will define how every single branch operates.