New U.S. standards for cyber operations

07/06/2012

A new organizational framework approved by U.S. Secretary of Defense Leon Panetta will be the first step towards the standardization of cyber operations, as reported by DefenseNews. This interim framework will not only standardize existing structures and procedures but will establish new relationships across various departments to enhance and advance the full spectrum of cyber capabilities.

Increased powers in offensive and defensive operations will fall under the geographic combatant commanders’ supervision and a new link between the combatant commanders and the U.S Cyber Command (CYBERCOM) Combat Support Elements will be established. The newly created Joint Cyber Centers (JCC) will provide deeper intelligence and specific know-how and become the necessary “nexus for combatant command cyberspace enterprise”.

JCC units will be operative in each geographic combatant command by June 2012, in charge of offensive operations and the protection of the combatant commands’ networks, merging responsibilities previously scattered among different actors. Every JCC unit will also include the existing cyber personnel from each command and will work with a CYBERCOM staffed combat support element (CSE) also in place in each geographic command. The purpose of the latter is to provide a link back to CYBERCOM and take advantage of its intelligence and panel of experts.

Experts showed concerns regarding the implementation of the plan, in particular staffing and budget issues. Furthermore the new framework doesn’t include any reference to the legal issues surrounding cyber activities, nor does it solve the ongoing “division of responsibility” issue between the combatant commands, the intelligence community and Department of Homeland Security.

Regardless of resource limitation, Panetta emphasized the need for a quick implementation explaining “Although I expect you may find that you need additional resources to implement a complete and enduring C2 (command and control) framework within your commands, speed is important”. He added “The speed and intensity with which adversaries could exploit vulnerabilities in the DOD Global Information Grid jeopardizes the Department’s ability to execute successful military operations”.

The U.S. Central Command’s CYBERCOM CSE is currently the only fully operational command, but a final framework is set to be decided within the year.

©CC BY 2.0; 120105-D-BW835-010 - DOD Photo by Erin A. Kirk-Cuomo 
Original source: flickr.com