Page 33 - FCW, October 2017
P. 33

Commentary|BY WILLIAM S. COHEN
WILLIAM S. COHEN
was secretary of Defense from 1997 to 2001, after serving in the Senate from 1979 to 1997.
The 20-year climb to an elevated Cyber Command
A 1997 military exercise was the first step in a journey toward a unified combatant command for countering cyberthreats
Lost in this year’s cyber debacles were the positive actions taken to prevent and counter ever more pervasive and sophisticated cyberthreats.
Secretary of Defense Jim Mattis
is implementing President Don-
ald Trump’s directive to elevate
the U.S. Cyber Command to be a unified combatant command that reports directly to the president and secretary of Defense. That action will enhance our nation’s ability to effectively address the full range of cyberthreats. It is the culmination of a journey that began some 20 years ago.
A no-notice military exercise
in 1997, dubbed Eligible Receiver 97, demonstrated that government authorities had little ability to rec- ognize — much less defend against — a coordinated network attack and that our nation’s critical infra- structure was vulnerable to cyber disruption. The exercise combined simulated denial-of-service attacks on the 911 systems in nine large U.S. cities and actual penetration and disruption of military networks to the very top of the national com- mand system. The timing of ER97 was impeccable because it coincid- ed with a series of real-world cyber- attacks that validated the exercise findings.
With the ER97 results still rever- berating, the President’s Com- mission on Critical Infrastructure Protection issued a report with numerous recommendations to enhance federal, state, local and pri-
vate cooperation to strengthen criti- cal infrastructure protection. It led to Presidential Decision Directive 63 on critical infrastructure protection, which among other things created Information Sharing and Analysis Centers to improve cooperation between public officials at all levels of government and private execu- tives and established the National
The commander of U.S. Cyber Command had as many as three bosses, depending on what mission he was executing.
Infrastructure Protection Center. Congress is now working to make NIPC’s successor a fully operational
Cybersecurity and Infrastructure Security Agency to coordinate across all levels of government and with the private sector.
At the Defense Department, we recognized the need to assign cyber operations to one of our combat- ant commands, which are the only organizations authorized to conduct combat operations under the com- mand and control of the president and secretary of Defense. The initial step was to create the Joint Task Force for Computer Network Defense, which in 1998 we assigned to the U.S. Space Command — the
first time a warfighting command had the authority to direct defensive operations in cyberspace. Over the next few years, successor organiza- tions grew in resources and capabili- ties, including authority for offen- sive action.
When the mission transitioned
to the U.S. Strategic Command
in 2002, responsibilities for cyber defense and offense were split, with the latter under a new Joint Func- tional Component Command- Network Warfare, whose com- mander was dual-hatted with the National Security Agency director to leverage the overlap between intelligence exploitation and offen- sive operations.
In 2010, Secretary of Defense Bob Gates consolidated all cyber opera- tions under U.S. Cyber Command to better address a rapidly expand- ing threat. But that move retained the NSA director as its dual-hatted commander who was still subor- dinate to U.S. Strategic Command. As a result, the commander of U.S. Cyber Command had as many as three bosses, depending on what mission he was executing.
The impending establishment of Cyber Command as a unified com- mand simplifies the chain of com- mand and emphasizes the impor- tance of the cyber mission. It also brings to completion a 20-year jour- ney from an exercise that exposed our vulnerabilities and crystallized the recognition that superior IT infrastructure had become our nation’s Achilles’ heel. n
October 2017 FCW.COM 13










































































   31   32   33   34   35